From d893837d017086aec55dccfee287f35bd40452d7 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 23 Feb 2023 10:04:58 +0800
Subject: [PATCH 001/264] compat.sh: add --list-test-case

The option --list-test-case lists all potential test cases without
executing them. The test case description is identical with $TITLE
during test case execution.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/compat.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/tests/compat.sh b/tests/compat.sh
index 8f7d72c7b6..440e87a2af 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -110,6 +110,36 @@ print_usage() {
     printf "            \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
     printf "  -M|--memcheck\tCheck memory leaks and errors.\n"
     printf "  -v|--verbose\tSet verbose output.\n"
+    printf "     --list-test-case\tList all potential test cases (No Execution)\n"
+}
+
+# print_test_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
+print_test_title() {
+    for i in $3; do
+        TITLE="$1->$2 $MODE,$VERIF $i"
+        echo "$TITLE"
+    done
+}
+
+list_test_case() {
+    reset_ciphersuites
+    for TYPE in $TYPES; do
+        add_common_ciphersuites
+        add_openssl_ciphersuites
+        add_gnutls_ciphersuites
+        add_mbedtls_ciphersuites
+    done
+
+    for VERIFY in $VERIFIES; do
+        VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
+        for MODE in $MODES; do
+            print_test_title m o "$O_CIPHERS"
+            print_test_title o m "$O_CIPHERS"
+            print_test_title m g "$G_CIPHERS"
+            print_test_title g m "$G_CIPHERS"
+            print_test_title m m "$M_CIPHERS"
+        done
+    done
 }
 
 get_options() {
@@ -139,6 +169,10 @@ get_options() {
             -M|--memcheck)
                 MEMCHECK=1
                 ;;
+            --list-test-case)
+                list_test_case
+                exit 0
+                ;;
             -h|--help)
                 print_usage
                 exit 0

From 235469302d592873dac98230f7ede501d0150315 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 24 Feb 2023 14:53:29 +0800
Subject: [PATCH 002/264] check_test_cases.py: support checking test coverage
 in compat.sh

Test case description in compat.sh is in format of
    [ogm]->[ogm] TLSmode, VERIFY CIPHERSUITE_NAME

This program calls compat.sh to list all potential test case
descriptions then checks test case duplication.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/scripts/check_test_cases.py | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index d84ed042c4..dd167672f3 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -25,6 +25,7 @@ import argparse
 import glob
 import os
 import re
+import subprocess
 import sys
 
 class Results:
@@ -111,6 +112,24 @@ state may override this method.
                 self.process_test_case(descriptions,
                                        file_name, line_number, description)
 
+    def walk_compat_sh(self, file_name):
+        """Iterate over the test cases compat.sh with a similar format."""
+        descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
+        compat_cmd = ['sh', file_name, '--list-test-case']
+        result = subprocess.run(compat_cmd,
+                                stdout=subprocess.PIPE,
+                                check=False)
+        if result.returncode != 0:
+            print(*compat_cmd, 'returned', str(result.returncode))
+            return
+        else:
+            # Pattern: g->m dtls12,no TLS_DHE_PSK_WITH_AES_128_CBC_SHA\n
+            m = re.findall(br'[^ogm]*((?:[ogm]->[ogm]\s*\w*.\w*\s\w*)*)\n',
+                           result.stdout)
+            if m:
+                for i in m:
+                    self.process_test_case(descriptions, file_name, 1, i)
+
     @staticmethod
     def collect_test_directories():
         """Get the relative path for the TLS and Crypto test directories."""
@@ -136,6 +155,9 @@ state may override this method.
             for ssl_opt_file_name in glob.glob(os.path.join(directory, 'opt-testcases',
                                                             '*.sh')):
                 self.walk_ssl_opt_sh(ssl_opt_file_name)
+            compat_sh = os.path.join(directory, 'compat.sh')
+            if os.path.exists(compat_sh):
+                self.walk_compat_sh(compat_sh)
 
 class TestDescriptions(TestDescriptionExplorer):
     """Collect the available test cases."""

From 3fcd3a73c97394a52b82badf67e2357c31ffd0cf Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 24 Feb 2023 17:07:47 +0800
Subject: [PATCH 003/264] compat.sh: uniform test description

Test case description is printed by different block of code. This
causes code maintenance harder since we need to maintain two parts
of code with same functionality. print_test_title is used to
control test case description in compat.sh

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/compat.sh                   | 25 +++++++++++++------------
 tests/scripts/check_test_cases.py |  4 ++--
 2 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/tests/compat.sh b/tests/compat.sh
index 440e87a2af..9a435c312c 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -35,6 +35,7 @@ TESTS=0
 FAILED=0
 SKIPPED=0
 SRVMEM=0
+LIST_TEST_CASE=0
 
 # default commands, can be overridden by the environment
 : ${M_SRV:=../programs/ssl/ssl_server2}
@@ -113,14 +114,6 @@ print_usage() {
     printf "     --list-test-case\tList all potential test cases (No Execution)\n"
 }
 
-# print_test_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
-print_test_title() {
-    for i in $3; do
-        TITLE="$1->$2 $MODE,$VERIF $i"
-        echo "$TITLE"
-    done
-}
-
 list_test_case() {
     reset_ciphersuites
     for TYPE in $TYPES; do
@@ -170,6 +163,7 @@ get_options() {
                 MEMCHECK=1
                 ;;
             --list-test-case)
+                LIST_TEST_CASE=1
                 list_test_case
                 exit 0
                 ;;
@@ -824,14 +818,21 @@ wait_client_done() {
     echo "EXIT: $EXIT" >> $CLI_OUT
 }
 
+# print_test_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
+print_test_title() {
+    for i in $3; do
+        TITLE="$1->$2 $MODE,$VERIF $i"
+        DOTS72="........................................................................"
+        printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72"
+        [ $LIST_TEST_CASE -eq 1 ] && printf "\n"
+    done
+}
+
 # run_client PROGRAM_NAME STANDARD_CIPHER_SUITE PROGRAM_CIPHER_SUITE
 run_client() {
     # announce what we're going to do
     TESTS=$(( $TESTS + 1 ))
-    TITLE="${1%"${1#?}"}->${SERVER_NAME%"${SERVER_NAME#?}"}"
-    TITLE="$TITLE $MODE,$VERIF $2"
-    DOTS72="........................................................................"
-    printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72"
+    print_test_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2
 
     # should we skip?
     if [ "X$SKIP_NEXT" = "XYES" ]; then
diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index dd167672f3..b75d51743a 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -123,8 +123,8 @@ state may override this method.
             print(*compat_cmd, 'returned', str(result.returncode))
             return
         else:
-            # Pattern: g->m dtls12,no TLS_DHE_PSK_WITH_AES_128_CBC_SHA\n
-            m = re.findall(br'[^ogm]*((?:[ogm]->[ogm]\s*\w*.\w*\s\w*)*)\n',
+            # Pattern: g->m dtls12,no TLS_DHE_PSK_WITH_AES_128_CBC_SHA .......... \n
+            m = re.findall(br'[^ogm]*((?:[ogm]->[ogm]\s*\w*.\w*\s\w*)*)\s*\.*\s*\n',
                            result.stdout)
             if m:
                 for i in m:

From 7b394da7381aa58f009da0995f8ae9cc92488796 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 2 Mar 2023 11:41:26 +0800
Subject: [PATCH 004/264] compat.sh: fix uncompatiable name of peers in
 --list-test-case

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/compat.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/compat.sh b/tests/compat.sh
index 9a435c312c..37df940cea 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -126,10 +126,10 @@ list_test_case() {
     for VERIFY in $VERIFIES; do
         VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
         for MODE in $MODES; do
-            print_test_title m o "$O_CIPHERS"
-            print_test_title o m "$O_CIPHERS"
-            print_test_title m g "$G_CIPHERS"
-            print_test_title g m "$G_CIPHERS"
+            print_test_title m O "$O_CIPHERS"
+            print_test_title O m "$O_CIPHERS"
+            print_test_title m G "$G_CIPHERS"
+            print_test_title G m "$G_CIPHERS"
             print_test_title m m "$M_CIPHERS"
         done
     done

From fb784b26d29730a69842f9cb11b1cb400e896282 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 2 Mar 2023 11:55:55 +0800
Subject: [PATCH 005/264] compat.sh: uniform TITLE format for --list-test-case
 and run_client

uniform_title is used to print identical format of $TITLE between
--list-test-case and run_client. In such way, no matter how $TITLE
is developed, --list-test-case will in the same format of test case
description as stored in OUTCOME.CSV.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/compat.sh | 38 ++++++++++++++++++++++----------------
 1 file changed, 22 insertions(+), 16 deletions(-)

diff --git a/tests/compat.sh b/tests/compat.sh
index 37df940cea..d63fc063bb 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -35,7 +35,6 @@ TESTS=0
 FAILED=0
 SKIPPED=0
 SRVMEM=0
-LIST_TEST_CASE=0
 
 # default commands, can be overridden by the environment
 : ${M_SRV:=../programs/ssl/ssl_server2}
@@ -114,6 +113,14 @@ print_usage() {
     printf "     --list-test-case\tList all potential test cases (No Execution)\n"
 }
 
+# print_test_case <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
+print_test_case() {
+    for i in $3; do
+        uniform_title $1 $2 $i
+        echo $TITLE
+    done
+}
+
 list_test_case() {
     reset_ciphersuites
     for TYPE in $TYPES; do
@@ -126,11 +133,11 @@ list_test_case() {
     for VERIFY in $VERIFIES; do
         VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
         for MODE in $MODES; do
-            print_test_title m O "$O_CIPHERS"
-            print_test_title O m "$O_CIPHERS"
-            print_test_title m G "$G_CIPHERS"
-            print_test_title G m "$G_CIPHERS"
-            print_test_title m m "$M_CIPHERS"
+            print_test_case m O "$O_CIPHERS"
+            print_test_case O m "$O_CIPHERS"
+            print_test_case m G "$G_CIPHERS"
+            print_test_case G m "$G_CIPHERS"
+            print_test_case m m "$M_CIPHERS"
         done
     done
 }
@@ -163,7 +170,6 @@ get_options() {
                 MEMCHECK=1
                 ;;
             --list-test-case)
-                LIST_TEST_CASE=1
                 list_test_case
                 exit 0
                 ;;
@@ -818,21 +824,21 @@ wait_client_done() {
     echo "EXIT: $EXIT" >> $CLI_OUT
 }
 
-# print_test_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
-print_test_title() {
-    for i in $3; do
-        TITLE="$1->$2 $MODE,$VERIF $i"
-        DOTS72="........................................................................"
-        printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72"
-        [ $LIST_TEST_CASE -eq 1 ] && printf "\n"
-    done
+# uniform_title <CLIENT> <SERVER> <STANDARD_CIPHER_SUITE>
+# $TITLE is considered as test case description for both --list-test-case and
+# MBEDTLS_TEST_OUTCOME_FILE. This function aims to control the format of
+# each test case description.
+uniform_title() {
+    TITLE="$1->$2 $MODE,$VERIF $3"
 }
 
 # run_client PROGRAM_NAME STANDARD_CIPHER_SUITE PROGRAM_CIPHER_SUITE
 run_client() {
     # announce what we're going to do
     TESTS=$(( $TESTS + 1 ))
-    print_test_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2
+    uniform_title "${1%"${1#?}"}" "${SERVER_NAME%"${SERVER_NAME#?}"}" $2
+    DOTS72="........................................................................"
+    printf "%s %.*s " "$TITLE" "$((71 - ${#TITLE}))" "$DOTS72"
 
     # should we skip?
     if [ "X$SKIP_NEXT" = "XYES" ]; then

From 521710e91dadbfb41a033aa2e39426f2b139af89 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 2 Mar 2023 14:45:01 +0800
Subject: [PATCH 006/264] check_test_cases.py: simplify how to store test case
 description

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/scripts/check_test_cases.py | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index b75d51743a..b0b84213aa 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -123,12 +123,11 @@ state may override this method.
             print(*compat_cmd, 'returned', str(result.returncode))
             return
         else:
-            # Pattern: g->m dtls12,no TLS_DHE_PSK_WITH_AES_128_CBC_SHA .......... \n
-            m = re.findall(br'[^ogm]*((?:[ogm]->[ogm]\s*\w*.\w*\s\w*)*)\s*\.*\s*\n',
-                           result.stdout)
-            if m:
-                for i in m:
-                    self.process_test_case(descriptions, file_name, 1, i)
+            # Assume compat.sh is responsible for printing identical format of
+            # test case description between --list-test-case and its OUTCOME.CSV
+            description = result.stdout.strip().split(b'\n')
+            for idx, descrip in enumerate(description):
+                self.process_test_case(descriptions, file_name, idx, descrip)
 
     @staticmethod
     def collect_test_directories():

From cdc07083345eef2b2404d7a4a9c55c2546a7899f Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 3 Mar 2023 17:12:29 +0800
Subject: [PATCH 007/264] check_test_cases.py: use check_output to capture
 error and return

This commit includes:
 - use subprocess.check_output to report error and capture return
   value
 - add comment as a reminder for option --list-test-case

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/compat.sh                   |  3 +++
 tests/scripts/check_test_cases.py | 19 +++++++------------
 2 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/tests/compat.sh b/tests/compat.sh
index d63fc063bb..ff621fc75e 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -121,6 +121,7 @@ print_test_case() {
     done
 }
 
+# list_test_case lists all potential test cases in compat.sh without execution
 list_test_case() {
     reset_ciphersuites
     for TYPE in $TYPES; do
@@ -169,6 +170,8 @@ get_options() {
             -M|--memcheck)
                 MEMCHECK=1
                 ;;
+            # Please check scripts/check_test_cases.py correspondingly
+            # if you have to modify option, --list-test-case
             --list-test-case)
                 list_test_case
                 exit 0
diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index b0b84213aa..ae2bfdfe00 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -116,18 +116,13 @@ state may override this method.
         """Iterate over the test cases compat.sh with a similar format."""
         descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
         compat_cmd = ['sh', file_name, '--list-test-case']
-        result = subprocess.run(compat_cmd,
-                                stdout=subprocess.PIPE,
-                                check=False)
-        if result.returncode != 0:
-            print(*compat_cmd, 'returned', str(result.returncode))
-            return
-        else:
-            # Assume compat.sh is responsible for printing identical format of
-            # test case description between --list-test-case and its OUTCOME.CSV
-            description = result.stdout.strip().split(b'\n')
-            for idx, descrip in enumerate(description):
-                self.process_test_case(descriptions, file_name, idx, descrip)
+        compat_output = subprocess.check_output(compat_cmd,
+                                                stderr=subprocess.STDOUT)
+        # Assume compat.sh is responsible for printing identical format of
+        # test case description between --list-test-case and its OUTCOME.CSV
+        description = compat_output.strip().split(b'\n')
+        for idx, descrip in enumerate(description):
+            self.process_test_case(descriptions, file_name, idx, descrip)
 
     @staticmethod
     def collect_test_directories():

From 2b50c651da1cf13a06956438508c58b36c534aff Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 6 Mar 2023 19:35:04 +0800
Subject: [PATCH 008/264] check_test_cases.py: do not redirect stderr to stdout

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/scripts/check_test_cases.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index ae2bfdfe00..2692371ab8 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -116,8 +116,7 @@ state may override this method.
         """Iterate over the test cases compat.sh with a similar format."""
         descriptions = self.new_per_file_state() # pylint: disable=assignment-from-none
         compat_cmd = ['sh', file_name, '--list-test-case']
-        compat_output = subprocess.check_output(compat_cmd,
-                                                stderr=subprocess.STDOUT)
+        compat_output = subprocess.check_output(compat_cmd)
         # Assume compat.sh is responsible for printing identical format of
         # test case description between --list-test-case and its OUTCOME.CSV
         description = compat_output.strip().split(b'\n')

From 14e052fd7cca9a4165bd45b6ad0fcc10cdafbb28 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 6 Mar 2023 19:37:07 +0800
Subject: [PATCH 009/264] compat.sh: return $? in option --list-test-case to
 handle error case

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/compat.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/compat.sh b/tests/compat.sh
index ff621fc75e..68c10c3cce 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -174,7 +174,7 @@ get_options() {
             # if you have to modify option, --list-test-case
             --list-test-case)
                 list_test_case
-                exit 0
+                exit $?
                 ;;
             -h|--help)
                 print_usage

From 07c22c6708bd4c651cfd0fd5dd4cd75a28cbdd25 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Fri, 23 Jun 2023 23:19:40 +0100
Subject: [PATCH 010/264] Reword the description of mbedtls_net_free()

This makes it clearer that the context itself is not being freed.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 include/mbedtls/net_sockets.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 14316fbedb..9f9e2adcf9 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -283,16 +283,16 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
                              uint32_t timeout);
 
 /**
- * \brief          Closes down the connection and free associated data
+ * \brief          Close down the connection and clear the context
  *
  * \param ctx      The context to close
  */
 void mbedtls_net_close(mbedtls_net_context *ctx);
 
 /**
- * \brief          Gracefully shutdown the connection and free associated data
+ * \brief          Gracefully shutdown the connection and clear the context
  *
- * \param ctx      The context to free
+ * \param ctx      The context to gracefully shutdown
  */
 void mbedtls_net_free(mbedtls_net_context *ctx);
 

From 98083c6a173ecdcd2eb9ffc03275f22dc46b4811 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sun, 25 Jun 2023 23:27:45 +0100
Subject: [PATCH 011/264] Add support for SHA-3 in PSA

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/config_psa.h            | 14 +++++++
 include/psa/crypto_builtin_primitives.h |  7 +++-
 include/psa/crypto_config.h             |  1 +
 library/psa_crypto_hash.c               | 52 +++++++++++++++++++++++++
 4 files changed, 73 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index b7e89472f7..b1d386236e 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -113,6 +113,10 @@ extern "C" {
 #define PSA_WANT_ALG_SHA_512 1
 #endif
 
+#if defined(MBEDTLS_SHA3_C)
+#define PSA_WANT_ALG_SHA_3 1
+#endif
+
 
 /****************************************************************/
 /* Require built-in implementations based on PSA requirements */
@@ -270,6 +274,11 @@ extern "C" {
 #define MBEDTLS_SHA512_C
 #endif
 
+#if defined(PSA_WANT_ALG_SHA_3) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1
+#define MBEDTLS_SHA3_C
+#endif
+
 #if defined(PSA_WANT_ALG_PBKDF2_HMAC)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
@@ -865,6 +874,11 @@ extern "C" {
 #define PSA_WANT_ALG_SHA_512 1
 #endif
 
+#if defined(MBEDTLS_SHA3_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1
+#define PSA_WANT_ALG_SHA_3 1
+#endif
+
 #if defined(MBEDTLS_AES_C)
 #define PSA_WANT_KEY_TYPE_AES 1
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index f3e438dd77..ea7da9a1d9 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -45,6 +45,7 @@
 #include "mbedtls/sha1.h"
 #include "mbedtls/sha256.h"
 #include "mbedtls/sha512.h"
+#include "mbedtls/sha3.h"
 
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
@@ -52,7 +53,8 @@
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
 #define MBEDTLS_PSA_BUILTIN_HASH
 #endif
 
@@ -76,6 +78,9 @@ typedef struct {
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
         defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
         mbedtls_sha512_context sha512;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+        mbedtls_sha3_context sha3;
 #endif
     } MBEDTLS_PRIVATE(ctx);
 } mbedtls_psa_hash_operation_t;
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index 9da28de8b7..e79f217755 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -86,6 +86,7 @@
 #define PSA_WANT_ALG_SHA_256                    1
 #define PSA_WANT_ALG_SHA_384                    1
 #define PSA_WANT_ALG_SHA_512                    1
+#define PSA_WANT_ALG_SHA_3                      1
 #define PSA_WANT_ALG_STREAM_CIPHER              1
 #define PSA_WANT_ALG_TLS12_PRF                  1
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index ddf70949c4..44df5526f6 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -73,6 +73,14 @@ psa_status_t mbedtls_psa_hash_abort(
         case PSA_ALG_SHA_512:
             mbedtls_sha512_free(&operation->ctx.sha512);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+        case PSA_ALG_SHA3_224:
+        case PSA_ALG_SHA3_256:
+        case PSA_ALG_SHA3_384:
+        case PSA_ALG_SHA3_512:
+            mbedtls_sha3_free(&operation->ctx.sha3);
+            break;
 #endif
         default:
             return PSA_ERROR_BAD_STATE;
@@ -134,6 +142,24 @@ psa_status_t mbedtls_psa_hash_setup(
             mbedtls_sha512_init(&operation->ctx.sha512);
             ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+        case PSA_ALG_SHA3_224:
+            mbedtls_sha3_init(&operation->ctx.sha3);
+            ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224);
+            break;
+        case PSA_ALG_SHA3_256:
+            mbedtls_sha3_init(&operation->ctx.sha3);
+            ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256);
+            break;
+        case PSA_ALG_SHA3_384:
+            mbedtls_sha3_init(&operation->ctx.sha3);
+            ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384);
+            break;
+        case PSA_ALG_SHA3_512:
+            mbedtls_sha3_init(&operation->ctx.sha3);
+            ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512);
+            break;
 #endif
         default:
             return PSA_ALG_IS_HASH(alg) ?
@@ -196,6 +222,15 @@ psa_status_t mbedtls_psa_hash_clone(
             mbedtls_sha512_clone(&target_operation->ctx.sha512,
                                  &source_operation->ctx.sha512);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+        case PSA_ALG_SHA3_224:
+        case PSA_ALG_SHA3_256:
+        case PSA_ALG_SHA3_384:
+        case PSA_ALG_SHA3_512:
+            mbedtls_sha3_clone(&target_operation->ctx.sha3,
+                               &source_operation->ctx.sha3);
+            break;
 #endif
         default:
             (void) source_operation;
@@ -256,6 +291,15 @@ psa_status_t mbedtls_psa_hash_update(
             ret = mbedtls_sha512_update(&operation->ctx.sha512,
                                         input, input_length);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+        case PSA_ALG_SHA3_224:
+        case PSA_ALG_SHA3_256:
+        case PSA_ALG_SHA3_384:
+        case PSA_ALG_SHA3_512:
+            ret = mbedtls_sha3_update(&operation->ctx.sha3,
+                                        input, input_length);
+            break;
 #endif
         default:
             (void) input;
@@ -326,6 +370,14 @@ psa_status_t mbedtls_psa_hash_finish(
         case PSA_ALG_SHA_512:
             ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+        case PSA_ALG_SHA3_224:
+        case PSA_ALG_SHA3_256:
+        case PSA_ALG_SHA3_384:
+        case PSA_ALG_SHA3_512:
+            ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size);
+            break;
 #endif
         default:
             (void) hash;

From e43076700e877523207204e2918563a9311a47df Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sun, 25 Jun 2023 23:27:53 +0100
Subject: [PATCH 012/264] Add PSA SHA-3 tests

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data  | 64 +++++++++++++++++++
 .../test_suite_psa_crypto_metadata.data       | 16 +++++
 2 files changed, 80 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 9f5133988a..90af796683 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -158,6 +158,70 @@ PSA hash finish: SHA-512 Test Vector NIST CAVS #8
 depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
+PSA hash finish: SHA3-224 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"
+
+PSA hash finish: SHA3-256 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
+
+PSA hash finish: SHA3-384 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"
+
+PSA hash finish: SHA3-512 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
+
+PSA hash finish: SHA3-224 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"
+
+PSA hash finish: SHA3-256 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
+
+PSA hash finish: SHA3-384 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25"
+
+PSA hash finish: SHA3-512 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"
+
+PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33"
+
+PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
+
+PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22"
+
+PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"
+
+PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc"
+
+PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"
+
+PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7"
+
+PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA_3
+hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"
+
 PSA hash finish: MD5 Test vector RFC1321 #1
 depends_on:PSA_WANT_ALG_MD5
 hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index a41d83ad8a..2f3fe3270d 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -26,6 +26,22 @@ Hash: SHA-2 SHA-512
 depends_on:PSA_WANT_ALG_SHA_512
 hash_algorithm:PSA_ALG_SHA_512:64
 
+Hash: SHA-3 SHA3-224
+depends_on:PSA_WANT_ALG_SHA_3
+hash_algorithm:PSA_ALG_SHA3_224:28
+
+Hash: SHA-3 SHA3-256
+depends_on:PSA_WANT_ALG_SHA_3
+hash_algorithm:PSA_ALG_SHA3_256:32
+
+Hash: SHA-3 SHA3-384
+depends_on:PSA_WANT_ALG_SHA_3
+hash_algorithm:PSA_ALG_SHA3_384:48
+
+Hash: SHA-3 SHA3-512
+depends_on:PSA_WANT_ALG_SHA_3
+hash_algorithm:PSA_ALG_SHA3_512:64
+
 MAC: HMAC-MD5
 depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
 hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64

From f66cd61daa4bc37dadb519108663780457867adc Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 26 Jun 2023 11:02:12 +0100
Subject: [PATCH 013/264] Use more standard PSA macro names

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/config_psa.h            | 34 +++++++++++---
 include/psa/crypto_builtin_primitives.h | 10 ++++-
 include/psa/crypto_config.h             |  5 ++-
 library/psa_crypto_hash.c               | 60 ++++++++++++++++++++++---
 4 files changed, 96 insertions(+), 13 deletions(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index b1d386236e..4a05318a7b 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -114,7 +114,10 @@ extern "C" {
 #endif
 
 #if defined(MBEDTLS_SHA3_C)
-#define PSA_WANT_ALG_SHA_3 1
+#define PSA_WANT_ALG_SHA3_224 1
+#define PSA_WANT_ALG_SHA3_256 1
+#define PSA_WANT_ALG_SHA3_384 1
+#define PSA_WANT_ALG_SHA3_512 1
 #endif
 
 
@@ -274,8 +277,23 @@ extern "C" {
 #define MBEDTLS_SHA512_C
 #endif
 
-#if defined(PSA_WANT_ALG_SHA_3) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1
+#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_224)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
+#define MBEDTLS_SHA3_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_256)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
+#define MBEDTLS_SHA3_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_384)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
+#define MBEDTLS_SHA3_C
+#endif
+
+#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_512)
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
 #define MBEDTLS_SHA3_C
 #endif
 
@@ -875,8 +893,14 @@ extern "C" {
 #endif
 
 #if defined(MBEDTLS_SHA3_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_SHA_3 1
-#define PSA_WANT_ALG_SHA_3 1
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
+#define PSA_WANT_ALG_SHA3_224 1
+#define PSA_WANT_ALG_SHA3_256 1
+#define PSA_WANT_ALG_SHA3_384 1
+#define PSA_WANT_ALG_SHA3_512 1
 #endif
 
 #if defined(MBEDTLS_AES_C)
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index ea7da9a1d9..b6bd484b9c 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -54,7 +54,10 @@
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
 #define MBEDTLS_PSA_BUILTIN_HASH
 #endif
 
@@ -79,7 +82,10 @@ typedef struct {
         defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
         mbedtls_sha512_context sha512;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         mbedtls_sha3_context sha3;
 #endif
     } MBEDTLS_PRIVATE(ctx);
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index e79f217755..cc15fe79f5 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -86,7 +86,10 @@
 #define PSA_WANT_ALG_SHA_256                    1
 #define PSA_WANT_ALG_SHA_384                    1
 #define PSA_WANT_ALG_SHA_512                    1
-#define PSA_WANT_ALG_SHA_3                      1
+#define PSA_WANT_ALG_SHA3_224                  1
+#define PSA_WANT_ALG_SHA3_256                   1
+#define PSA_WANT_ALG_SHA3_384                  1
+#define PSA_WANT_ALG_SHA3_512                  1
 #define PSA_WANT_ALG_STREAM_CIPHER              1
 #define PSA_WANT_ALG_TLS12_PRF                  1
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index 44df5526f6..ed933c00bf 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -74,11 +74,22 @@ psa_status_t mbedtls_psa_hash_abort(
             mbedtls_sha512_free(&operation->ctx.sha512);
             break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
         case PSA_ALG_SHA3_224:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
         case PSA_ALG_SHA3_256:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
         case PSA_ALG_SHA3_384:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         case PSA_ALG_SHA3_512:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
             mbedtls_sha3_free(&operation->ctx.sha3);
             break;
 #endif
@@ -143,19 +154,25 @@ psa_status_t mbedtls_psa_hash_setup(
             ret = mbedtls_sha512_starts(&operation->ctx.sha512, 0);
             break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
         case PSA_ALG_SHA3_224:
             mbedtls_sha3_init(&operation->ctx.sha3);
             ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_224);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
         case PSA_ALG_SHA3_256:
             mbedtls_sha3_init(&operation->ctx.sha3);
             ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_256);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
         case PSA_ALG_SHA3_384:
             mbedtls_sha3_init(&operation->ctx.sha3);
             ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_384);
             break;
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         case PSA_ALG_SHA3_512:
             mbedtls_sha3_init(&operation->ctx.sha3);
             ret = mbedtls_sha3_starts(&operation->ctx.sha3, MBEDTLS_SHA3_512);
@@ -223,11 +240,22 @@ psa_status_t mbedtls_psa_hash_clone(
                                  &source_operation->ctx.sha512);
             break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
         case PSA_ALG_SHA3_224:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
         case PSA_ALG_SHA3_256:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
         case PSA_ALG_SHA3_384:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         case PSA_ALG_SHA3_512:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
             mbedtls_sha3_clone(&target_operation->ctx.sha3,
                                &source_operation->ctx.sha3);
             break;
@@ -292,11 +320,22 @@ psa_status_t mbedtls_psa_hash_update(
                                         input, input_length);
             break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
         case PSA_ALG_SHA3_224:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
         case PSA_ALG_SHA3_256:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
         case PSA_ALG_SHA3_384:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         case PSA_ALG_SHA3_512:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
             ret = mbedtls_sha3_update(&operation->ctx.sha3,
                                         input, input_length);
             break;
@@ -371,11 +410,22 @@ psa_status_t mbedtls_psa_hash_finish(
             ret = mbedtls_sha512_finish(&operation->ctx.sha512, hash);
             break;
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_3)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224)
         case PSA_ALG_SHA3_224:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256)
         case PSA_ALG_SHA3_256:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384)
         case PSA_ALG_SHA3_384:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         case PSA_ALG_SHA3_512:
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
             ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size);
             break;
 #endif

From 09822a35f55dbc15729b17dcf0ae5f853a48182b Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 26 Jun 2023 11:11:23 +0100
Subject: [PATCH 014/264] code style

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/psa/crypto_builtin_primitives.h |  6 +++---
 include/psa/crypto_config.h             |  6 +++---
 library/psa_crypto_hash.c               | 22 +++++++++++-----------
 3 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index b6bd484b9c..00363e4390 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -83,9 +83,9 @@ typedef struct {
         mbedtls_sha512_context sha512;
 #endif
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
+        defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+        defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
         mbedtls_sha3_context sha3;
 #endif
     } MBEDTLS_PRIVATE(ctx);
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index cc15fe79f5..4e7aba5d05 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -86,10 +86,10 @@
 #define PSA_WANT_ALG_SHA_256                    1
 #define PSA_WANT_ALG_SHA_384                    1
 #define PSA_WANT_ALG_SHA_512                    1
-#define PSA_WANT_ALG_SHA3_224                  1
+#define PSA_WANT_ALG_SHA3_224                   1
 #define PSA_WANT_ALG_SHA3_256                   1
-#define PSA_WANT_ALG_SHA3_384                  1
-#define PSA_WANT_ALG_SHA3_512                  1
+#define PSA_WANT_ALG_SHA3_384                   1
+#define PSA_WANT_ALG_SHA3_512                   1
 #define PSA_WANT_ALG_STREAM_CIPHER              1
 #define PSA_WANT_ALG_TLS12_PRF                  1
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index ed933c00bf..dad1826166 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -87,9 +87,9 @@ psa_status_t mbedtls_psa_hash_abort(
         case PSA_ALG_SHA3_512:
 #endif
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
+            defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
             mbedtls_sha3_free(&operation->ctx.sha3);
             break;
 #endif
@@ -253,9 +253,9 @@ psa_status_t mbedtls_psa_hash_clone(
         case PSA_ALG_SHA3_512:
 #endif
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_224) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
+            defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
+            defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
             mbedtls_sha3_clone(&target_operation->ctx.sha3,
                                &source_operation->ctx.sha3);
             break;
@@ -336,9 +336,9 @@ psa_status_t mbedtls_psa_hash_update(
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
-            ret = mbedtls_sha3_update(&operation->ctx.sha3,
-                                        input, input_length);
-            break;
+    ret = mbedtls_sha3_update(&operation->ctx.sha3,
+                              input, input_length);
+    break;
 #endif
         default:
             (void) input;
@@ -426,8 +426,8 @@ psa_status_t mbedtls_psa_hash_finish(
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_256) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_384) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_SHA3_512)
-            ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size);
-            break;
+    ret = mbedtls_sha3_finish(&operation->ctx.sha3, hash, hash_size);
+    break;
 #endif
         default:
             (void) hash;

From 12cd44b9b3ef09b1a3bf65771d222ec6c9f79fa9 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 26 Jun 2023 11:27:37 +0100
Subject: [PATCH 015/264] Fix test dependencies

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data  | 32 +++++++++----------
 .../test_suite_psa_crypto_metadata.data       |  8 ++---
 2 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 90af796683..75689c9625 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -159,67 +159,67 @@ depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
 PSA hash finish: SHA3-224 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_224
 hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"
 
 PSA hash finish: SHA3-256 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_256
 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
 
 PSA hash finish: SHA3-384 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_384
 hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"
 
 PSA hash finish: SHA3-512 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_512
 hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
 
 PSA hash finish: SHA3-224 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_224
 hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"
 
 PSA hash finish: SHA3-256 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_256
 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
 
 PSA hash finish: SHA3-384 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_384
 hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25"
 
 PSA hash finish: SHA3-512 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_512
 hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"
 
 PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_224
 hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33"
 
 PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_256
 hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
 
 PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_384
 hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22"
 
 PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_512
 hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"
 
 PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_224
 hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc"
 
 PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_256
 hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"
 
 PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_384
 hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7"
 
 PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_512
 hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"
 
 PSA hash finish: MD5 Test vector RFC1321 #1
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 2f3fe3270d..b461dc48e2 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -27,19 +27,19 @@ depends_on:PSA_WANT_ALG_SHA_512
 hash_algorithm:PSA_ALG_SHA_512:64
 
 Hash: SHA-3 SHA3-224
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_224
 hash_algorithm:PSA_ALG_SHA3_224:28
 
 Hash: SHA-3 SHA3-256
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_256
 hash_algorithm:PSA_ALG_SHA3_256:32
 
 Hash: SHA-3 SHA3-384
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_384
 hash_algorithm:PSA_ALG_SHA3_384:48
 
 Hash: SHA-3 SHA3-512
-depends_on:PSA_WANT_ALG_SHA_3
+depends_on:PSA_WANT_ALG_SHA_3_512
 hash_algorithm:PSA_ALG_SHA3_512:64
 
 MAC: HMAC-MD5

From 16985d5f9813f3ffdfa48425becf3b42255f1a4b Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 26 Jun 2023 11:28:33 +0100
Subject: [PATCH 016/264] Fix test dependencies

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data  | 32 +++++++++----------
 .../test_suite_psa_crypto_metadata.data       |  8 ++---
 2 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 75689c9625..1133c398db 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -159,67 +159,67 @@ depends_on:PSA_WANT_ALG_SHA_512
 hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
 
 PSA hash finish: SHA3-224 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3_224
+depends_on:PSA_WANT_ALG_SHA3_224
 hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"
 
 PSA hash finish: SHA3-256 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3_256
+depends_on:PSA_WANT_ALG_SHA3_256
 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
 
 PSA hash finish: SHA3-384 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3_384
+depends_on:PSA_WANT_ALG_SHA3_384
 hash_finish:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"
 
 PSA hash finish: SHA3-512 Test Vector NIST ""
-depends_on:PSA_WANT_ALG_SHA_3_512
+depends_on:PSA_WANT_ALG_SHA3_512
 hash_finish:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
 
 PSA hash finish: SHA3-224 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3_224
+depends_on:PSA_WANT_ALG_SHA3_224
 hash_finish:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"
 
 PSA hash finish: SHA3-256 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3_256
+depends_on:PSA_WANT_ALG_SHA3_256
 hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
 
 PSA hash finish: SHA3-384 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3_384
+depends_on:PSA_WANT_ALG_SHA3_384
 hash_finish:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25"
 
 PSA hash finish: SHA3-512 Test Vector NIST "abc"
-depends_on:PSA_WANT_ALG_SHA_3_512
+depends_on:PSA_WANT_ALG_SHA3_512
 hash_finish:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"
 
 PSA hash finish: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3_224
+depends_on:PSA_WANT_ALG_SHA3_224
 hash_finish:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33"
 
 PSA hash finish: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3_256
+depends_on:PSA_WANT_ALG_SHA3_256
 hash_finish:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
 
 PSA hash finish: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3_384
+depends_on:PSA_WANT_ALG_SHA3_384
 hash_finish:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22"
 
 PSA hash finish: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-depends_on:PSA_WANT_ALG_SHA_3_512
+depends_on:PSA_WANT_ALG_SHA3_512
 hash_finish:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"
 
 PSA hash finish: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3_224
+depends_on:PSA_WANT_ALG_SHA3_224
 hash_finish:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc"
 
 PSA hash finish: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3_256
+depends_on:PSA_WANT_ALG_SHA3_256
 hash_finish:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"
 
 PSA hash finish: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3_384
+depends_on:PSA_WANT_ALG_SHA3_384
 hash_finish:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7"
 
 PSA hash finish: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-depends_on:PSA_WANT_ALG_SHA_3_512
+depends_on:PSA_WANT_ALG_SHA3_512
 hash_finish:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"
 
 PSA hash finish: MD5 Test vector RFC1321 #1
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index b461dc48e2..2bc559c6bd 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -27,19 +27,19 @@ depends_on:PSA_WANT_ALG_SHA_512
 hash_algorithm:PSA_ALG_SHA_512:64
 
 Hash: SHA-3 SHA3-224
-depends_on:PSA_WANT_ALG_SHA_3_224
+depends_on:PSA_WANT_ALG_SHA3_224
 hash_algorithm:PSA_ALG_SHA3_224:28
 
 Hash: SHA-3 SHA3-256
-depends_on:PSA_WANT_ALG_SHA_3_256
+depends_on:PSA_WANT_ALG_SHA3_256
 hash_algorithm:PSA_ALG_SHA3_256:32
 
 Hash: SHA-3 SHA3-384
-depends_on:PSA_WANT_ALG_SHA_3_384
+depends_on:PSA_WANT_ALG_SHA3_384
 hash_algorithm:PSA_ALG_SHA3_384:48
 
 Hash: SHA-3 SHA3-512
-depends_on:PSA_WANT_ALG_SHA_3_512
+depends_on:PSA_WANT_ALG_SHA3_512
 hash_algorithm:PSA_ALG_SHA3_512:64
 
 MAC: HMAC-MD5

From 5734bb99cc18a0db9b31f67f87c299d2f5cbbda0 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 26 Jun 2023 18:23:08 +0100
Subject: [PATCH 017/264] Fix PSA_HMAC_MAX_HASH_BLOCK_SIZE and
 PSA_HASH_MAX_SIZE definitions

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/psa/crypto_sizes.h | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 8cc965b09f..dd99c0d921 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -125,28 +125,43 @@
  * This macro expands to a compile-time constant integer. This value
  * is the maximum size of a hash in bytes.
  */
-/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
+/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-224,
  * 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
  * HMAC-SHA3-512. */
 /* Note: PSA_HASH_MAX_SIZE should be kept in sync with MBEDTLS_MD_MAX_SIZE,
  * see the note on MBEDTLS_MD_MAX_SIZE for details. */
-#if defined(PSA_WANT_ALG_SHA_512)
-#define PSA_HASH_MAX_SIZE 64
+#if defined(PSA_WANT_ALG_SHA3_224)
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 144
+#elif defined(PSA_WANT_ALG_SHA3_256)
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 136
+#elif defined(PSA_WANT_ALG_SHA_512)
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
 #elif defined(PSA_WANT_ALG_SHA_384)
-#define PSA_HASH_MAX_SIZE 48
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
+#elif defined(PSA_WANT_ALG_SHA3_384)
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 104
+#elif defined(PSA_WANT_ALG_SHA3_512)
+#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 72
 #elif defined(PSA_WANT_ALG_SHA_256)
-#define PSA_HASH_MAX_SIZE 32
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #elif defined(PSA_WANT_ALG_SHA_224)
-#define PSA_HASH_MAX_SIZE 28
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #else /* SHA-1 or smaller */
-#define PSA_HASH_MAX_SIZE 20
 #define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
 #endif
 
+#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA3_512)
+#define PSA_HASH_MAX_SIZE 64
+#elif defined(PSA_WANT_ALG_SHA_384) || defined(PSA_WANT_ALG_SHA3_384)
+#define PSA_HASH_MAX_SIZE 48
+#elif defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA3_256)
+#define PSA_HASH_MAX_SIZE 32
+#elif defined(PSA_WANT_ALG_SHA_224) || defined(PSA_WANT_ALG_SHA3_224)
+#define PSA_HASH_MAX_SIZE 28
+#else /* SHA-1 or smaller */
+#define PSA_HASH_MAX_SIZE 20
+#endif
+
 /** \def PSA_MAC_MAX_SIZE
  *
  * Maximum size of a MAC.

From 47a2ac1c253b90f9c57b9ba5cf3ae110a4068042 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 26 Jun 2023 18:39:42 +0100
Subject: [PATCH 018/264] Fix incorrectly named macro

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/config_psa.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 4a05318a7b..45fcddf3d9 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -277,22 +277,22 @@ extern "C" {
 #define MBEDTLS_SHA512_C
 #endif
 
-#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_224)
+#if defined(PSA_WANT_ALG_SHA3_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_224 1
 #define MBEDTLS_SHA3_C
 #endif
 
-#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_256)
+#if defined(PSA_WANT_ALG_SHA3_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_256 1
 #define MBEDTLS_SHA3_C
 #endif
 
-#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_384)
+#if defined(PSA_WANT_ALG_SHA3_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_384 1
 #define MBEDTLS_SHA3_C
 #endif
 
-#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_3_512)
+#if defined(PSA_WANT_ALG_SHA3_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
 #define MBEDTLS_PSA_BUILTIN_ALG_SHA3_512 1
 #define MBEDTLS_SHA3_C
 #endif

From 4506e7de616d221c184cd0f9c5b14d2f4d06b71f Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Tue, 27 Jun 2023 12:20:32 +0100
Subject: [PATCH 019/264] Move clarification to a separate note

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 include/mbedtls/net_sockets.h | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/net_sockets.h b/include/mbedtls/net_sockets.h
index 9f9e2adcf9..1096d66d9a 100644
--- a/include/mbedtls/net_sockets.h
+++ b/include/mbedtls/net_sockets.h
@@ -283,16 +283,24 @@ int mbedtls_net_recv_timeout(void *ctx, unsigned char *buf, size_t len,
                              uint32_t timeout);
 
 /**
- * \brief          Close down the connection and clear the context
+ * \brief          Closes down the connection and free associated data
  *
  * \param ctx      The context to close
+ *
+ * \note           This function frees and clears data associated with the
+ *                 context but does not free the memory pointed to by \p ctx.
+ *                 This memory is the responsibility of the caller.
  */
 void mbedtls_net_close(mbedtls_net_context *ctx);
 
 /**
- * \brief          Gracefully shutdown the connection and clear the context
+ * \brief          Gracefully shutdown the connection and free associated data
  *
- * \param ctx      The context to gracefully shutdown
+ * \param ctx      The context to free
+ *
+ * \note           This function frees and clears data associated with the
+ *                 context but does not free the memory pointed to by \p ctx.
+ *                 This memory is the responsibility of the caller.
  */
 void mbedtls_net_free(mbedtls_net_context *ctx);
 

From b9f8974c6cc89b2273e2334e274d651d2339148a Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 25 Apr 2023 04:48:15 -0400
Subject: [PATCH 020/264] Document mbedtls_calloc zeroization

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h | 2 +-
 include/mbedtls/platform.h       | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index e15104216d..bb2d66deb0 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3680,7 +3680,7 @@
 
 /* Platform options */
 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
-//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the buffer after allocation. */
 //#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_SETBUF      setbuf /**< Default setbuf to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 768c756b9b..490cedb4a9 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -135,6 +135,7 @@ extern "C" {
 
 /*
  * The function pointers for calloc and free.
+ * mbedtls_calloc will allocate and zeroize the buffer.
  */
 #if defined(MBEDTLS_PLATFORM_MEMORY)
 #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \

From c08ccd00f3592477fe50945b7958d4b4956039c9 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 25 Apr 2023 05:19:42 -0400
Subject: [PATCH 021/264] Add a test for calloc zeroization

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h          |  2 +-
 tests/suites/test_suite_platform.data     |  3 +++
 tests/suites/test_suite_platform.function | 14 ++++++++++++++
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index bb2d66deb0..7e87946a93 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3680,7 +3680,7 @@
 
 /* Platform options */
 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
-//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the buffer after allocation. */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the allocated buffer. */
 //#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_SETBUF      setbuf /**< Default setbuf to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data
index 4276b8fb77..64992820cc 100644
--- a/tests/suites/test_suite_platform.data
+++ b/tests/suites/test_suite_platform.data
@@ -4,3 +4,6 @@ time_get_milliseconds:
 
 Time: get seconds
 time_get_seconds:
+
+Check mbedtls_calloc zeroization
+check_mbedtls_calloc_zeroization:
\ No newline at end of file
diff --git a/tests/suites/test_suite_platform.function b/tests/suites/test_suite_platform.function
index 61681b8789..82c656d2d0 100644
--- a/tests/suites/test_suite_platform.function
+++ b/tests/suites/test_suite_platform.function
@@ -120,3 +120,17 @@ void time_delay_seconds(int delay_secs)
     goto exit;
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void check_mbedtls_calloc_zeroization()
+{
+    unsigned int buf_size = 256;
+    unsigned char *buf;
+    buf = mbedtls_calloc(buf_size, sizeof(unsigned char));
+    for (unsigned int i = 0; i < buf_size; i++) {
+        TEST_EQUAL(buf[i], 0);
+    }
+exit:
+    mbedtls_free(buf);
+}
+/* END_CASE */
\ No newline at end of file

From 2d981f092e5b27db9a2379101973816c526fa2b9 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 27 Apr 2023 09:19:35 -0400
Subject: [PATCH 022/264] Extend mbedtls_calloc and mbedtls_free documentation

Co-authored-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h | 23 +++++++++++++++++++----
 include/mbedtls/platform.h       |  3 ++-
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 7e87946a93..a08f9d8653 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3680,8 +3680,23 @@
 
 /* Platform options */
 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
-//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc /**< Default allocator to use, can be undefined. Please note that it should zeroize the allocated buffer. */
-//#define MBEDTLS_PLATFORM_STD_FREE            free /**< Default free to use, can be undefined */
+/** \def MBEDTLS_PLATFORM_STD_CALLOC
+ *
+ * Default allocator to use, can be undefined.
+ * It should initialize the allocated buffer memory to zeroes.
+ * The size of the buffer is the product of the two parameters.
+ * The behavior is undefined if the product of the two parameters overflows size_t.
+ * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function.
+ * The corresponding deallocation function is MBEDTLS_PLATFORM_STD_FREE.
+ */
+//#define MBEDTLS_PLATFORM_STD_CALLOC        calloc
+/** \def MBEDTLS_PLATFORM_STD_FREE
+ *
+ * Default free to use, can be undefined.
+ * NULL is a valid parameter, and the function must do nothing.
+ * A non-null parameter will always be a pointer previously returned by MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
+ */
+//#define MBEDTLS_PLATFORM_STD_FREE            free
 //#define MBEDTLS_PLATFORM_STD_SETBUF      setbuf /**< Default setbuf to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_EXIT            exit /**< Default exit to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_TIME            time /**< Default time to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
@@ -3697,8 +3712,8 @@
 
 /* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
-//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined */
-//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined */
+//#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
+//#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
 //#define MBEDTLS_PLATFORM_EXIT_MACRO            exit /**< Default exit macro to use, can be undefined */
 //#define MBEDTLS_PLATFORM_SETBUF_MACRO      setbuf /**< Default setbuf macro to use, can be undefined */
 //#define MBEDTLS_PLATFORM_TIME_MACRO            time /**< Default time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled */
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 490cedb4a9..fb7bc1b6a0 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -135,7 +135,8 @@ extern "C" {
 
 /*
  * The function pointers for calloc and free.
- * mbedtls_calloc will allocate and zeroize the buffer.
+ * please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE
+ * in mbedtls_config.h for more information about behaviour and requirements.
  */
 #if defined(MBEDTLS_PLATFORM_MEMORY)
 #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \

From 9032711dc7dad879348fb2850cdbda0e81fe13f2 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 27 Apr 2023 09:30:18 -0400
Subject: [PATCH 023/264] Move the calloc buffer initialization test to
 selftest.c

This way it's more in line with the 2.28 version.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 programs/test/selftest.c                  | 45 +++++++++++++++++++++--
 tests/suites/test_suite_platform.data     |  3 --
 tests/suites/test_suite_platform.function | 14 -------
 3 files changed, 41 insertions(+), 21 deletions(-)

diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index f896d4f9da..d3127553d7 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -73,23 +73,49 @@ static int calloc_self_test(int verbose)
     void *empty2 = mbedtls_calloc(0, 1);
     void *buffer1 = mbedtls_calloc(1, 1);
     void *buffer2 = mbedtls_calloc(1, 1);
+    unsigned int buf_size = 256;
+    unsigned char *buffer3 = mbedtls_calloc(buf_size, sizeof(unsigned char));
 
     if (empty1 == NULL && empty2 == NULL) {
         if (verbose) {
-            mbedtls_printf("  CALLOC(0): passed (NULL)\n");
+            mbedtls_printf("  CALLOC(0,1): passed (NULL)\n");
         }
     } else if (empty1 == NULL || empty2 == NULL) {
         if (verbose) {
-            mbedtls_printf("  CALLOC(0): failed (mix of NULL and non-NULL)\n");
+            mbedtls_printf("  CALLOC(0,1): failed (mix of NULL and non-NULL)\n");
         }
         ++failures;
     } else if (empty1 == empty2) {
         if (verbose) {
-            mbedtls_printf("  CALLOC(0): passed (same non-null)\n");
+            mbedtls_printf("  CALLOC(0,1): passed (same non-null)\n");
         }
     } else {
         if (verbose) {
-            mbedtls_printf("  CALLOC(0): passed (distinct non-null)\n");
+            mbedtls_printf("  CALLOC(0,1): passed (distinct non-null)\n");
+        }
+    }
+
+    mbedtls_free(empty1);
+    mbedtls_free(empty2);
+
+    empty1 = mbedtls_calloc(1, 0);
+    empty2 = mbedtls_calloc(1, 0);
+    if (empty1 == NULL && empty2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): passed (NULL)\n");
+        }
+    } else if (empty1 == NULL || empty2 == NULL) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): failed (mix of NULL and non-NULL)\n");
+        }
+        ++failures;
+    } else if (empty1 == empty2) {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): passed (same non-null)\n");
+        }
+    } else {
+        if (verbose) {
+            mbedtls_printf("  CALLOC(1,0): passed (distinct non-null)\n");
         }
     }
 
@@ -122,6 +148,16 @@ static int calloc_self_test(int verbose)
         }
     }
 
+    for (unsigned int i = 0; i < buf_size; i++) {
+        if (buffer3[i] != 0) {
+            ++failures;
+            if (verbose) {
+                mbedtls_printf("  CALLOC(%u): failed (memory not initialized to 0)\n", buf_size);
+            }
+            break;
+        }
+    }
+
     if (verbose) {
         mbedtls_printf("\n");
     }
@@ -129,6 +165,7 @@ static int calloc_self_test(int verbose)
     mbedtls_free(empty2);
     mbedtls_free(buffer1);
     mbedtls_free(buffer2);
+    mbedtls_free(buffer3);
     return failures;
 }
 #endif /* MBEDTLS_SELF_TEST */
diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data
index 64992820cc..4276b8fb77 100644
--- a/tests/suites/test_suite_platform.data
+++ b/tests/suites/test_suite_platform.data
@@ -4,6 +4,3 @@ time_get_milliseconds:
 
 Time: get seconds
 time_get_seconds:
-
-Check mbedtls_calloc zeroization
-check_mbedtls_calloc_zeroization:
\ No newline at end of file
diff --git a/tests/suites/test_suite_platform.function b/tests/suites/test_suite_platform.function
index 82c656d2d0..61681b8789 100644
--- a/tests/suites/test_suite_platform.function
+++ b/tests/suites/test_suite_platform.function
@@ -120,17 +120,3 @@ void time_delay_seconds(int delay_secs)
     goto exit;
 }
 /* END_CASE */
-
-/* BEGIN_CASE */
-void check_mbedtls_calloc_zeroization()
-{
-    unsigned int buf_size = 256;
-    unsigned char *buf;
-    buf = mbedtls_calloc(buf_size, sizeof(unsigned char));
-    for (unsigned int i = 0; i < buf_size; i++) {
-        TEST_EQUAL(buf[i], 0);
-    }
-exit:
-    mbedtls_free(buf);
-}
-/* END_CASE */
\ No newline at end of file

From ecaf6fb8b264c2d4676c32c5abb1630a608d8fcb Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 4 May 2023 17:07:57 -0400
Subject: [PATCH 024/264] Documentation and cosmetic fixes

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h | 10 +++++-----
 include/mbedtls/platform.h       |  2 +-
 programs/test/selftest.c         |  2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a08f9d8653..7aea34ce63 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3683,18 +3683,18 @@
 /** \def MBEDTLS_PLATFORM_STD_CALLOC
  *
  * Default allocator to use, can be undefined.
- * It should initialize the allocated buffer memory to zeroes.
+ * It must initialize the allocated buffer memory to zeroes.
  * The size of the buffer is the product of the two parameters.
- * The behavior is undefined if the product of the two parameters overflows size_t.
+ * The calloc function returns either a null pointer or a pointer to the allocated space.
  * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function.
- * The corresponding deallocation function is MBEDTLS_PLATFORM_STD_FREE.
+ * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE.
  */
 //#define MBEDTLS_PLATFORM_STD_CALLOC        calloc
 /** \def MBEDTLS_PLATFORM_STD_FREE
  *
  * Default free to use, can be undefined.
  * NULL is a valid parameter, and the function must do nothing.
- * A non-null parameter will always be a pointer previously returned by MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
+ * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
  */
 //#define MBEDTLS_PLATFORM_STD_FREE            free
 //#define MBEDTLS_PLATFORM_STD_SETBUF      setbuf /**< Default setbuf to use, can be undefined */
@@ -3710,7 +3710,7 @@
 //#define MBEDTLS_PLATFORM_STD_NV_SEED_WRITE  mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
 //#define MBEDTLS_PLATFORM_STD_NV_SEED_FILE  "seedfile" /**< Seed file to read/write with default implementation */
 
-/* To Use Function Macros MBEDTLS_PLATFORM_C must be enabled */
+/* To use the following function macros, MBEDTLS_PLATFORM_C must be enabled. */
 /* MBEDTLS_PLATFORM_XXX_MACRO and MBEDTLS_PLATFORM_XXX_ALT cannot both be defined */
 //#define MBEDTLS_PLATFORM_CALLOC_MACRO        calloc /**< Default allocator macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_CALLOC for requirements. */
 //#define MBEDTLS_PLATFORM_FREE_MACRO            free /**< Default free macro to use, can be undefined. See MBEDTLS_PLATFORM_STD_FREE for requirements. */
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index fb7bc1b6a0..87e880fbb8 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -135,7 +135,7 @@ extern "C" {
 
 /*
  * The function pointers for calloc and free.
- * please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE
+ * Please see MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE
  * in mbedtls_config.h for more information about behaviour and requirements.
  */
 #if defined(MBEDTLS_PLATFORM_MEMORY)
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index d3127553d7..88c0188556 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -74,7 +74,7 @@ static int calloc_self_test(int verbose)
     void *buffer1 = mbedtls_calloc(1, 1);
     void *buffer2 = mbedtls_calloc(1, 1);
     unsigned int buf_size = 256;
-    unsigned char *buffer3 = mbedtls_calloc(buf_size, sizeof(unsigned char));
+    unsigned char *buffer3 = mbedtls_calloc(buf_size, 1);
 
     if (empty1 == NULL && empty2 == NULL) {
         if (verbose) {

From e35f3a23bef66e578d4c605e4729b221d948679d Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Thu, 4 May 2023 17:29:55 -0400
Subject: [PATCH 025/264] Add a calloc selftest for more than a page

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 programs/test/selftest.c | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 88c0188556..cc5e00ed3b 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -73,8 +73,10 @@ static int calloc_self_test(int verbose)
     void *empty2 = mbedtls_calloc(0, 1);
     void *buffer1 = mbedtls_calloc(1, 1);
     void *buffer2 = mbedtls_calloc(1, 1);
-    unsigned int buf_size = 256;
-    unsigned char *buffer3 = mbedtls_calloc(buf_size, 1);
+    unsigned int buffer_3_size = 256;
+    unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */
+    unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1);
+    unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1);
 
     if (empty1 == NULL && empty2 == NULL) {
         if (verbose) {
@@ -148,11 +150,23 @@ static int calloc_self_test(int verbose)
         }
     }
 
-    for (unsigned int i = 0; i < buf_size; i++) {
+    for (unsigned int i = 0; i < buffer_3_size; i++) {
         if (buffer3[i] != 0) {
             ++failures;
             if (verbose) {
-                mbedtls_printf("  CALLOC(%u): failed (memory not initialized to 0)\n", buf_size);
+                mbedtls_printf("  CALLOC(%u): failed (memory not initialized to 0)\n",
+                               buffer_3_size);
+            }
+            break;
+        }
+    }
+
+    for (unsigned int i = 0; i < buffer_4_size; i++) {
+        if (buffer4[i] != 0) {
+            ++failures;
+            if (verbose) {
+                mbedtls_printf("  CALLOC(%u): failed (memory not initialized to 0)\n",
+                               buffer_4_size);
             }
             break;
         }
@@ -166,6 +180,7 @@ static int calloc_self_test(int verbose)
     mbedtls_free(buffer1);
     mbedtls_free(buffer2);
     mbedtls_free(buffer3);
+    mbedtls_free(buffer4);
     return failures;
 }
 #endif /* MBEDTLS_SELF_TEST */

From 84356a16e9dd0bd0ba30ef0742cb985767116249 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Sat, 6 May 2023 08:33:56 -0400
Subject: [PATCH 026/264] Add a description of how mbedtls_calloc is determined

Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 7aea34ce63..4f389e081d 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3680,9 +3680,39 @@
 
 /* Platform options */
 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
+
+/* An overview of how the value of mbedtls_calloc is determined:
+ *
+ * if !MBEDTLS_PLATFORM_MEMORY
+ *     mbedtls_calloc = calloc
+ * if MBEDTLS_PLATFORM_MEMORY
+ *     if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
+ *         mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO
+ *     if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
+ *         Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC.
+ *         How is MBEDTLS_PLATFORM_STD_CALLOC handled?
+ *         if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
+ *             MBEDTLS_PLATFORM_STD_CALLOC is not set to anything;
+ *             MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present;
+ *         if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
+ *             if MBEDTLS_PLATFORM_STD_CALLOC is present:
+ *                 User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected;
+ *             if !MBEDTLS_PLATFORM_STD_CALLOC:
+ *                 MBEDTLS_PLATFORM_STD_CALLOC = calloc
+ *
+ *         At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked.
+ *         if !MBEDTLS_PLATFORM_STD_CALLOC
+ *             MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc
+ *
+ *         mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC.
+ *
+ * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible.
+ * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time.
+ * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
+ */
 /** \def MBEDTLS_PLATFORM_STD_CALLOC
  *
- * Default allocator to use, can be undefined.
+ * Default allocator to use, can be undefined. See the description above for details.
  * It must initialize the allocated buffer memory to zeroes.
  * The size of the buffer is the product of the two parameters.
  * The calloc function returns either a null pointer or a pointer to the allocated space.

From aae3208c29ef88c6a44797e3fafc62c4ab8fccea Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Sat, 6 May 2023 08:52:50 -0400
Subject: [PATCH 027/264] Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test

It should return NULL and not a valid pointer.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h |  5 +++--
 programs/test/selftest.c         | 13 ++++++++++++-
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 4f389e081d..55b94ced75 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3708,7 +3708,8 @@
  *
  * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible.
  * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time.
- * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used, dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
+ * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used,
+ * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
  */
 /** \def MBEDTLS_PLATFORM_STD_CALLOC
  *
@@ -3722,7 +3723,7 @@
 //#define MBEDTLS_PLATFORM_STD_CALLOC        calloc
 /** \def MBEDTLS_PLATFORM_STD_FREE
  *
- * Default free to use, can be undefined.
+ * Default free to use, can be undefined. See the description above for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply).
  * NULL is a valid parameter, and the function must do nothing.
  * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
  */
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index cc5e00ed3b..933d06b219 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -77,7 +77,10 @@ static int calloc_self_test(int verbose)
     unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */
     unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1);
     unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1);
-
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Walloc-size-larger-than="
+    unsigned char *buffer5 = mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2);
+#pragma GCC diagnostic pop
     if (empty1 == NULL && empty2 == NULL) {
         if (verbose) {
             mbedtls_printf("  CALLOC(0,1): passed (NULL)\n");
@@ -172,6 +175,13 @@ static int calloc_self_test(int verbose)
         }
     }
 
+    if (buffer5 != NULL) {
+        ++failures;
+        if (verbose) {
+            mbedtls_printf("  CALLOC(SIZE_MAX/2, SIZE_MAX/2): failed (returned a valid pointer)\n");
+        }
+    }
+
     if (verbose) {
         mbedtls_printf("\n");
     }
@@ -181,6 +191,7 @@ static int calloc_self_test(int verbose)
     mbedtls_free(buffer2);
     mbedtls_free(buffer3);
     mbedtls_free(buffer4);
+    mbedtls_free(buffer5);
     return failures;
 }
 #endif /* MBEDTLS_SELF_TEST */

From 60de0b198a2ef6caf1abfd3273f4f7dde70dd727 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 9 May 2023 16:38:04 -0400
Subject: [PATCH 028/264] Move the overallocation test to test suites

This way the compiler does not complain about
an overly large allocation made.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 programs/test/selftest.c                  | 13 +------------
 tests/suites/test_suite_platform.data     |  3 +++
 tests/suites/test_suite_platform.function | 12 ++++++++++++
 3 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index 933d06b219..cc5e00ed3b 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -77,10 +77,7 @@ static int calloc_self_test(int verbose)
     unsigned int buffer_4_size = 4097; /* Allocate more than the usual page size */
     unsigned char *buffer3 = mbedtls_calloc(buffer_3_size, 1);
     unsigned char *buffer4 = mbedtls_calloc(buffer_4_size, 1);
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Walloc-size-larger-than="
-    unsigned char *buffer5 = mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2);
-#pragma GCC diagnostic pop
+
     if (empty1 == NULL && empty2 == NULL) {
         if (verbose) {
             mbedtls_printf("  CALLOC(0,1): passed (NULL)\n");
@@ -175,13 +172,6 @@ static int calloc_self_test(int verbose)
         }
     }
 
-    if (buffer5 != NULL) {
-        ++failures;
-        if (verbose) {
-            mbedtls_printf("  CALLOC(SIZE_MAX/2, SIZE_MAX/2): failed (returned a valid pointer)\n");
-        }
-    }
-
     if (verbose) {
         mbedtls_printf("\n");
     }
@@ -191,7 +181,6 @@ static int calloc_self_test(int verbose)
     mbedtls_free(buffer2);
     mbedtls_free(buffer3);
     mbedtls_free(buffer4);
-    mbedtls_free(buffer5);
     return failures;
 }
 #endif /* MBEDTLS_SELF_TEST */
diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data
index 4276b8fb77..4d5745076d 100644
--- a/tests/suites/test_suite_platform.data
+++ b/tests/suites/test_suite_platform.data
@@ -4,3 +4,6 @@ time_get_milliseconds:
 
 Time: get seconds
 time_get_seconds:
+
+Check mbedtls_calloc overallocation
+check_mbedtls_calloc_overallocation:SIZE_MAX/2:SIZE_MAX/2
diff --git a/tests/suites/test_suite_platform.function b/tests/suites/test_suite_platform.function
index 61681b8789..bc397357f1 100644
--- a/tests/suites/test_suite_platform.function
+++ b/tests/suites/test_suite_platform.function
@@ -120,3 +120,15 @@ void time_delay_seconds(int delay_secs)
     goto exit;
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void check_mbedtls_calloc_overallocation(intmax_t num, intmax_t size)
+{
+    unsigned char *buf;
+    buf = mbedtls_calloc((size_t) num, (size_t) size);
+    TEST_ASSERT(buf == NULL);
+
+exit:
+    mbedtls_free(buf);
+}
+/* END_CASE */

From 04bfe5797b953c43fb3f3213e7e9b54c084065b3 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 27 Jun 2023 10:02:09 -0400
Subject: [PATCH 029/264] Disable asan errors on null allocation in all.sh

Such error was raised in platform tests,
and it's a valid test case.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 tests/scripts/all.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 45f7e982f9..46d249d662 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -189,6 +189,9 @@ pre_initialize_variables () {
     # default to -O2, use -Ox _after_ this if you want another level
     ASAN_CFLAGS='-O2 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all'
 
+    # Platform tests have an allocation that returns null
+    export ASAN_OPTIONS="allocator_may_return_null=1"
+
     # Gather the list of available components. These are the functions
     # defined in this script whose name starts with "component_".
     # Parse the script with sed. This way we get the functions in the order

From 2b3c06edb3b055e2fb81e574d992d718e75873c8 Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 3 Jul 2023 06:52:37 -0400
Subject: [PATCH 030/264] Enable certain documented defines only when
 generating doxygen

Avoid an "unrecognized define" error.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 doxygen/mbedtls.doxyfile         | 1 +
 include/mbedtls/mbedtls_config.h | 2 ++
 include/mbedtls/platform.h       | 9 +++++++++
 3 files changed, 12 insertions(+)

diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 393fd41ad2..4c95c61e7b 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -51,4 +51,5 @@ PREDEFINED             = "MBEDTLS_CHECK_RETURN_CRITICAL="   \
                          "MBEDTLS_CHECK_RETURN_TYPICAL="    \
                          "MBEDTLS_CHECK_RETURN_OPTIONAL="   \
                          "MBEDTLS_PRINTF_ATTRIBUTE(a,b)="   \
+                         "__DOXYGEN__"                      \
 
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 55b94ced75..ddbef7a66f 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -3711,6 +3711,7 @@
  * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used,
  * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
  */
+
 /** \def MBEDTLS_PLATFORM_STD_CALLOC
  *
  * Default allocator to use, can be undefined. See the description above for details.
@@ -3721,6 +3722,7 @@
  * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE.
  */
 //#define MBEDTLS_PLATFORM_STD_CALLOC        calloc
+
 /** \def MBEDTLS_PLATFORM_STD_FREE
  *
  * Default free to use, can be undefined. See the description above for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply).
diff --git a/include/mbedtls/platform.h b/include/mbedtls/platform.h
index 87e880fbb8..3fc1fd0c16 100644
--- a/include/mbedtls/platform.h
+++ b/include/mbedtls/platform.h
@@ -130,6 +130,15 @@ extern "C" {
 #endif
 #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
 
+/* Enable certain documented defines only when generating doxygen to avoid
+ * an "unrecognized define" error. */
+#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_CALLOC)
+#define MBEDTLS_PLATFORM_STD_CALLOC
+#endif
+
+#if defined(__DOXYGEN__) && !defined(MBEDTLS_PLATFORM_STD_FREE)
+#define MBEDTLS_PLATFORM_STD_FREE
+#endif
 
 /** \} name SECTION: Module settings */
 

From cf669b058b92d706367db91263b7f9bacb75178d Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Mon, 3 Jul 2023 09:49:07 -0400
Subject: [PATCH 031/264] Add a dummy usage of a pointer in tests

This way clang with O1 doesn't optimize it.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 tests/suites/test_suite_platform.function | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/suites/test_suite_platform.function b/tests/suites/test_suite_platform.function
index bc397357f1..c65d011f0f 100644
--- a/tests/suites/test_suite_platform.function
+++ b/tests/suites/test_suite_platform.function
@@ -126,6 +126,8 @@ void check_mbedtls_calloc_overallocation(intmax_t num, intmax_t size)
 {
     unsigned char *buf;
     buf = mbedtls_calloc((size_t) num, (size_t) size);
+    /* Dummy usage of the pointer to prevent optimizing it */
+    mbedtls_printf("calloc pointer : %p\n", buf);
     TEST_ASSERT(buf == NULL);
 
 exit:

From 4d69b29076cfc36210fe1ca52066ba595cb032cd Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 9 May 2023 10:50:44 +0800
Subject: [PATCH 032/264] Update server5-selfsigned.crt

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile               | 12 ++++++++++++
 tests/data_files/server5-selfsigned.crt | 20 ++++++++++----------
 2 files changed, 22 insertions(+), 10 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 2ad5c2af61..c0556a65e7 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -416,6 +416,18 @@ server5-ss-forgeca.crt: server5.key
 	$(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
 all_final += server5-ss-forgeca.crt
 
+server5-selfsigned.crt: server5.key
+	openssl req -x509 -key server5.key \
+        -sha256 -days 3650 -nodes \
+        -addext basicConstraints=critical,CA:FALSE \
+        -addext keyUsage=critical,digitalSignature \
+        -addext subjectKeyIdentifier=hash   \
+        -addext authorityKeyIdentifier=none \
+        -set_serial 0x53a2cb4b124ead837da894b2 \
+        -subj "/CN=selfsigned/OU=testing/O=PolarSSL/C=NL" \
+        -out $@
+all_final += server5-selfsigned.crt
+
 parse_input/server5-othername.crt.der: server5.key
 	$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS othername SAN" -set_serial 77 -config $(test_ca_config_file) -extensions othername_san -days 3650 -sha256 -key $< -outform der -out $@
 
diff --git a/tests/data_files/server5-selfsigned.crt b/tests/data_files/server5-selfsigned.crt
index cb55647513..0eafe70256 100644
--- a/tests/data_files/server5-selfsigned.crt
+++ b/tests/data_files/server5-selfsigned.crt
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBzTCCAXKgAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV
-BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy
-U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY0M1oYDzIwMjQwNjE4MTEz
-NjQzWjBHMRMwEQYDVQQDEwpzZWxmc2lnbmVkMRAwDgYDVQQLEwd0ZXN0aW5nMREw
-DwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIBBggqhkjO
-PQMBBwNCAAQ3zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/q
-L9I0XV0WvYqIwmt3DVXNiioO+gHItO3/o0AwPjAMBgNVHRMBAf8EAjAAMA8GA1Ud
-DwEB/wQFAwMHgAAwHQYDVR0OBBYEFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqG
-SM49BAMCA0kAMEYCIQCf/bzFoge0pCOIrtHrABgc1+Cl9kjlsICpduXhdHUMOwIh
-AOJ+nBHfaEGyF4PRJvn/jMDeIaH1zisinVzC2v+JQOWq
+MIIBxzCCAW2gAwIBAgIMU6LLSxJOrYN9qJSyMAoGCCqGSM49BAMCMEcxEzARBgNV
+BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy
+U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwMjQ5NTdaFw0zMzA1MDYwMjQ5NTda
+MEcxEzARBgNVBAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNV
+BAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA2CMR/+ov0jRd
+XRa9iojCa3cNVc2KKg76Aci07f+jPzA9MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
+BAQDAgeAMB0GA1UdDgQWBBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQD
+AgNIADBFAiAXiJxDrd5aLzGB/Uc3kYBIBuSUIMGvol2c8EvwmF3zmQIhAPFrKMgA
+s2awzo/PBB5gFTkDub88wRYwS1R9JPYCXUO0
 -----END CERTIFICATE-----

From affc294dfe127840aa1b2eec8602461cf2ba70f0 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 9 May 2023 14:07:56 +0800
Subject: [PATCH 033/264] Add the rule and update server6-ss-child.crt

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile                     | 11 ++++++++++
 tests/data_files/server6-ss-child.crt         | 22 +++++++++----------
 .../server6-ss-child.crt.openssl.v3_ext       |  4 ++++
 3 files changed, 26 insertions(+), 11 deletions(-)
 create mode 100644 tests/data_files/server6-ss-child.crt.openssl.v3_ext

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index c0556a65e7..495dc02520 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1410,6 +1410,17 @@ server6.crt: server6.csr $(test_ca_crt_file_ec) $(test_ca_key_file_ec)
 				-extfile server5.crt.openssl.v3_ext -set_serial 10 -days 3650 -sha256 -in $< -out $@
 all_final += server6.crt
 
+server6-ss-child.csr : server6.key
+	$(OPENSSL) req -new -subj "/CN=selfsigned-child/OU=testing/O=PolarSSL/C=NL" \
+		-key $< -out $@
+all_intermediate += server6-ss-child.csr
+server6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key server6-ss-child.crt.openssl.v3_ext
+	$(OPENSSL) x509 -req -CA server5-selfsigned.crt -CAkey server5.key \
+				-extfile server6-ss-child.crt.openssl.v3_ext \
+				-set_serial 0x53a2cb5822399474a7ec79ec \
+				-days 3650 -sha256 -in $< -out $@
+all_final += server6-ss-child.crt
+
 ################################################################
 ### Generate certificates for CRT write check tests
 ################################################################
diff --git a/tests/data_files/server6-ss-child.crt b/tests/data_files/server6-ss-child.crt
index 3c6fd4d1b0..fc28f34c2d 100644
--- a/tests/data_files/server6-ss-child.crt
+++ b/tests/data_files/server6-ss-child.crt
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB8jCCAZmgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV
-BAMTCnNlbGZzaWduZWQxEDAOBgNVBAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFy
-U1NMMQswCQYDVQQGEwJOTDAiGA8yMDE0MDYxOTExMzY1NloYDzIwMjQwNjE4MTEz
-NjU2WjBNMRkwFwYDVQQDExBzZWxmc2lnbmVkLWNoaWxkMRAwDgYDVQQLEwd0ZXN0
-aW5nMREwDwYDVQQKEwhQb2xhclNTTDELMAkGA1UEBhMCTkwwWTATBgcqhkjOPQIB
-BggqhkjOPQMBBwNCAASBWTF2SST6Fa2roDFuDu0zEfqRJVXBsMGcA3I+mLotpHI3
-iR9DN40fjjrY8FfoL0/JAKT323MPssYElNFAOzjjo2EwXzAMBgNVHRMBAf8EAjAA
-MA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFDxZrEo+LvwCNi/afcvLnHqyiZlT
-MB8GA1UdIwQYMBaAFLZtURgXjmWq8uzV8wHkbFLCNB1bMAoGCCqGSM49BAMCA0cA
-MEQCIAMlQ59/NW7S0hP1cu5OTD2zqT087bEmnIfOTBYfj8UFAiBBrrz2dipODVYx
-vvTsQmSCzjrm+JtQQoWa+cdnAG3w5g==
+MIIB7jCCAZSgAwIBAgIMU6LLWCI5lHSn7HnsMAoGCCqGSM49BAMCMEcxEzARBgNV
+BAMMCnNlbGZzaWduZWQxEDAOBgNVBAsMB3Rlc3RpbmcxETAPBgNVBAoMCFBvbGFy
+U1NMMQswCQYDVQQGEwJOTDAeFw0yMzA1MDkwNjA2NDJaFw0zMzA1MDYwNjA2NDJa
+ME0xGTAXBgNVBAMMEHNlbGZzaWduZWQtY2hpbGQxEDAOBgNVBAsMB3Rlc3Rpbmcx
+ETAPBgNVBAoMCFBvbGFyU1NMMQswCQYDVQQGEwJOTDBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABIFZMXZJJPoVraugMW4O7TMR+pElVcGwwZwDcj6Yui2kcjeJH0M3
+jR+OOtjwV+gvT8kApPfbcw+yxgSU0UA7OOOjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgeAMB0GA1UdDgQWBBR+ZY8+MwMU5eG+YLLghX+M52ArezAfBgNV
+HSMEGDAWgBRQYaWP1AfZ14IBDOVlf4xjRqcTvjAKBggqhkjOPQQDAgNIADBFAiAl
+Y2yXg5sZunmo+McUBzvSao1wRxw+9XBSM+Dph5gfhgIhAPlI+lSvD4mzlBzn01Mg
+0tMpKHbY34iadcMWBUgibMiA
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server6-ss-child.crt.openssl.v3_ext b/tests/data_files/server6-ss-child.crt.openssl.v3_ext
new file mode 100644
index 0000000000..dd9cdaa739
--- /dev/null
+++ b/tests/data_files/server6-ss-child.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = critical,CA:false
+keyUsage=critical,digitalSignature
+subjectKeyIdentifier=hash
+

From 5a1dbf3d6e166ca9ec11736d02b78ee472580bcb Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 29 May 2023 10:19:09 +0800
Subject: [PATCH 034/264] Fix the rule for server5-ss-forgeca.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile               |  2 +-
 tests/data_files/server5-ss-forgeca.crt | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 495dc02520..6d9cb68bef 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -413,7 +413,7 @@ all_final += server5-ss-expired.crt
 
 # try to forge a copy of test-int-ca3 with different key
 server5-ss-forgeca.crt: server5.key
-	$(FAKETIME) '2015-09-01 14:08:43' $(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
 all_final += server5-ss-forgeca.crt
 
 server5-selfsigned.crt: server5.key
diff --git a/tests/data_files/server5-ss-forgeca.crt b/tests/data_files/server5-ss-forgeca.crt
index 2265bf5764..cf5bd6db91 100644
--- a/tests/data_files/server5-ss-forgeca.crt
+++ b/tests/data_files/server5-ss-forgeca.crt
@@ -1,11 +1,11 @@
 -----BEGIN CERTIFICATE-----
-MIIBlDCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
+MIIBkzCCATmgAwIBAgIBTTAKBggqhkjOPQQDAjBKMQswCQYDVQQGEwJVSzERMA8G
 A1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRlc3QgaW50ZXJtZWRp
-YXRlIENBIDMwHhcNMTUwOTAxMTEwODQzWhcNMjUwODI5MTEwODQzWjBKMQswCQYD
+YXRlIENBIDMwHhcNMjMwNTE3MDkxNDIxWhcNMzMwNTE0MDkxNDIxWjBKMQswCQYD
 VQQGEwJVSzERMA8GA1UECgwIbWJlZCBUTFMxKDAmBgNVBAMMH21iZWQgVExTIFRl
 c3QgaW50ZXJtZWRpYXRlIENBIDMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ3
 zFbZdgkeWnI+x1kt/yBu7nz5BpF00K0UtfdoIllikk7lANgjEf/qL9I0XV0WvYqI
-wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0kA
-MEYCIQDBFcXh+IloVYbMiHfCFhw6cYJsj7PZXuTdDMMkNbyJNAIhALz7fBVAMYz9
-/g48bLdYT47LOc9QNuaboLIxsq5RseJL
+wmt3DVXNiioO+gHItO3/oxAwDjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gA
+MEUCIQD0f3GH9cEJ7cJWPIfwAL/1cGREqO//O/1XggWZv/clnQIgQmlMzGzuUDHq
+/mTgGQ9ceSAB9B9im9rcgY6DRFZULnY=
 -----END CERTIFICATE-----

From 0f381fd02f59c02f79baa8458df1d1f097ae1cb2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 12 May 2023 18:20:56 +0800
Subject: [PATCH 035/264] Update test-ca2.ku-*.crt

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile                     | 27 ++++++++++++++++---
 tests/data_files/test-ca2.ku-crl.crt          | 20 +++++++-------
 .../test-ca2.ku-crl.crt.openssl.v3_ext        |  4 +++
 tests/data_files/test-ca2.ku-crt.crt          | 20 +++++++-------
 .../test-ca2.ku-crt.crt.openssl.v3_ext        |  4 +++
 tests/data_files/test-ca2.ku-crt_crl.crt      | 20 +++++++-------
 .../test-ca2.ku-crt_crl.crt.openssl.v3_ext    |  4 +++
 tests/data_files/test-ca2.ku-ds.crt           | 20 +++++++-------
 .../test-ca2.ku-ds.crt.openssl.v3_ext         |  4 +++
 9 files changed, 79 insertions(+), 44 deletions(-)
 create mode 100644 tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext
 create mode 100644 tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext
 create mode 100644 tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext
 create mode 100644 tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 6d9cb68bef..9e33910751 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -168,13 +168,28 @@ test_ca_crt_file_ec = test-ca2.crt
 test_ca_key_file_ec = test-ca2.key
 
 test-ca2.req.sha256: $(test_ca_key_file_ec)
-	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256
+	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$(test_ca_key_file_ec) \
+	subject_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" md=SHA256
 all_intermediate += test-ca2.req.sha256
 
 test-ca2.crt: $(test_ca_key_file_ec) test-ca2.req.sha256
-	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) not_before=20190210144400 not_after=20290210144400 md=SHA256 version=3 output_file=$@
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 selfsign=1 \
+		request_file=test-ca2.req.sha256 \
+		issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" \
+		issuer_key=$(test_ca_key_file_ec) \
+		not_before=20190210144400 not_after=20290210144400 \
+		md=SHA256 version=3 output_file=$@
 all_final += test-ca2.crt
 
+test-ca2.ku-%.crt: test-ca2.ku-%.crt.openssl.v3_ext $(test_ca_key_file_ec) test-ca2.req.sha256
+	$(OPENSSL) x509 -req -in test-ca2.req.sha256 -extfile $< \
+		-signkey $(test_ca_key_file_ec) -days 3653 -out $@
+
+all_final += test-ca2.ku-crl.crt \
+			 test-ca2.ku-crt.crt \
+			 test-ca2.ku-crt_crl.crt \
+			 test-ca2.ku-ds.crt
+
 test-ca2-future.crt: $(test_ca_key_file_ec) test-ca2.req.sha256
 	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=13926223505202072808 request_file=test-ca2.req.sha256 selfsign=1 \
 		issuer_name="C=NL,O=PolarSSL,CN=Polarssl Test EC CA" issuer_key=$(test_ca_key_file_ec) \
@@ -199,10 +214,14 @@ $(test_ca_ec_cat):
 all_final += $(test_ca_ec_cat)
 
 parse_input/test-ca-any_policy.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \
+		-key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" \
+		-set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
 
 parse_input/test-ca-any_policy_ec.crt: $(test_ca_key_file_ec) test-ca.req_ec.sha256
-	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca -key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 -in test-ca.req_ec.sha256 -out $@
+	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_ca \
+		-key $(test_ca_key_file_ec) -set_serial 0 -days 3653 -sha256 \
+		-in test-ca.req_ec.sha256 -out $@
 
 parse_input/test-ca-any_policy_with_qualifier.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
 	$(OPENSSL) req -x509 -config $(test_ca_config_file) -extensions v3_any_policy_qualifier_ca -key $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 0 -days 3653 -sha256 -in test-ca.req.sha256 -out $@
diff --git a/tests/data_files/test-ca2.ku-crl.crt b/tests/data_files/test-ca2.ku-crl.crt
index 4fb40838ca..303a2c00b9 100644
--- a/tests/data_files/test-ca2.ku-crl.crt
+++ b/tests/data_files/test-ca2.ku-crl.crt
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBzDCCAVOgAwIBAgIJAP6mZLzh0IPSMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTIzMzhaFw0yNDA0MDYxMTIzMzhaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCAQIwCgYIKoZIzj0EAwIDZwAwZAIwZOCKY0EHXYzI4cQsFnfOrxm1
-ufvNeZ4ZcSZWrkTBazW2OBCuCP9SLznec3SFOUvvAjAKe/qycfxkHivjieCEG1Kt
-m2D4QKSJELUhTHr4zdkeqbzgui0y3iouaoyWsKvetNg=
+MIIB2DCCAV6gAwIBAgIUN3DAVq0Kn9k3FPUPZGW2d3rZn28wCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBAjAKBggqhkjOPQQDAgNoADBlAjAxoq/Q4PEA
+8SDd3cQaVIwx8oJVEzfJo1BB2w1LnjvUXZrQydjNXMU4Jgorm/2/uLgCMQCyI6cZ
+EAIgKPYlT6/zJHBj45qejs527OfI4Xn+kQ7OvHQtHaCAzQw4h7Jfx+gXaUo=
 -----END CERTIFICATE-----
diff --git a/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext
new file mode 100644
index 0000000000..4bc5d3c24b
--- /dev/null
+++ b/tests/data_files/test-ca2.ku-crl.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = cRLSign
+
diff --git a/tests/data_files/test-ca2.ku-crt.crt b/tests/data_files/test-ca2.ku-crt.crt
index edacc64c9b..5cad7b2fc1 100644
--- a/tests/data_files/test-ca2.ku-crt.crt
+++ b/tests/data_files/test-ca2.ku-crt.crt
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBzTCCAVOgAwIBAgIJAODh6PAeD9/vMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTIzNTRaFw0yNDA0MDYxMTIzNTRaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCAgQwCgYIKoZIzj0EAwIDaAAwZQIwGGlbynd1jU3WkUx6Irhk9Lob
-z2B+1eIO6+eu3En8B3rh8Ipfxo0e0hpfaRFYP1MUAjEAjxxBchRWJAzZ6/47Wg/7
-UoasRINgP5B/uJhTnftS1bqyuWHastb4LW5/YLOvPbMQ
+MIIB2DCCAV6gAwIBAgIUYDcYIJ6EBbKafKeXLgPLE+RsJZowCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxMjEwMzEwNVoXDTMzMDUxMjEwMzEwNVow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwICBDAKBggqhkjOPQQDAgNoADBlAjBwsfyYiZB6
+PpDgIbYRbZ4VT9GGFNE3L4C1IH8RNwzvywLvQfVp3ocRAkzEoRpmKAsCMQDOGm48
+d7zKl7IzmBuOWXYlukWDDWwpNI67z7g0JawfypKIxcPTZFiQXVtDdTdkrGY=
 -----END CERTIFICATE-----
diff --git a/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext
new file mode 100644
index 0000000000..997c8930bf
--- /dev/null
+++ b/tests/data_files/test-ca2.ku-crt.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = keyCertSign
+
diff --git a/tests/data_files/test-ca2.ku-crt_crl.crt b/tests/data_files/test-ca2.ku-crt_crl.crt
index ac74e402a0..4c69582f3e 100644
--- a/tests/data_files/test-ca2.ku-crt_crl.crt
+++ b/tests/data_files/test-ca2.ku-crt_crl.crt
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBzDCCAVOgAwIBAgIJAPejOupCJS65MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTIyMjVaFw0yNDA0MDYxMTIyMjVaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCAQYwCgYIKoZIzj0EAwIDZwAwZAIwMKLVXB4YBQ0Ha4dEvFPcJtau
-TS5Vd4UqG3xQ10YcJogweuqaGHSFgdnEUfoX+4p5AjApMnYXFfUjSmlyfJmTaswO
-gaR5sUnnw33NA9j1ercem3asCYz6a8T0zo8/rR33XVU=
+MIIB2TCCAV6gAwIBAgIUd5f42F4ahjkx9AIN035pcF4WFikwCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDAgNpADBmAjEA6IUvQwSw
+vEkHjU9YNsPcUsJf0UTHUW1T8mNbgk+zCl6fzeU73oCXH6zoi5q6vLgjAjEAv63C
+xknmJJ4H3Zlc+O5GlcX9VQNZDn1xV7hf2yW1Gf7wLTnSWTf5bXATaIQ6QLO1
 -----END CERTIFICATE-----
diff --git a/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext
new file mode 100644
index 0000000000..0fd73a25ab
--- /dev/null
+++ b/tests/data_files/test-ca2.ku-crt_crl.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = keyCertSign, cRLSign
+
diff --git a/tests/data_files/test-ca2.ku-ds.crt b/tests/data_files/test-ca2.ku-ds.crt
index c28e17b22a..2907aa7343 100644
--- a/tests/data_files/test-ca2.ku-ds.crt
+++ b/tests/data_files/test-ca2.ku-ds.crt
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBzDCCAVOgAwIBAgIJAPOkPR3wsvm5MAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTAeFw0xNDA0MDkxMTI0MTNaFw0yNDA0MDYxMTI0MTNaMD4xCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF
-QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu
-ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy
-aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqMdMBswDAYDVR0TBAUwAwEB/zAL
-BgNVHQ8EBAMCB4AwCgYIKoZIzj0EAwIDZwAwZAIwGRCmU/rWNjW13g8ITuq3pMXb
-jgwTFJHVlbMDiFJwUrRvytPV9doJOfzJ8nAQ0cZ1AjAbJ8QAV2e+DmYZpWc/p6Ug
-nQdac59ev+lH+ju6wET3jNDjUthUPrdgqa54+UWQ5r4=
+MIIB2TCCAV6gAwIBAgIUb5xsO6FEmAz+XpGFHpW7ODFvup0wCgYIKoZIzj0EAwIw
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMB4XDTIzMDUxNzA3MTAzN1oXDTMzMDUxNzA3MTAzN1ow
+PjELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xh
+cnNzbCBUZXN0IEVDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEw9orNEE3WC+H
+Vv78ibopQ0tO4G7DDldTMzlY1FK0kZU5CyPfXxckYkj8GpUpziwth8KIUoCv1mqr
+Id240xxuWLjK6LJpjvNBrSnDtF91p0dv1RkpVWmaUzsgtGYWYDMeox0wGzAMBgNV
+HRMEBTADAQH/MAsGA1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEA44HVvGYv
+meA3SpaNJmubLKjsQlGNnEUUo1IO0NBP5yWG0dRFkX8NQ0bzH/1n6FJcAjEAm9wj
+xdmEPUr6PY54c0IQJNeeF76L1/+EszXrSDQ7TLv1YC4d4uMNmqwR9EGuUX+/
 -----END CERTIFICATE-----
diff --git a/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext b/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext
new file mode 100644
index 0000000000..08e49d4751
--- /dev/null
+++ b/tests/data_files/test-ca2.ku-ds.crt.openssl.v3_ext
@@ -0,0 +1,4 @@
+basicConstraints = CA:true
+subjectKeyIdentifier=none
+keyUsage = digitalSignature
+

From 55ee7f8e133b0c5cd5570e6a12c5fe097bb50f86 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 29 May 2023 11:02:42 +0800
Subject: [PATCH 036/264] Add rule for server2-badsign.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 9e33910751..35bae2429f 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1605,6 +1605,10 @@ server2-sha256.crt: server2.req.sha256
 	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
 all_final += server2-sha256.crt
 
+server2-badsign.crt: server2.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server2-badsign.crt
+
 # server3*
 
 parse_input/server3.crt server3.crt: server3.key

From 0063599e6f4a8fc7326599b44d1d718a019164a2 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 14:40:27 +0800
Subject: [PATCH 037/264] Add rules to generate server2.ku-*.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 35bae2429f..1b80cee97d 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1605,6 +1605,21 @@ server2-sha256.crt: server2.req.sha256
 	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
 all_final += server2-sha256.crt
 
+server2.ku-ka.crt: SERVER2_CRT_SERIAL=42
+server2.ku-ka.crt: SERVER2_KEY_USAGE=key_agreement
+server2.ku-ke.crt: SERVER2_CRT_SERIAL=43
+server2.ku-ke.crt: SERVER2_KEY_USAGE=key_encipherment
+server2.ku-ds.crt: SERVER2_CRT_SERIAL=44
+server2.ku-ds.crt: SERVER2_KEY_USAGE=digital_signature
+server2.ku-ds_ke.crt: SERVER2_CRT_SERIAL=48
+server2.ku-ds_ke.crt: SERVER2_KEY_USAGE=digital_signature,key_encipherment
+server2.ku-%.crt: server2.req.sha256
+	$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=$(SERVER2_CRT_SERIAL) \
+		issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
+		key_usage="$(SERVER2_KEY_USAGE)" \
+		not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
+all_final += server2.ku-ka.crt server2.ku-ke.crt server2.ku-ds.crt server2.ku-ds_ke.crt
+
 server2-badsign.crt: server2.crt
 	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
 all_final += server2-badsign.crt

From 5b91dc7265574721f55e409aa14b446f0bfacdf3 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 14:41:32 +0800
Subject: [PATCH 038/264] Update server2.ku-*.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/server2.ku-ds.crt    | 27 +++++++++++++--------------
 tests/data_files/server2.ku-ds_ke.crt | 27 +++++++++++++--------------
 tests/data_files/server2.ku-ka.crt    | 27 +++++++++++++--------------
 tests/data_files/server2.ku-ke.crt    | 27 +++++++++++++--------------
 4 files changed, 52 insertions(+), 56 deletions(-)

diff --git a/tests/data_files/server2.ku-ds.crt b/tests/data_files/server2.ku-ds.crt
index 3bd07d0fbe..d1e1251d98 100644
--- a/tests/data_files/server2.ku-ds.crt
+++ b/tests/data_files/server2.ku-ds.crt
@@ -1,21 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MDg0NDUxWhcNMjQwNDA2MDg0NDUxWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+MIIDRzCCAi+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
 AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
 owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
 NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
 tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
 hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEAc4kubASrFXFtplkYp6FUcnUn
-Pf/6laS1htI+3y+q1UHWe2PcagZtCHTCUGBSWLeUIiaIBheaIRqv+4sSFVuXB7hV
-0PGXpO5btth4R8BHzGqCdObKvPujp5BDq3xgcAFicA3HUMNsJoTDv/RYXY7je1Q5
-ntVyVPeji0AWMUYQjcqHTQQPGBgdJrRTMaYglZh15IhJ16ICNd9rWIeBA0h/+r0y
-QuFEBz0nfe7Dvpqct7gJCv+7/5tCujx4LT17z7oK8BZN5SePAGU2ykJsUXk8ZICT
-ongaQQVQwS6/GJ6A5V8ecaUvFrTby1h9+2sOW8n2NRGiaaG5gkvxVeayemcmOQ==
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3
+DQEBBQUAA4IBAQCcDy5VWW133eL1TesUkejziAz9QNBHvWkKNs0jF6+fRgWgFP5Y
+EE87rQX0Z1XiyTDB4LdKfivRi3TMD7EX8o6q9C3H/ilu5anrgha8WziMrtv/s9IF
+QjpyHdnXGoXmA9uDqQLtucR5yep3ux4mlwS8GG3IUkpkdysNOrVvSARm0ZagQ9tn
+YZyEjGd8wP3jKYNJAB2OdnvX9OqBmEyvSmMucSidkMkdLrUcjmOtz+AkqoRGewwc
+eClstlp8NEuP37q2KLYtbQMpio1Kzsr3PCey1UImKNjauypS2Dpzl1RnmBw+c5En
+SdLMa+ns3odRhF0IvENDhz/mKZJvwtoz/NBz
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server2.ku-ds_ke.crt b/tests/data_files/server2.ku-ds_ke.crt
index ebee7e1c31..eb23245d81 100644
--- a/tests/data_files/server2.ku-ds_ke.crt
+++ b/tests/data_files/server2.ku-ds_ke.crt
@@ -1,21 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MTAwMjQ5WhcNMjQwNDA2MTAwMjQ5WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+MIIDRzCCAi+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
 AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
 owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
 NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
 tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
 hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIFoDANBgkqhkiG9w0BAQUFAAOCAQEAnW7+h85xBP2KJzFSpWfGirVe
-ApdC9bX0Z1sVMmD486N+ty9W6BP6kJRxLDX0fOuRc3x7mCy5qZg/Yj40+yQSoA0w
-bTNwJjuR8iMqWIqLw9hWR+E9T4lYLZWyGJVjlVTkO4i5wifwhoJE9Doohh/6crn5
-ImWgEkgT/wDVIHoamciO6KU36d0iAEEP2eYgxv2/sVHvjjsseTdvYh3D3VuOmQtS
-uUvFxc6H5kYoq/yodJWDaOn3RS8pEpDsiW+abcWyxNTPtHFroJV7e9aaVmhlRSzw
-sYDyD/ZyIlavoPSEiD3LTT/Tp6BIpz+zb4WHOHLEvUCsZputqxPVcNoEAi9xuA==
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgWgMA0GCSqGSIb3
+DQEBBQUAA4IBAQB6u7D3tAsB75aZEcUfv2XyeLX4P99mzx2yOBSsPaIDTRyv0XoT
+vbgUA7viX/F7I8b2kc6ihRXSu/98c7Vr/uSm0LfV3VMgoAXBCWNg/5c/N3c0YnZ2
+imuv0yeXw5cJI3iYQJmllawdrGgOslfPuO7kqrFt3uGaylITpVLQ7w7iDpPbAFM8
+kPpO6CMyCFi6miQYoZchTTP9X3dpbpNdB2FlSVT55J6TIvH5x4t7XCFJuvYYJxrf
+8I3UFR3OnBR625zUHXJ6uV8yHG5ze+4K2n9CHcyX7zuZ+bB0e8wIS6Xf99M+1ApF
+ESvXwHI0Fu8s/PJ+leD28CRJQMuAOJIYBMnS
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server2.ku-ka.crt b/tests/data_files/server2.ku-ka.crt
index 90f7c4a993..ce97e8272d 100644
--- a/tests/data_files/server2.ku-ka.crt
+++ b/tests/data_files/server2.ku-ka.crt
@@ -1,21 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MDg0NDIzWhcNMjQwNDA2MDg0NDIzWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+MIIDRzCCAi+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
 AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
 owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
 NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
 tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
 hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIDCDANBgkqhkiG9w0BAQUFAAOCAQEAriPloIWfu7U8d1hls97C7OBI
-OiE2xFh2UmuN/9hTK2CyW6MtBf8aG3l4jQDrsutHO0gUyoR67ug4yj+s+0S/zETZ
-q6mPo7cBbVwjhGciQRiYgufFpdnbXR05HDgOVPK7qqjL6UOZnbu5caIEvIJgdwXn
-n8WB9x/Ii4/2S9ysmRdRhDBYekzgH3Ac2UnHJTMh1XaSL817MW6B9BDKHt4xa7pW
-cplDzrFKYbmxSSxzALE4Dr+zRvmDx4bcYpBkRRfOhnnR1caQBgaZzPcX/Vu+vw8e
-qs2nyBW5RBu8MBCBU1DpqOSo6jl0QTpuq3NzQZIouG9fyckqDJS5ibrxQTutPw==
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgMIMA0GCSqGSIb3
+DQEBBQUAA4IBAQAxJDMtlqpFHKw5ymqzgfnm0aY51PZOXpsPfoed7Vz2PzSB2eJ0
+JQc+QuLhippy8hnPmPZg/HQ/gedbxFKPiIiYEh86GvnBFozQ+c8sE0h6tJgVOJJi
+ADUNeVJoq03WIroTMqAB0uW0rHB+OFm7uRwIDFr2gWVrKZKg/KsDrxtng2wPOgbU
+xvPRtNyaOZjV0GjuBhWxpPTxXw27e5Mq3MS5B9piZgPXmam5lZdOe0LNrbQShfmP
+4mk4drjdQaUrL3JLpLt8S4oihZU+dOHkYdZVHSAuuGikZK7qPfEdP/yrZTCgtY54
+vXxv47xT9L+pWtiTosBmsy/ewvWprVJIxLh3
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server2.ku-ke.crt b/tests/data_files/server2.ku-ke.crt
index 8daa0c13d1..21e6cf0400 100644
--- a/tests/data_files/server2.ku-ke.crt
+++ b/tests/data_files/server2.ku-ke.crt
@@ -1,21 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIIDijCCAnKgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNDA5MDg0NDM5WhcNMjQwNDA2MDg0NDM5WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+MIIDRzCCAi+gAwIBAgIBKzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
 AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN
 owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz
 NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM
 tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P
 hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya
-HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaOBnzCBnDAJ
-BgNVHRMEAjAAMB0GA1UdDgQWBBSlBehkuNzfYA9QEk1gqGSvTYtDkzBjBgNVHSME
-XDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMAsG
-A1UdDwQEAwIFIDANBgkqhkiG9w0BAQUFAAOCAQEAqreLAIuxeLGKbhoEROYRqXxO
-ndaC6uDcpxhgmEW7B2DW6ZtX8155v3ov61MuMas8fEQjD5STDP9qERxNTePnhW3m
-kDZd2jUBE3ioHhTBv47i1PYU+DRe42kY6z0jUmNPK8TsTKfdbqTGXg9THe1KYB7q
-hdljqGS08IgBl/q2lK2OOSycu27xhfb9Mo0BcLBab92WgyBu+cFPQsKiL4mD7QyJ
-+73Ndb21EuANUjsRDQ3NPklssJcyJB2v85eekwk1acZUG21no3wdTvjxhVE/Xrdz
-zUP9WkvAVfUrwGjUzG4YHE8wkHO7xKbKixNt+nQmDhe+tHVbztZjVwFJ8010gg==
+HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNdMFswCQYD
+VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw
+FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDgYDVR0PAQH/BAQDAgUgMA0GCSqGSIb3
+DQEBBQUAA4IBAQCeNpH2eSUXpq0CPlE6P1/bJW2f0vKFWMnZ6B3eFCdMCcKJ6LYV
+BA1Dn5G5HEW4mBMJfyMwD5sklyEzQDCgIDjws+BRUflMr71AerfesHIGdW4jAw10
+aWwFMeszzZ54ZahX2GHPcwWfTccSf9tpSaRMlNBEIz8lfb2iEZ2HR9eAmAqYgtR1
+RbYcsNfC0oBYOCTRmvXi+wpGcUWn+VbIv6rHrQYnWXiPAuPJUqIpM0x9q0kT6NCi
+LfdhaVV2DPnvBYGRcXX78JK5/MQt/sv4JSefRpvxpVQCmbo0amz7hUMHGCflAbro
+FpyBlfcpj0lSRoaU9x0mCYzqwDYd+4NJZUGT
 -----END CERTIFICATE-----

From b078607f04ad987207bbfafe7a77550f14c0cedf Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 17:18:36 +0800
Subject: [PATCH 039/264] cert_write: Support write any for extended key usage

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 programs/x509/cert_write.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index e58f528536..40b1871f38 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -530,6 +530,8 @@ usage:
                     SET_OID(ext_key_usage->buf, MBEDTLS_OID_TIME_STAMPING);
                 } else if (strcmp(q, "OCSPSigning") == 0) {
                     SET_OID(ext_key_usage->buf, MBEDTLS_OID_OCSP_SIGNING);
+                } else if (strcmp(q, "any") == 0) {
+                    SET_OID(ext_key_usage->buf, MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE);
                 } else {
                     mbedtls_printf("Invalid argument for option %s\n", p);
                     goto usage;

From 1ca5c0eae91bd1db2bcf79ea26f2f2fb779aafcc Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 15:20:12 +0800
Subject: [PATCH 040/264] Add rules to generate server5.[e]ku-*.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 1b80cee97d..0a32b3b64a 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1418,6 +1418,32 @@ server5.req.ku.sha1: server5.key
 	$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
 all_final += server5.req.ku.sha1
 
+server5.ku-ds.crt: SERVER5_CRT_SERIAL=45
+server5.ku-ds.crt: SERVER5_KEY_USAGE=digital_signature
+server5.ku-ka.crt: SERVER5_CRT_SERIAL=46
+server5.ku-ka.crt: SERVER5_KEY_USAGE=key_agreement
+server5.ku-ke.crt: SERVER5_CRT_SERIAL=47
+server5.ku-ke.crt: SERVER5_KEY_USAGE=key_encipherment
+server5.eku-cs.crt: SERVER5_CRT_SERIAL=58
+server5.eku-cs.crt: SERVER5_EXT_KEY_USAGE=codeSigning
+server5.eku-cs_any.crt: SERVER5_CRT_SERIAL=59
+server5.eku-cs_any.crt: SERVER5_EXT_KEY_USAGE=codeSigning,any
+server5.eku-cli.crt: SERVER5_CRT_SERIAL=60
+server5.eku-cli.crt: SERVER5_EXT_KEY_USAGE=clientAuth
+server5.eku-srv_cli.crt: SERVER5_CRT_SERIAL=61
+server5.eku-srv_cli.crt: SERVER5_EXT_KEY_USAGE=serverAuth,clientAuth
+server5.eku-srv.crt: SERVER5_CRT_SERIAL=62
+server5.eku-srv.crt: SERVER5_EXT_KEY_USAGE=serverAuth
+server5.ku-%.crt: SERVER5_EXT_OPTS=key_usage=$(SERVER5_KEY_USAGE)
+server5.eku-%.crt: SERVER5_EXT_OPTS=ext_key_usage=$(SERVER5_EXT_KEY_USAGE)
+server5.%.crt: server5.key
+	$(MBEDTLS_CERT_WRITE) \
+		subject_key=$< subject_name="C=NL,O=PolarSSL,CN=localhost" serial=$(SERVER5_CRT_SERIAL) \
+		issuer_crt=$(test_ca_crt_file_ec) issuer_key=$(test_ca_key_file_ec) $(SERVER5_EXT_OPTS) \
+		not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
+all_final += server5.ku-ka.crt server5.ku-ke.crt server5.ku-ds.crt
+all_final += server5.eku-cs.crt server5.eku-cs_any.crt server5.eku-cli.crt server5.eku-srv_cli.crt server5.eku-srv.crt
+
 # server6*
 
 server6.csr: server6.key

From d9ba29733e23800d215a29611bb6dbb7e083baa2 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 15:21:11 +0800
Subject: [PATCH 041/264] Update server5.[e]ku-*.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/server5.eku-cli.crt     | 22 +++++++++++-----------
 tests/data_files/server5.eku-cs.crt      | 22 +++++++++++-----------
 tests/data_files/server5.eku-cs_any.crt  | 22 +++++++++++-----------
 tests/data_files/server5.eku-srv.crt     | 22 +++++++++++-----------
 tests/data_files/server5.eku-srv_cli.crt | 22 +++++++++++-----------
 tests/data_files/server5.ku-ds.crt       | 23 +++++++++++------------
 tests/data_files/server5.ku-ka.crt       | 23 +++++++++++------------
 tests/data_files/server5.ku-ke.crt       | 23 +++++++++++------------
 8 files changed, 88 insertions(+), 91 deletions(-)

diff --git a/tests/data_files/server5.eku-cli.crt b/tests/data_files/server5.eku-cli.crt
index 8aa2e44a03..8d04559839 100644
--- a/tests/data_files/server5.eku-cli.crt
+++ b/tests/data_files/server5.eku-cli.crt
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB5DCCAWmgAwIBAgIBPDAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMTIxWhcNMjQwNDA3MTcyMTIxWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAoGCCqGSM49BAMCA2kA
-MGYCMQCzHyEvd56zm1AzfDBi3psz3rDL/m0RN2WnbRBQJxIJqjwEXOrKazko9m9q
-owgau88CMQDuI0fsq5tnyiHPaDSAE21/6hlrCR6deNbwzB94OuPIbx1wIas9D1jc
-//iSmKtbl8Y=
+MIIB6zCCAW6gAwIBAgIBPDAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwIwDAYIKoZIzj0E
+AwIFAANpADBmAjEAoC1Xxg8Xt3tvM2ZER4jCRv7iSYPWGgNtcYNJj3G0lb0PYi1l
+Nd0cqdGxydhm7RJLAjEApAE8koD1ccIPnSFTagT7shOSz1/lOU4wwAWswcwolzt3
+xrvFlMoTeJx3sS3Zqdr8
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.eku-cs.crt b/tests/data_files/server5.eku-cs.crt
index db97b403e9..c00bc3bec2 100644
--- a/tests/data_files/server5.eku-cs.crt
+++ b/tests/data_files/server5.eku-cs.crt
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB4zCCAWmgAwIBAgIBOjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMDQxWhcNMjQwNDA3MTcyMDQxWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMDMAoGCCqGSM49BAMCA2gA
-MGUCMQC294oVK6fUjH/abI1xzytTusi8dl7518L0Y19q8zi9K19OtxzPK09h7xyy
-gaJRvpUCMFS6hYhrht38yqwwhSVlnmTMVtira58mEUhL6v7Qzw1sz/Dm4aXkW3s6
-JQV1kqqbRw==
+MIIB6jCCAW6gAwIBAgIBOjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwMwDAYIKoZIzj0E
+AwIFAANoADBlAjBlMU7Fh18cel20P3rY7esvtPLDHQQKWSCO91XHHkZi1zRPq2px
+nwVHayXnOS3CPRsCMQCQDYTyVMS8oEIrm0XPI6HrbCMUq2bhPwaYpelU/asOzYI3
+gOjGCDFHtyedJHVK0rs=
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.eku-cs_any.crt b/tests/data_files/server5.eku-cs_any.crt
index 8fa8632dd0..912d929b19 100644
--- a/tests/data_files/server5.eku-cs_any.crt
+++ b/tests/data_files/server5.eku-cs_any.crt
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB6TCCAW+gAwIBAgIBOzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMDU4WhcNMjQwNDA3MTcyMDU4WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jaDBmMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBkGA1UdJQQSMBAGCCsGAQUFBwMDBgRVHSUAMAoGCCqGSM49
-BAMCA2gAMGUCMQCSYaq/9IKOTkzIrU/eOtpha/3af3JwT6vKh4N3cSX62ksMz0GT
-Uxmq4UGMBt4VmBkCMBGpYqof6hS1o92ltNRpDSHuVQ+nke1lOsoQ1plZp4SI+bY1
-bUD/WrUSLlwikZAeng==
+MIIB8DCCAXSgAwIBAgIBOzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NrMGkwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwHAYDVR0lAQH/BBIwEAYIKwYBBQUHAwMGBFUdJQAwDAYI
+KoZIzj0EAwIFAANoADBlAjEA89+l8gNC0H75Tzdz/75W6EjGSzZ3m50S4cK5jD6+
+ZZLpRcbIqPqMT2MNkCm7ImNpAjAlTkFLVCGnTNX/q7QWOrx8aPXXAeZtY5NFxd66
+EJJb+YHTQ80hZhLWX8/QaAJjniU=
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.eku-srv.crt b/tests/data_files/server5.eku-srv.crt
index 64312f6c49..b173afcdaa 100644
--- a/tests/data_files/server5.eku-srv.crt
+++ b/tests/data_files/server5.eku-srv.crt
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB5DCCAWmgAwIBAgIBPjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMTU0WhcNMjQwNDA3MTcyMTU0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jYjBgMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoGCCqGSM49BAMCA2kA
-MGYCMQDQzjWB0xZs/8IsqJb7owYYtCiT17939Uuc/1yBF69pJRy7KV/qJlHNvlVu
-qwWVTx0CMQDNW/0dlX1gU6ashrZv5Ly4sijg/g645fFpfMKCNXysEb9xiBeEj5de
-2x5sX/0OSx4=
+MIIB6jCCAW6gAwIBAgIBPjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NlMGMwCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYIKoZIzj0E
+AwIFAANoADBlAjEAh+l47FmXR/nUxD8bfnS3sT+QTgc8pXUEqh/gXUs2xINVSoL+
+ZewgcNb2UanzCNheAjAnUY4b0M9YHp/eJjls5RzGX6JXtcWwn9JvO1HqMQnHthcy
+hPEQ3lW7XG0DIQS1drk=
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.eku-srv_cli.crt b/tests/data_files/server5.eku-srv_cli.crt
index 9f58fedd20..be2531ee22 100644
--- a/tests/data_files/server5.eku-srv_cli.crt
+++ b/tests/data_files/server5.eku-srv_cli.crt
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB7DCCAXOgAwIBAgIBPTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDEwMTcyMTQyWhcNMjQwNDA3MTcyMTQyWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jbDBqMAkGA1UdEwQCMAAwHQYD
-VR0OBBYEFFBhpY/UB9nXggEM5WV/jGNGpxO+MB8GA1UdIwQYMBaAFJ1tICRJAT8r
-y3i1Gbx+JMnb+zZ8MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggq
-hkjOPQQDAgNnADBkAjAmQjJxxC82ZhBpH/GQkOQXDmaaV/JHRHGok1cWn3j3Xj8A
-fqRZkp8JihpGIMse208CMFCMdNAfNd1tv+oPuynoK5Oh6/YlASX/otJT68voEIAN
-SmsT1m9VPQMIyUo/3RtYjg==
+MIIB8zCCAXigAwIBAgIBPTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NvMG0wCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MAwGCCqGSM49BAMCBQADZwAwZAIwHu/xjSqHK91yEM+KgEFGU8Xc3o9rEVrCBFeW
+ChIa3slZZdG4OuIm06Tsabf0pBLHAjBYKjoUwWEuDOOQKbbJZG8gKDzMAgEpe/RW
+wAjY7i6CzZ1NKfFQ9fQdwA+yjq2fnlg=
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.ku-ds.crt b/tests/data_files/server5.ku-ds.crt
index 58dd0714b5..dafff9b3d7 100644
--- a/tests/data_files/server5.ku-ds.crt
+++ b/tests/data_files/server5.ku-ds.crt
@@ -1,14 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIICLTCCAbKgAwIBAgIBLTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDA5MDg0ODM1WhcNMjQwNDA2MDg0ODM1WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG
-A1UdDwQEAwIHgDAKBggqhkjOPQQDAgNpADBmAjEAzp4DkFMq7eDB0x5FeS9gYDaG
-Ol8rVnWlRTLQzHZBQjKp+TcBdHZaBPoi8LyXtWA4AjEA6OWhsuTcv/qXOscQT0rL
-eEh8wcCQeJK1uNd78lNvx3W0Pcxdb6cd7AhaAKgXL+r4
+MIIB4zCCAWagAwIBAgIBLTAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgeAMAwGCCqGSM49BAMCBQADaQAw
+ZgIxALHO0QR+4vz+fj4WwBQMa55oJDlp1J0PpqoJYKTf6DRx5rNuZxSbNu2wJQWz
+MJ9ekQIxAMPo/Rhu4e9KRkEf9rYU9Ynd7t9/PCsXw4JZuxZfToURDsrAI/Pnqc0H
+4+FA/EuPJA==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.ku-ka.crt b/tests/data_files/server5.ku-ka.crt
index 2447326c2e..74a4235244 100644
--- a/tests/data_files/server5.ku-ka.crt
+++ b/tests/data_files/server5.ku-ka.crt
@@ -1,14 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIICKzCCAbKgAwIBAgIBLjAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDA5MDg0ODUwWhcNMjQwNDA2MDg0ODUwWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG
-A1UdDwQEAwIDCDAKBggqhkjOPQQDAgNnADBkAjACzKQ88/NvngMQBFc9rC484+gO
-BRkXP28BqRcj8sBt3EfmEGH23BuhkZuB1OFZuMICMC4/pHgbOQtaY9WZPUROUVVZ
-OuO6XsVbhiE0rb/mumqmUwuOrCtC/KFdvFZol4BNGA==
+MIIB4jCCAWagAwIBAgIBLjAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgMIMAwGCCqGSM49BAMCBQADaAAw
+ZQIwCVbbPiS8MJUOz8JBmgLHojKDaJOd4lSfSak0GSl02UjT8OiNyRzA+FlFWO94
+YMjyAjEA14/ubZ1ZW3/0hkiFHzhTD2SXbTfYbhDZSq2PR+9sBlUrrx1GhzWw/cOD
+3jZd4DQO
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server5.ku-ke.crt b/tests/data_files/server5.ku-ke.crt
index 41ae5ada31..6b4e74e240 100644
--- a/tests/data_files/server5.ku-ke.crt
+++ b/tests/data_files/server5.ku-ke.crt
@@ -1,14 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIICKzCCAbKgAwIBAgIBLzAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
-MTQwNDA5MDg0OTA0WhcNMjQwNDA2MDg0OTA0WjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
-CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
-2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgaowgacwCQYDVR0TBAIwADAd
-BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
-PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
-clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAsG
-A1UdDwQEAwIFIDAKBggqhkjOPQQDAgNnADBkAjAMl0Cjv9f45bHeJTul5XpYeJeT
-52ZaOLTa/uTLy948EnEIi6sj3nFb9fvsUbsOOjECMAXAMY64KOqzixefz3y3XS/d
-9miyeArPOmXU2JJ3LGuNbqqj9IbABawB1OD8v8gRmg==
+MIIB4TCCAWagAwIBAgIBLzAMBggqhkjOPQQDAgUAMD4xCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEcMBoGA1UEAwwTUG9sYXJzc2wgVGVzdCBFQyBDQTAe
+Fw0xOTAyMTAxNDQ0MDZaFw0yOTAyMTAxNDQ0MDZaMDQxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO
+5QDYIxH/6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/6NdMFswCQYDVR0TBAIwADAd
+BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wHwYDVR0jBBgwFoAUnW0gJEkB
+PyvLeLUZvH4kydv7NnwwDgYDVR0PAQH/BAQDAgUgMAwGCCqGSM49BAMCBQADZwAw
+ZAIwezTY0tigIg6u1dFl90LHYcZ+lJK4BO5Y6U9pn952NFo24NsL8qnG4nxwsL3M
+VvV7AjBQ+oZyKSyNp8XRAHYC6lERH7/Gh7HrVWyTRo9iPPL6tE4x/jE7jL9ifgl+
+F6982sk=
 -----END CERTIFICATE-----

From e025cb2096c104d96ef51090ecc2ffe18ccf0e1f Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 10:10:39 +0800
Subject: [PATCH 042/264] Add rules to generate cert_example_multi_nocn.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile            | 16 ++++++++++++++++
 tests/data_files/test-ca.opensslconf |  5 +++++
 2 files changed, 21 insertions(+)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 0a32b3b64a..5a56828b06 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -60,6 +60,14 @@ test-ca.key.der: $(test_ca_key_file_rsa)
 	$(OPENSSL) pkey -in $< -out $@ -inform PEM -outform DER -passin "pass:$(test_ca_pwd_rsa)"
 all_final += test-ca.key.der
 
+# This is only used for generating cert_example_multi_nocn.crt
+test-ca_nocn.crt: $(test_ca_key_file_rsa)
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 selfsign=1 \
+		subject_key=$(test_ca_key_file_rsa) subject_pwd=$(test_ca_pwd_rsa)  subject_name="C=NL" \
+		issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) issuer_name="C=NL" \
+		not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
+all_intermediate += test-ca_nocn.crt
+
 test-ca-sha1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
 	$(MBEDTLS_CERT_WRITE) is_ca=1 serial=3 request_file=test-ca.req.sha256 selfsign=1 issuer_name="C=NL,O=PolarSSL,CN=PolarSSL Test CA" issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144400 not_after=20290210144400 md=SHA1 version=3 output_file=$@
 all_final += test-ca-sha1.crt
@@ -99,6 +107,14 @@ parse_input/cert_example_multi.crt cert_example_multi.crt: cert_example_multi.cs
 		-passin "pass:$(test_ca_pwd_rsa)" -set_serial 17 -days 3653 -sha256 \
 		-in $< > $@
 
+cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem
+	$(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL'
+all_intermediate += cert_example_multi_nocn.csr
+
+cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt
+	$(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" -set_serial  0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@
+all_final += cert_example_multi_nocn.crt
+
 parse_input/test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem
 	$(OPENSSL) req -new -subj '/CN=etcd' -config $(test_ca_config_file) -key rsa_pkcs1_1024_clear.pem -outform DER -out $@ -reqexts csr_ext_v3_keyUsage
 parse_input/test_csr_v3_subjectAltName.csr.der: rsa_pkcs1_1024_clear.pem
diff --git a/tests/data_files/test-ca.opensslconf b/tests/data_files/test-ca.opensslconf
index 434876c83c..0340e9e276 100644
--- a/tests/data_files/test-ca.opensslconf
+++ b/tests/data_files/test-ca.opensslconf
@@ -41,6 +41,11 @@ DNS.3=*.example.org
 [multiple_san]
 subjectAltName=@alt_names
 
+[ext_multi_nocn]
+basicConstraints = CA:false
+keyUsage = digitalSignature, nonRepudiation, keyEncipherment
+subjectAltName = DNS:www.shotokan-braunschweig.de,DNS:www.massimo-abate.eu,IP:192.168.1.1,IP:192.168.69.144
+
 [hw_module_name]
 hwtype = OID:1.3.6.1.4.1.17.3
 hwserial = OCT:123456

From 0d545a18157f047771934e3cd55c546eb081fb90 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 18 May 2023 10:11:30 +0800
Subject: [PATCH 043/264] Update cert_example_multi_nocn.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/cert_example_multi_nocn.crt | 23 +++++++++++---------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/tests/data_files/cert_example_multi_nocn.crt b/tests/data_files/cert_example_multi_nocn.crt
index 1634846e1b..08bf63c9d2 100644
--- a/tests/data_files/cert_example_multi_nocn.crt
+++ b/tests/data_files/cert_example_multi_nocn.crt
@@ -1,13 +1,16 @@
 -----BEGIN CERTIFICATE-----
-MIIB/TCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV
-BAYTAk5MMB4XDTE0MDEyMjEwMDQzM1oXDTI0MDEyMjEwMDQzM1owDTELMAkGA1UE
-BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2pt
-WZftTslU5A3uzqB9oB6q6A7CuxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNz
-UnlGGrqgVyt2FjGzqK/nOJsIi2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ
-81kybdHg6G3eUu1mtKkL2kCVAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD
+MIICfjCCAWagAwIBAgIJAPfGf/jpqWP5MA0GCSqGSIb3DQEBBQUAMA0xCzAJBgNV
+BAYTAk5MMB4XDTIzMDUxODAyMDUwMVoXDTMzMDUxODAyMDUwMVowDTELMAkGA1UE
+BhMCTkwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMc4ksXD9HAQCGv4EzXs
+8wEciiUPlYI2HqoelhJVGqz4e3UzC3BXM5zZlfFNTEQ3yL7EoD/kZDzT88kCQz3D
+fFuOeaoJhK6CEzcKv4VpvSo1Ymyx/uSs4EKyQXx75J0nFJssB2uOQz0/bHY6Rpoc
+cA0lnbwIx0D82AI3Yv996/wtAgMBAAGjZTBjMAkGA1UdEwQCMAAwCwYDVR0PBAQD
 AgXgMEkGA1UdEQRCMECCHHd3dy5zaG90b2thbi1icmF1bnNjaHdlaWcuZGWCFHd3
-dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4GB
-ABjx1ytrqCyFC5/0cjWnbLK9vsvLny2ZikDewfRxqJ5zAxGWLqHOr1SmUmu2DrvB
-bkT9g5z19+iMhPnzJz1x7Q2m7WTIJTuUPK+hKZJATDLNhZ86h5Nkw8k9YzKcOrPm
-EIqsy55CSgLU0ntljqSBvSb4ifrF1NnIWej2lSfN6r+3
+dy5tYXNzaW1vLWFiYXRlLmV1hwTAqAEBhwTAqEWQMA0GCSqGSIb3DQEBBQUAA4IB
+AQAuomKlMLwSkP3zvGuA9awDdITM/uCzfd77yi60zMNtFHDMu2YZ2npQSl0czab6
+/8fX9goaU8V3cx4KXSLMx7i9AsP1r559Uo3c/4oTZd3xBsElMAn/TXiuujZ2RwdL
+RcMOJerlThOE0dtNdniJj7lPaan70CELP/CUn8KgeWgztQJj4ghfUwnLn6RnpLfl
+YyM/Xq2YbwnQWHXSe3CPTy5RCWalt3SgZf6IDcD6CNq1Q2l14iR78OWnlxGTFmjP
+ez3OzxNT2BZz0AiP0WvTbUtvfuxw9G3fHHe5ClsAopIA3tD246jHOAlqAnOEBC/x
+IABbWjY/briP9U4R6x+mg2ck
 -----END CERTIFICATE-----

From 0efdfcbfd3ca6bdcf42d94bde297913b6884ea01 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 18 May 2023 11:14:23 +0800
Subject: [PATCH 044/264] Update v1 crt files

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile             | 44 ++++++++++++++++-
 tests/data_files/server1-v1.crt       | 34 +++++++-------
 tests/data_files/server2-v1-chain.crt | 68 +++++++++++++--------------
 tests/data_files/server2-v1.crt       | 34 +++++++-------
 tests/data_files/test-ca-v1.crt       | 34 +++++++-------
 5 files changed, 127 insertions(+), 87 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 5a56828b06..107eb67d3b 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1628,8 +1628,13 @@ server1.v1.der.openssl: server1.v1.crt.openssl
 crl.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file)
 	$(OPENSSL) ca -gencrl -batch -cert $(test_ca_crt) -keyfile $(test_ca_key_file_rsa) -key $(test_ca_pwd_rsa) -config $(test_ca_server1_config_file) -md sha1 -crldays 3653 -out $@
 
-crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) $(test_ca_config_file) test-ca.server1.future-crl.db  test-ca.server1.future-crl.opensslconf
-	$(FAKETIME) '2028-12-31' $(OPENSSL) ca -gencrl -config test-ca.server1.future-crl.opensslconf -crldays 365 -passin "pass:$(test_ca_pwd_rsa)" -out $@
+crl-futureRevocationDate.pem: $(test_ca_crt) $(test_ca_key_file_rsa) \
+							  $(test_ca_config_file) 				\
+							  test-ca.server1.future-crl.db  \
+							  test-ca.server1.future-crl.opensslconf
+	$(FAKETIME) -f '+10y' $(OPENSSL) ca -gencrl \
+		-config test-ca.server1.future-crl.opensslconf -crldays 365 \
+		-passin "pass:$(test_ca_pwd_rsa)" -out $@
 
 server1_all: crl.pem crl-futureRevocationDate.pem server1.crt server1.noauthid.crt server1.crt.openssl server1.v1.crt server1.v1.crt.openssl server1.key_usage.crt server1.key_usage_noauthid.crt server1.key_usage.crt.openssl server1.cert_type.crt server1.cert_type_noauthid.crt server1.cert_type.crt.openssl server1.der server1.der.openssl server1.v1.der server1.v1.der.openssl server1.key_usage.der server1.key_usage.der.openssl server1.cert_type.der server1.cert_type.der.openssl
 
@@ -1922,6 +1927,41 @@ pkcs7_data_cert_signeddata_sha256.der: pkcs7_data_cert_signed_sha256.der
 	dd if=pkcs7_data_cert_signed_sha256.der of=$@ skip=19 bs=1
 all_final += pkcs7_data_cert_signeddata_sha256.der
 
+# - test-ca-v1.crt: v1 "CA", signs
+#     server1-v1.crt: v1 "intermediate CA", signs
+#         server2-v1*.crt: EE cert (without of with chain in same file)
+
+test-ca-v1.crt: $(test_ca_key_file_rsa) test-ca.req.sha256
+	$(MBEDTLS_CERT_WRITE) is_ca=1 serial_hex=53a2b68e05400e555c9395e5 \
+		request_file=test-ca.req.sha256 \
+		selfsign=1 issuer_name="CN=PolarSSL Test CA v1,OU=testing,O=PolarSSL,C=NL" \
+		issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144400 not_after=20290210144400 md=SHA256 version=1 \
+		output_file=$@
+all_final += test-ca-v1.crt
+
+server1-v1.crt: server1.key test-ca-v1.crt
+	$(MBEDTLS_CERT_WRITE) subject_key=$< serial_hex=53a2b6c704cd4d8ebc800bc1\
+		subject_name="CN=server1/int-ca-v1,OU=testing,O=PolarSSL,C=NL"  \
+		issuer_crt=test-ca-v1.crt issuer_key=$(test_ca_key_file_rsa) \
+		issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=1 \
+		output_file=$@
+all_final += server1-v1.crt
+
+server2-v1.crt: server2.key server1-v1.crt
+	$(MBEDTLS_CERT_WRITE) subject_key=$< serial_hex=53a2b6d9235dbc4573f9b76c\
+		subject_name="CN=server2,OU=testing,O=PolarSSL,C=NL"  \
+		issuer_crt=server1-v1.crt issuer_key=server1.key \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=1 \
+		output_file=$@
+all_final += server2-v1.crt
+
+server2-v1-chain.crt: server2-v1.crt server1-v1.crt
+	cat $^ > $@
+
 ################################################################
 #### Diffie-Hellman parameters
 ################################################################
diff --git a/tests/data_files/server1-v1.crt b/tests/data_files/server1-v1.crt
index 47f1fff1cd..8ca90078b8 100644
--- a/tests/data_files/server1-v1.crt
+++ b/tests/data_files/server1-v1.crt
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
-ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK
-EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0
-MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV
-BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
-v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
-Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
-XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
-65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
-cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
-ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw
-WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/
-WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3
-G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz
-IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP
-krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA==
+MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
+DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK
+DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw
+MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH
+dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF
+kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185
+fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT
+xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc
+/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O
+vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G
+CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb
+TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN
+lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT
+Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW
+aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ
+egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server2-v1-chain.crt b/tests/data_files/server2-v1-chain.crt
index 84bb6b2b93..8ac003b301 100644
--- a/tests/data_files/server2-v1-chain.crt
+++ b/tests/data_files/server2-v1-chain.crt
@@ -1,38 +1,38 @@
 -----BEGIN CERTIFICATE-----
-MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
-ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI
-UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2
-MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx
-ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI
-p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj
-+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ
-4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva
-i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P
-6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B
-AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG
-3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc
-ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF
-53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW
-GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3
-o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw==
+MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
+DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI
+UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0
+NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G
+A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r
+lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2
+2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ
+Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i
+GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb
+y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA
+A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3
+CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa
+zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ
+8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z
+UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6
+VA+fctBdN0CW4jo+qkOif0l/F8Az
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDITCCAgkCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
-ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK
-EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA5MTFaGA8yMDI0
-MDYxODEwMDkxMVowTjEaMBgGA1UEAxMRc2VydmVyMS9pbnQtY2EtdjExEDAOBgNV
-BAsTB3Rlc3RpbmcxETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6J
-v7joRZDb7ogWUtPxQ1BHlhJZZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVB
-Q3dfOXwJBEeCsFc5cO2j7BUZHqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYEl
-XwqxU8YwfhU5rPla7n+SnqYFW+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk
-65Wb3P5BXhem2mxbacwCuhQsFiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZP
-cG6ezr1YieJTWZ5uWpJl4og/DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEA
-ATANBgkqhkiG9w0BAQsFAAOCAQEAPJl3fbVeTJ6gVAvCoLYM8JY5U7ZhrCCdBghw
-WuZBS/TWwf4WLP0G/ZtTyTOENcT0gWHf0/VnXtNPw2/yBjWsLtTXxN2XQlEVf3j/
-WcQxWgSESYdx/sT/uTW6qihuONPWkTQizmx7OG6vBuGx3g54s9/oeJKXOraNqud3
-G4KBrytOazliMfoKO2hnzaeydpaDtb2tZX8apN/6KqQpTAcXsWrZRW9XEHWq2sNz
-IR1nIE1F/9gnqi9Xy0HQprteLRUvM4tEQ35m4H20eS5Y9gJlE/DqXmMQ7aiU8DgP
-krj+Z18pcrssO+Etv0BOiPjmU9TWWpDMj34ef7U/OH5qJxkSrA==
+MIIDHTCCAgUCDFOitscEzU2OvIALwTANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
+DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK
+DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDA2WhcNMjkwMjEw
+MTQ0NDA2WjBOMRowGAYDVQQDDBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwH
+dGVzdGluZzERMA8GA1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhF
+kNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185
+fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFT
+xjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc
+/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7O
+vViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABMA0G
+CSqGSIb3DQEBCwUAA4IBAQBrdYAEzdH6ryyYaolYvp8Fvq0wZxp6Bdcxvi0LUGmb
+TdWcNrPU9IYASc5QSrSWPj0c9vhLVbDZAONfn92thi7C2zQXok2Q3jW038ycNSXN
+lVxFkdY4GYa3E6Og1LVIySyzfyyNuHKKWbB5wZCWbzOgu2Q1MHSNvPhKjbDhyGtT
+Mq3Qy6TyzUFbXMRBixcJC/Cy4zsqvWBanVtBmwlvgE4Q50CUgybzSEIL5j+aPLuW
+aj8j2NRB2+7vPeoWd8ry5YxEKB3DRuXHHyyFnT5O8MpWuCl764qFMc8S/i7yVcmZ
+egZQw0dCmE5J4EGX0BEQEM24ll2e8SxL351hbCQ+EfvF
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server2-v1.crt b/tests/data_files/server2-v1.crt
index 7ef7968f59..990cd4b523 100644
--- a/tests/data_files/server2-v1.crt
+++ b/tests/data_files/server2-v1.crt
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDFTCCAf0CDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
-ExFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECxMHdGVzdGluZzERMA8GA1UEChMI
-UG9sYXJTU0wxCzAJBgNVBAYTAk5MMCIYDzIwMTQwNjE5MTAwOTI5WhgPMjAyNDA2
-MTgxMDA5MjlaMEQxEDAOBgNVBAMTB3NlcnZlcjIxEDAOBgNVBAsTB3Rlc3Rpbmcx
-ETAPBgNVBAoTCFBvbGFyU1NMMQswCQYDVQQGEwJOTDCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTNowCI
-p+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKzNtSj
-+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kMtQCQ
-4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8PhYva
-i0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjyaHT4P
-6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAATANBgkqhkiG9w0B
-AQsFAAOCAQEAivCCMBfC5YNeozwp8vAWpiRUakhtO8ysvCfQsZD4tWLlSkrjoUtG
-3RNd9gDVDGb852GswtNMKHJC1AeZuXdh3eBoDBNTXnR/9UkHgWNBy5f+JH2irYrc
-ps5ofpYJZe7K6xQjl+RLc8nfUUaVfS3dJnyLr9k5kg4in48p+hEF6oXDBu2zdufF
-53k/U98FTvFkVisEDFzLXyKX0fAZxfMk4qnEoBflH4fEXfkuuaBUVdoGGIMRLNAW
-GIyRxr+zj+OJL+ZjjAkY4JqtEuUuLjODn//DHI/MkqE0LANOvbb4akpgZsyvSSO3
-o38d1wQHw5+bO+YDqdfIdQXguU5mtS1xAw==
+MIIDETCCAfkCDFOittkjXbxFc/m3bDANBgkqhkiG9w0BAQsFADBOMRowGAYDVQQD
+DBFzZXJ2ZXIxL2ludC1jYS12MTEQMA4GA1UECwwHdGVzdGluZzERMA8GA1UECgwI
+UG9sYXJTU0wxCzAJBgNVBAYTAk5MMB4XDTE5MDIxMDE0NDQwNloXDTI5MDIxMDE0
+NDQwNlowRDEQMA4GA1UEAwwHc2VydmVyMjEQMA4GA1UECwwHdGVzdGluZzERMA8G
+A1UECgwIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r
+lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2
+2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ
+Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i
+GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb
+y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABMA0GCSqGSIb3DQEBCwUA
+A4IBAQBmzdRQV8c0AbT8+IlPf7EpzfdhBwBtDj7N8GPEHL+NqS1hHt7TH3L7jBN3
+CqLUgrAP1LFmQrjW5IPZYNZEA+LxMMjAehvOH71pBsFGvQOpx2CwmqM86s9FIgIa
+zob7L34+xVEZfmR09PsLiT7gF13ht0HkvVZ2haBU0k3vV97aEVvPtbqrlR6RfLrZ
+8nXBFt5CkzGxepS4wBCW4TrGXxpMJ0WnnhcLJVnExUd6YbzGP+ewXCKegD1wDX6z
+UsEVGDQV97u3tszF43kx0nu/Q5DYMCqJV0kpIsMB467xPnNqyMdGtTbZq2Is8oj6
+VA+fctBdN0CW4jo+qkOif0l/F8Az
 -----END CERTIFICATE-----
diff --git a/tests/data_files/test-ca-v1.crt b/tests/data_files/test-ca-v1.crt
index e5a3b1cde4..2f10f6d860 100644
--- a/tests/data_files/test-ca-v1.crt
+++ b/tests/data_files/test-ca-v1.crt
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDIzCCAgsCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
-ExNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLEwd0ZXN0aW5nMREwDwYDVQQK
-EwhQb2xhclNTTDELMAkGA1UEBhMCTkwwIhgPMjAxNDA2MTkxMDA4MTRaGA8yMDI0
-MDYxODEwMDgxNFowUDEcMBoGA1UEAxMTUG9sYXJTU0wgVGVzdCBDQSB2MTEQMA4G
-A1UECxMHdGVzdGluZzERMA8GA1UEChMIUG9sYXJTU0wxCzAJBgNVBAYTAk5MMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN83/Be74JadP4beljJ9RKUW
-oM0h8ZnU7OrLfBhYCJSl7JvFi98aHpk4mYcee8CNOd84XXB4B9Oe2ZPouXJRxc6j
-MFKp8udAcBTLRKJyC8LlQPk+5aYOs/nsSmPAuCkAdJxXO6ilBJBx8b2D2T/WpeI8
-Ko/vJ2DDxp/LuuxgfbfmhDK+T/tYJiIDW9S01fv145YucMDkLr38Lu7iQVXANC59
-JHJpy0exFECDfWf0hvYxq/F5pLK1LhL5hBfwYm8nPhNYsVQNIZpzN6Ewz2+S3Pbp
-/KzbLijRfgJLI6AV8jhlZAnqDG6OGxegccizm8mr6cPyz4eWj4ACMp6ZWG+i1QID
-AQABMA0GCSqGSIb3DQEBCwUAA4IBAQBoXC5AlXI5azyOPvmNse2qHhO7BrXOEjH+
-9g5P/VsrVADhsUGv6x0A2oLoWXtOjGDIWWH53BWHkCUCu4T5D5C6+I47rXWl4pAr
-J+h+tQVZo6J0AJxfPse/NnrjsboUSWhunmo/iTrU6S4KJBguIKP6T1DZoD/8EYgU
-x+fXDmvRO+MTesWDiY+p+FHEzsu3b9EBtG9dUiR/zzXi/ktFCfrgstKGSuW6+j7m
-lcduTxsogi6Uc3tWKtn6qpSGR0uBoCz6emFO7Smmy/tIyVA88lH0+3UnxOvu4TAK
-uvjYkOcZqhprDiMfhxBB7pxbfiviEANTbgSfCtZewSNz2RUJ9ocy
+MIIDHzCCAgcCDFOito4FQA5VXJOV5TANBgkqhkiG9w0BAQsFADBQMRwwGgYDVQQD
+DBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQLDAd0ZXN0aW5nMREwDwYDVQQK
+DAhQb2xhclNTTDELMAkGA1UEBhMCTkwwHhcNMTkwMjEwMTQ0NDAwWhcNMjkwMjEw
+MTQ0NDAwWjBQMRwwGgYDVQQDDBNQb2xhclNTTCBUZXN0IENBIHYxMRAwDgYDVQQL
+DAd0ZXN0aW5nMREwDwYDVQQKDAhQb2xhclNTTDELMAkGA1UEBhMCTkwwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
+mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
+50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
+YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
+R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
+KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAEw
+DQYJKoZIhvcNAQELBQADggEBAAtVAWmbymwKDj9v8m7SVLHF0mw4i3gBFVPJqYRQ
+y9CnUD68kUr4qK7wyQIv/gDRYuqZVNnBq4Jwzm+tPEBHpYAF5H/7Mynpb4h+uZ3a
+6kaWURXKzx53ZuFHLu1FuRov+SZU3ZtXClTYFKeyDb+fcth/8thR9V59v7ZE7zlb
+8zbyL+dqfyxvmxZCUzHbNKVrliiUUFXfW53T+B7Ysxner5mnqM1aPxckhXVHEJ47
+TBoIhpBoJ/HmHCiWz8BeoowSpG7u+QOezIKk8l5Pd2f8MeqwyaqIeAy0lh2nP7pB
+UtWET/0bsdiPn8SR9B3hWpKUDRvnHDDZuZiKtrdDEqsD04M=
 -----END CERTIFICATE-----

From 4ca9520582dd457a6fe6ad64ebf2ac7370779994 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 18 May 2023 17:32:29 +0800
Subject: [PATCH 045/264] Update server1-nospace.crt

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile            | 10 ++++++++++
 tests/data_files/server1-nospace.crt | 25 ++++++++++++-------------
 2 files changed, 22 insertions(+), 13 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 107eb67d3b..0ca345b30e 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1570,6 +1570,16 @@ server1.ca.der: server1.ca.crt
 	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
 all_final += server1.ca.crt server1.ca_noauthid.crt server1.ca.der
 
+server1-nospace.crt: server1.key test-ca.crt
+	$(MBEDTLS_CERT_WRITE) subject_key=$< serial=31\
+		subject_name="C=NL,O=PolarSSL,CN=polarssl.example"  \
+		issuer_crt=test-ca.crt issuer_key=$(test_ca_key_file_rsa) \
+		issuer_pwd=$(test_ca_pwd_rsa) \
+		not_before=20190210144406 not_after=20290210144406 \
+		md=SHA256 version=3 authority_identifier=1 \
+		output_file=$@
+all_final += server1-nospace.crt
+
 server1_ca.crt: server1.crt $(test_ca_crt)
 	cat server1.crt $(test_ca_crt) > $@
 all_final += server1_ca.crt
diff --git a/tests/data_files/server1-nospace.crt b/tests/data_files/server1-nospace.crt
index 932c236a5d..4c3cb90191 100644
--- a/tests/data_files/server1-nospace.crt
+++ b/tests/data_files/server1-nospace.crt
@@ -1,21 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIIDhDCCAmygAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwMzI2MDkyMzEyWhcNMjQwMzIzMDkyMzEyWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G
+MIIDPjCCAiagAwIBAgIBHzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDA2WhcNMjkwMjEwMTQ0NDA2WjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEHBvbGFyc3NsLmV4YW1wbGUwggEiMA0G
 CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpAh89QGrVVVOL/TbugmUuFWFeib+4
 6EWQ2+6IFlLT8UNQR5YSWWSHa/0r4Eb5c77dz5LhkVvtZqBviSl5RYDQg2rVQUN3
 Xzl8CQRHgrBXOXDto+wVGR6oMwhHwQVCqf1Mw7Tf3QYfTRBRQGdzEw9A+G2BJV8K
 sVPGMH4VOaz5Wu5/kp6mBVvnE5eFtSOS2dQkBtUJJYl1B92mGo8/CRm+rWUsZOuV
 m9z+QV4XptpsW2nMAroULBYknErczdD3Umdz8S2gI/1+9DHKLXDKiQsE2y6mT3Bu
 ns69WIniU1meblqSZeKIPwyUGaPd5eidlRPtKdurcBLcWsprF6tSglSxAgMBAAGj
-gZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQUH3TWPynBdHRFOwUSLD2ovUNZAqYw
-YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
-Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBD
-QYIBADANBgkqhkiG9w0BAQsFAAOCAQEAXs4vQqlIlxrMbE6IwAHLcGJuz17Ru/en
-H9bUnnSh1pxa+NHMKZHBG3GT0iaxsVtXf56/tXH4+HL7ntJjrczGN1PbhMGPyt94
-556ZgDxkHT9k7KjPAIs9BrjFHvl9NyIZzcbwkiC0qGvdzjSfe3AiSYuhXI/9/Hog
-uUwReH+T2U/ICEHQ5O8aV5nvpgqL3EeEmyx3bu+YXtZMWQUYzX+ya4TnKVPdqwbf
-ebr6v1hLXrUFl6rZ3wEJ6MqUW3SGZRkCVNZUOD6Ky3+EiLwYFhuKGdFqSS0JAAD7
-ZO3yPu5hu3BhAQYavK4Yyfi9IQmubBqxopPwyzjG1HPw2lj+oapH0w==
+TTBLMAkGA1UdEwQCMAAwHQYDVR0OBBYEFB901j8pwXR0RTsFEiw9qL1DWQKmMB8G
+A1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEBCwUAA4IB
+AQC8fX3ZiHu6GoYBB5Vo1l6CXXDhHB6r43Pp+BHoOCouiiy4useiPLu5S84gmNoC
+v8ZR+b9lAaysCMHAbth9vgtW+aXckBY6xKo8CsmGXcqZqujD6qrDif5q6UpXa4Oe
+fr6ITkecY4Z9oN/aN5el5zzUd5zkoyQDI5Bn1gMdvV7AwM7Haq+5gTFwM7HJnphz
+GZ8GLxWU1dWeAfsGm58ey6J28OjIkmfP3yL/kBKMhiQZydbH9Y8Yal7YwhayXxES
+i7YwhNmPcGAgDBm5Sno7BvHiIqsNX1sssC3aZUaZvldJGY+4Y9fFZHenBwTREj/S
+CnEgazC2RJ3kYg3mP/QhE0US
 -----END CERTIFICATE-----

From b5ac935e44dccb38e3b9e318aef3fce9074642ad Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Wed, 17 May 2023 15:02:08 +0800
Subject: [PATCH 046/264] Add rules to generate server9*.crt

Except for server9-bad-saltlen.crt and
server9-bad-mgfhash.crt.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 41 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 0ca345b30e..e5d9e1a2d0 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -532,6 +532,46 @@ test-int-ca3-badsign.crt: test-int-ca3.crt
 	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
 all_final += test-int-ca3-badsign.crt
 
+# server9*
+
+server9.csr: server9.key
+	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+					-key $< -out $@
+server9.crt: server9-sha1.crt
+	cp $< $@
+all_final += server9.crt
+all_intermediate += server9.csr server9-sha1.crt
+
+server9-%.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial $(SERVER9_CRT_SERIAL) -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
+		-sigopt rsa_mgf1_md:$(@:server9-%.crt=%) -$(@:server9-%.crt=%) \
+		-in $< -out $@
+server9-sha1.crt: SERVER9_CRT_SERIAL=22
+server9-sha224.crt: SERVER9_CRT_SERIAL=23
+server9-sha256.crt: SERVER9_CRT_SERIAL=24
+server9-sha384.crt: SERVER9_CRT_SERIAL=25
+server9-sha512.crt: SERVER9_CRT_SERIAL=26
+all_final += server9-sha224.crt server9-sha256.crt server9-sha384.crt server9-sha512.crt
+
+server9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial 72 -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max -sha1 \
+		-in $< -o $@
+all_final += server9-defaults.crt
+
+server9-badsign.crt: server9.crt
+	{ head -n-2 $<; tail -n-2 $< | sed -e '1s/0\(=*\)$$/_\1/' -e '1s/[^_=]\(=*\)$$/0\1/' -e '1s/_/1/'; } > $@
+all_final += server9-badsign.crt
+
+server9-with-ca.crt: server9.crt $(test_ca_crt)
+	cat $^ > $@
+all_final += server9-with-ca.crt
+
 # server10*
 
 server10.crt: server10.key test-int-ca3.crt test-int-ca3.key
@@ -1482,6 +1522,7 @@ server6-ss-child.crt: server6-ss-child.csr server5-selfsigned.crt server5.key se
 				-days 3650 -sha256 -in $< -out $@
 all_final += server6-ss-child.crt
 
+
 ################################################################
 ### Generate certificates for CRT write check tests
 ################################################################

From 8c40c573b2ac678efd34ba02e6e6e8791784891d Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 29 May 2023 14:49:17 +0800
Subject: [PATCH 047/264] Add server9-bad-{mgfhash,saltlen}.crt

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index e5d9e1a2d0..6239c97ed6 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -572,6 +572,25 @@ server9-with-ca.crt: server9.crt $(test_ca_crt)
 	cat $^ > $@
 all_final += server9-with-ca.crt
 
+# FIXME: this file expected a bad-saltlen, but it create a good saltlen.
+server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial 24 -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
+		-sigopt rsa_mgf1_md:sha256 -sha256 \
+		-in $< -out $@
+all_final += server9-bad-saltlen.crt
+
+server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
+	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
+		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
+		-set_serial 24 -days 3653 \
+		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
+		-sigopt rsa_mgf1_md:sha224 -sha256 \
+		-in $< -out $@
+all_final += server9-bad-mgfhash.crt
+
 # server10*
 
 server10.crt: server10.key test-int-ca3.crt test-int-ca3.key

From 4ad45c01b90955f2704da1fa5d22434fd95e3a21 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 29 May 2023 15:15:02 +0800
Subject: [PATCH 048/264] Update server9*.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/server9-bad-mgfhash.crt |  37 ++++----
 tests/data_files/server9-bad-saltlen.crt |  37 ++++----
 tests/data_files/server9-badsign.crt     |  26 +++---
 tests/data_files/server9-defaults.crt    |  27 +++---
 tests/data_files/server9-sha224.crt      |  37 ++++----
 tests/data_files/server9-sha256.crt      |  37 ++++----
 tests/data_files/server9-sha384.crt      |  37 ++++----
 tests/data_files/server9-sha512.crt      |  37 ++++----
 tests/data_files/server9-with-ca.crt     | 110 ++++++-----------------
 tests/data_files/server9.crt             |  26 +++---
 10 files changed, 178 insertions(+), 233 deletions(-)

diff --git a/tests/data_files/server9-bad-mgfhash.crt b/tests/data_files/server9-bad-mgfhash.crt
index 34ef69e031..ad299423b0 100644
--- a/tests/data_files/server9-bad-mgfhash.crt
+++ b/tests/data_files/server9-bad-mgfhash.crt
@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgSiBAICAN4DggEBAIfliohNjz4CLGbHWgWRBFQ3
-Difn027ZnULTvokT67ii1sJzESzqaIakyyu8GRwfoFRNh/rbGfe4C6e9SkwKbnDg
-WE9SWbK6ukIQbMy69C+CVqFlRUHbONw/dmcneAWyZYGx/2Sf4D5kkpIWNDBeKuaV
-H69XPZCeN3QAACmdAfo4NYW0I69a1OSaUrTyGT1nBOrzQ8Y0aJBnCJAte49bhQEW
-KJv0kMj+8ZG1X0RoSdklf3GqdLUbsfJ2txu14GGAxy4C1gl2JWzoBHN5LMLf0cZ9
-uEYui7N/5bkSv8KXdbGvSzgn6zZ0MiCJMiiGEf0L1FxBiBCVsK4C2idpiZH+e28=
+MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDeMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwODM5NDhaFw0zMzA1MTcwODM5NDhaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lfp869UTBj
+BgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMC
+TkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENB
+ggEDMAkGA1UdEwQCMAAwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA3gOCAQEAaQlf1GPhvPHp
+hFgTdIB5x5zACVb4a4ONuySVckfMpWk2nlkRSu3Kgv4j8l/jfNpfr+we4lG72xEn
+FV3em8dEzxvXd5jXCfR/hWJKYVoWh0055qWw7FpG20vRFKttU8UFclL7KvMs4InZ
+vDpbPs5EwBQXTg/manL9TD9t/zqWAUJj1yHWiIISYzfWmsaoTi8jNxSR1+lkmPPP
+ZWQwyUJrh82Mw3VwNGxXOfpGIwmjXPia8MafjjH/RtHNx7ukCk+6q1ZlH57NolZJ
+dlQTJv21+vxyYr6GZdHXzdJwWMnFSof6VGwayNzetSnVhJb0SQqTBt8Vu5xQtXGa
+QcCjGyCAIg==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-bad-saltlen.crt b/tests/data_files/server9-bad-saltlen.crt
index f4da8832ff..78298e98b9 100644
--- a/tests/data_files/server9-bad-saltlen.crt
+++ b/tests/data_files/server9-bad-saltlen.crt
@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAE7T54cyUf0ByNr34JaojFam
-hV0T9QSc4wJ17sX67rxYIorXU8MynaneJzFxD9utOD3dq2TON18VswhT2McDgefl
-XMwivCC0nWod8Pk638QaHxbaqC7XSq0QRBfOMXwV7knLNxI8smc9UJaco39VEcGD
-yCkq4By/VCWTpvJ+1hx4zZ8WoXpFJFM5m5y9oEz4lgNv/6Wu7ILztyOk2yJiSR8r
-YooC4zVeUOZuDO6At/NXZuSvmKmr+tfFrFA1AA/7yR5odQbqFVNSJ+u0x1Jv8Ra6
-JXA4cXsnaDaRe+Wm0L0p+2PtQWXE5npXYIbFHAA9EOC3Ab8oaP9M/F6yQMa/2is=
+MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwODMzNDJaFw0zMzA1MTcwODMzNDJaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lfp869UTBj
+BgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMC
+TkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENB
+ggEDMAkGA1UdEwQCMAAwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEALIe0VtQaT92x
+fNkzIdRHkv+3C6P4URzFP9cBMm+ulX86ld/Szl4J2eUywtzQz22UZE5ZT23xutCx
+pUC3AZyzRNiDAdsPvofvf88MJtxDROe7v/MgmXqKxx2t+/N62Mf2mzd9Wu9ibBcO
+DrawRQtlUgUkwlzdTtWUxu/VYMEhdeXMPHRSzX0ODAQOA9EydR/BvPmuvMYIvb8M
+L1ifzupTm+W92v6kB1AmEXjtvcPEba6rvfZylKISJPmRH3wTdt1+s/1j/PjdUfIa
+WbjiucXRSk3NBsza+w5cS4CQu3dbZaY2lBhBkoWvxZm+XU4mfxmjCW6jl59NAmMD
+X7c2Uua8SA==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-badsign.crt b/tests/data_files/server9-badsign.crt
index 9e565419ee..8656b1a47a 100644
--- a/tests/data_files/server9-badsign.crt
+++ b/tests/data_files/server9-badsign.crt
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
 MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
-EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg
-Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO
-TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq
+EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg
+Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq
 hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
 HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
 r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
-qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ
-wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w
-OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh
-clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR
-vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6
-te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW
-Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj
-88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw
-JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1
-o4Hl/lqjwCFG
+qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6
+imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344
+/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy
+SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7
+loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP
+Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi
+UYUZ4RiwG1/0
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-defaults.crt b/tests/data_files/server9-defaults.crt
index 4ce5c87326..8613f5237f 100644
--- a/tests/data_files/server9-defaults.crt
+++ b/tests/data_files/server9-defaults.crt
@@ -1,19 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIDBjCCAe6gAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTQwNjA1MTU1NjUzWhcNMjQwNjAyMTU1NjUzWjA0MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B
+MIIC+TCCAeGgAwIBAgIBSDANBgkqhkiG9w0BAQowADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MjMwNTE3MDcxMDM3WhcNMzMwNTE3MDcxMDM3WjA0MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0B
 AQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2gHqroDsK7
 E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOor+c4mwiL
 Y5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0qQvaQJUC
-AwEAAaOBnzCBnDAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lf
-p869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkG
-A1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBU
-ZXN0IENBggEAMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQowAAOCAQEAGUdim4uy
-/rBDFMF8qhjH1qsv0o8ON4HgP3YXbdKdIMfd+p5KtoqHQnrkixWxaIvfORnR4mGm
-f8H5BimwIkNLxy7zS88TVDOYel8g7B2yl0nq4biki83NStNBYZJjxKT0ud5O5mGd
-jHdy9vTEc7h8q+SHzRdgpNFXyKY5OQYng1LHco8h1UR8/nmPMuDtocHMnmMXu68a
-69+TtZxx90/V4gJZOoL1iCi8HEsKoJzm/L8ji54OYt7FxgFfE3VmLsXeMaWYO8GS
-BUxh5kqZ25O8hQXK5ywfuVK83Do/SsoClbgx9mboybseGVFIJaxs9e66GFDMoI3B
-09JqWv4DoLNnwg==
+AwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEwYwYDVR0j
+BFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREw
+DwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBDQYIBAzAJ
+BgNVHRMEAjAAMA0GCSqGSIb3DQEBCjAAA4IBAQASsc5y7sDP4prOLGAl2EB5d+Gg
+w/Vk9+g3KXpeIUCL6gmECNLENmmBe6zZR8/Ax6R1hUe/Cbflepxsx627Eg29NCZK
+Bo/AQoz658kwEzr4jhF8M6y9sdsf5/OauoRxDLcMEywIkgmuFvZIpyEwXix6arsK
+mNWnW0FwSr2NaXozD7OquGwTEAvAbtei+5JAeVvvGi1u32D2JPVHk3zv05LXtx8b
+8bEmzZLthFk3GbSkGHC3K5rjNgTMwY0BhNBW6qFyY5mL0bHVDbZQxD9RRwDifGty
+fTo7odJDAHU1xucWF6dOU5nAqiFKlc3eITdBKt+d10yBSr7qXciHkHpAzCvh
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-sha224.crt b/tests/data_files/server9-sha224.crt
index 1b05f313a4..ed648c8c0e 100644
--- a/tests/data_files/server9-sha224.crt
+++ b/tests/data_files/server9-sha224.crt
@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBFzA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIwOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTczNloXDTI0MDExODEzNTczNlowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCBKEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBADJExjfWWvL28lgj+GGgviqo
-PHZLxI0pLQUnFJQ9Kpu6jxfICseBF00Z6BJE/RcYDpIie5GDt/8u/i6xB6Li29Pm
-g5nANgd/Y3fFnW7d0ydVjiSnetlPuf/jTlWQl6mQTH2xqYu8J8d3JRxQdRiDYbVm
-uywW2d6rksiqm6dPD5l4A5DcemcYo8f/1Ifj5WNDCV8/OHex+AnW2ccDvWAnVgSR
-B2VpOXJzVFuBsuf4tGVm/2TUMSB6NcvFc6TeJk1kzbZxii4QjKXtH1SfrVP59iEe
-l17NYAEWARjBpQWBiutRG+QM2et0sNiUBuWxTkvd0eSgencNysVAOsZqrqaX3CY=
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCBAUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCBAUAogQCAgDiMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4gOCAQEAjG73ZOe2pQn6
+jqiTHALGM0IG8BBCamo3gzbCjZPz3ZnTpZii1pQSFPGEBaKCgrtKrjvoP21ZDUnq
+3HjTUzGtGbHk3h+UJcVYgFuONidguUDaALGtXIPWUlqBBeJL+Y+01zJRnMpC2hV7
+JUOM3es02te8RM6srCdW1fP9x+Lx4G2Kjj7kEzKafEbwFesS4LbBXsWkID8xDPHO
+DLKvg66tPeksDBT4n7f7H51eNlyIwwMDKTc+N9Ri5OeW1HOqtbyo/yJlHvQqnCld
+E8gW+AVoeZmN6n/4yemnCEkFRqgbRSIGVoPmOY9d/FfGLmClcaZFPcH+w1JDhF71
+3egYnUY/9g==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-sha256.crt b/tests/data_files/server9-sha256.crt
index 7d0aa39567..ef37b3f6a9 100644
--- a/tests/data_files/server9-sha256.crt
+++ b/tests/data_files/server9-sha256.crt
@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTc0NVoXDTI0MDExODEzNTc0NVowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAH0+knqkcLaxeDkenBQgd4Qg
-3ZyAhtpiLU689mw+3cXB/uzFrCIxEL5aGh1eSj+DszB+FtsZ06ux7JVQqVOA2Wm9
-yLxC6wF8OOYj0nBa91BWLhRAHLhmIdWsVk7Hl9KojZd4TwV2N+ZEV/BLxyoRvK4H
-V4xCpzgDSiTPe8Etk4r+0akbr6bsOUBayPb7MGLHubZKq8NsFAmmynp+fPmHd3SE
-0ooJdiZ1MmKPKLE5Og/hXCI8qeiXQUR6oQ7b2XONsrI2HIj2SA9dA5qmHwE5PbMu
-zqxQ3R83boqLXbkFORn+UiYLmffqdoWuNy00BHMCrxRA9DUv+WyN4npLMF8rOJw=
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAXcWlfbIjRJX3
+eCkj03eKLvhawFndN6mWMOTVvr20Vdhhn57wngSKYgtsbOZhpT+pIXTTpxhku7uS
+Pg6NDU0W13xbrcIsYxkZRcN6AYcnV0NxnhdfkmxwDjLyohgm8IdgvHb04r73OP0j
+KmnZfJJpnxkVGD8NFGj2hBCR7ynbVBAfJegl0Lruxc4AlrniG6MW9xfkmE3EfOQg
+dwZv3UuhxzEhLmR933BCijwfhBVfyzarGjDtZjQYNwWKhRl+OXM+L14Ofq7htSxz
+kSM5KJfCAzLFNd6N2YU84IhqwTS4CZ/bE1HchEYPtXm97bj8Vldrfv2up/4Rc0kF
+a8P+xLLmug==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-sha384.crt b/tests/data_files/server9-sha384.crt
index aaa63e6ed2..2ea0108d43 100644
--- a/tests/data_files/server9-sha384.crt
+++ b/tests/data_files/server9-sha384.crt
@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGTA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTc1OFoXDTI0MDExODEzNTc1OFowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBABf8Gyq2VYuN1EBW1nOapDQp
-B/KuafNW2GEJ7FmQKNyA7MIj1Yqo2MtJ6/OQojRQ3F5rnO4yjmvIPsXeQaMxJBiI
-aaoAlLpH++F+oXMq/0aS0WSZrSLrsh2Fpay9cBDGwek2rDOX9kM+ZcPzGitVwWKX
-TnOW22hpcl7u95CpZH+JZTcto5nL3tTyV9pIy+tSKQQfjPB+G0TAZCsOkbCGPLug
-qdjvqFQwOf15VxQMj7NRiXjlqJvsx+I7B2AIhrs4DzQMEyiWq9S/PzpQuFU5v/Kg
-s2iMLJ5ygv5aN3PYqGlE1ZmvgyRp5h/LaTGI2L6lzRTnecOhtPv30N2tyaDAEfo=
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAgUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAgUAogQCAgDOMDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzgOCAQEAmTU2HqAA7gbB
+tJlDAve8nGbdCim4YjRXWceHGCpoFIWrs6onlHCvnZ2Wr8iPk+wnd7ShIpp8vGb/
+476y8pfaA2n8vYWhQKDCTTUXJN4tUc7i8Uz4RGdK48vHVvZCtCT/8MmPPouOIZcU
+/Kkenw2jv5R/CpiirVUsjNx6BYcdu1zzEU+uoBLom6sZ6LGRlIB0prFWcxrVjfzx
+2C8ZxMW8NWj6EQipQJ2U+CCycA2HkbCmt3FnEXmN5OWThvnKdshoPkMn2HwhAOzn
+cjZQhQT3WSufvZ9bYe7HZ5e1e7k6aMXBvW89ECxc12mZfSjlYmlvfHZuO8D2sP2i
+RidkcXFMxQ==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-sha512.crt b/tests/data_files/server9-sha512.crt
index a211b921dc..4abdf68133 100644
--- a/tests/data_files/server9-sha512.crt
+++ b/tests/data_files/server9-sha512.crt
@@ -1,20 +1,21 @@
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAhKgAwIBAgIBGjA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6Ea
-MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4wOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBMB4X
-DTE0MDEyMDEzNTgxMloXDTI0MDExODEzNTgxMlowNDELMAkGA1UEBhMCTkwxETAP
-BgNVBAoTCFBvbGFyU1NMMRIwEAYDVQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcN
-AQEBBQADgY0AMIGJAoGBAN0Rip+ZurBoyirqO2ptWZftTslU5A3uzqB9oB6q6A7C
-uxNA24oSjokTJKXF9frY9ZDXyMrLxf6THa/aEiNzUnlGGrqgVyt2FjGzqK/nOJsI
-i2OZOgol7kXSGFi6uZMa7dRYmmMbN/z3FAifhWVJ81kybdHg6G3eUu1mtKkL2kCV
-AgMBAAGjgZIwgY8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy
-36fOvVEwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJ
-BgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wg
-VGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCA6EaMBgGCSqG
-SIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBACdVozFq6rUiXo+ib5Y2oPsR
-6xxl4Ydn3LpUoYrPpTOrhcXJWW/tOLHGuCF/mSRfUzKaMIfL418cZHYnvumvuttu
-6z3tp5E1VsiZCU2MWJnzjKSxFBOss43AmpJHHoapGFZu2pxObBPqegAKHYkKWOLk
-tJDj47PurWgEek9j1nL7Pc1tVf59fm/ySp4fWkXLLvQiKid1516VioLyacUvK3zU
-6Egz8jMt7D5c9KpaExLRTANVsThqO5/dmR36bOwm3Hpbde7DNdgxru41tiLMqJs/
-5pX3ceaJ1XQ/l0idj5/9ipvqHHUguyk7H22HwQHQdSD9oIha8kEM3P6CjpfE7yY=
+MIIDYzCCAhagAwIBAgIBFzBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAwUA
+oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAwUAogQCAgC+MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QTAeFw0yMzA1MTcwNzEwMzdaFw0zMzA1MTQwNzEwMzdaMDQxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
+qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
+5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvgOCAQEAVut9oL/0V/vo
+f9VKxAZfyy0zFy+LOHzV1H5qQaPKJnXIAUp/sDtvOjugqHKjamg6dCIVy292Yxcx
+rW8WcMR1Bj9MQ5Qrv++TZ0a1e0qet1GYxj4MQkU30XlJq/Jh7ede9Vh/yBxKTQq7
+oaJ6fOTFWcz1JZDrZrKffBOqIp5jQWPARilUDN6FiRNYV3/14aWVGnNbqGfoY8CC
+WvpC0iAvrQxjdQQf6nIYrzcGNzvrpRbhpzBPUyUIrM1o+nyiNAJPlyncjFwmfw9g
+80FP1XnRIIKmlTTG7ivkjHKzE6WXZSQPjArg0jxQAX1uLKJGFhu+ueKyoPOHQXS0
+O1z3OQn3+w==
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9-with-ca.crt b/tests/data_files/server9-with-ca.crt
index 0478cff85d..51c0ada849 100644
--- a/tests/data_files/server9-with-ca.crt
+++ b/tests/data_files/server9-with-ca.crt
@@ -1,99 +1,39 @@
 -----BEGIN CERTIFICATE-----
 MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
-EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg
-Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO
-TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq
+EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg
+Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq
 hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
 HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
 r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
-qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ
-wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w
-OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh
-clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR
-vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6
-te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW
-Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj
-88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw
-JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1
-o4Hl/lqjwCEG
+qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6
+imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344
+/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy
+SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7
+loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP
+Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi
+UYUZ4RiwG1/7
 -----END CERTIFICATE-----
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 0 (0x0)
-        Signature Algorithm: sha1WithRSAEncryption
-        Issuer: C=NL, O=PolarSSL, CN=PolarSSL Test CA
-        Validity
-            Not Before: Feb 12 14:44:00 2011 GMT
-            Not After : Feb 12 14:44:00 2021 GMT
-        Subject: C=NL, O=PolarSSL, CN=PolarSSL Test CA
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-            RSA Public Key: (2048 bit)
-                Modulus (2048 bit):
-                    00:c0:df:37:fc:17:bb:e0:96:9d:3f:86:de:96:32:
-                    7d:44:a5:16:a0:cd:21:f1:99:d4:ec:ea:cb:7c:18:
-                    58:08:94:a5:ec:9b:c5:8b:df:1a:1e:99:38:99:87:
-                    1e:7b:c0:8d:39:df:38:5d:70:78:07:d3:9e:d9:93:
-                    e8:b9:72:51:c5:ce:a3:30:52:a9:f2:e7:40:70:14:
-                    cb:44:a2:72:0b:c2:e5:40:f9:3e:e5:a6:0e:b3:f9:
-                    ec:4a:63:c0:b8:29:00:74:9c:57:3b:a8:a5:04:90:
-                    71:f1:bd:83:d9:3f:d6:a5:e2:3c:2a:8f:ef:27:60:
-                    c3:c6:9f:cb:ba:ec:60:7d:b7:e6:84:32:be:4f:fb:
-                    58:26:22:03:5b:d4:b4:d5:fb:f5:e3:96:2e:70:c0:
-                    e4:2e:bd:fc:2e:ee:e2:41:55:c0:34:2e:7d:24:72:
-                    69:cb:47:b1:14:40:83:7d:67:f4:86:f6:31:ab:f1:
-                    79:a4:b2:b5:2e:12:f9:84:17:f0:62:6f:27:3e:13:
-                    58:b1:54:0d:21:9a:73:37:a1:30:cf:6f:92:dc:f6:
-                    e9:fc:ac:db:2e:28:d1:7e:02:4b:23:a0:15:f2:38:
-                    65:64:09:ea:0c:6e:8e:1b:17:a0:71:c8:b3:9b:c9:
-                    ab:e9:c3:f2:cf:87:96:8f:80:02:32:9e:99:58:6f:
-                    a2:d5
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:TRUE
-            X509v3 Subject Key Identifier: 
-                B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
-            X509v3 Authority Key Identifier: 
-                keyid:B4:5A:E4:A5:B3:DE:D2:52:F6:B9:D5:A6:95:0F:EB:3E:BC:C7:FD:FF
-                DirName:/C=NL/O=PolarSSL/CN=PolarSSL Test CA
-                serial:00
-
-    Signature Algorithm: sha1WithRSAEncryption
-        b8:fd:54:d8:00:54:90:8b:25:b0:27:dd:95:cd:a2:f7:84:07:
-        1d:87:89:4a:c4:78:11:d8:07:b5:d7:22:50:8e:48:eb:62:7a:
-        32:89:be:63:47:53:ff:b6:be:f1:2e:8c:54:c0:99:3f:a0:b9:
-        37:23:72:5f:0d:46:59:8f:d8:47:cd:97:4c:9f:07:0c:12:62:
-        09:3a:24:e4:36:d9:e9:2c:da:38:d0:73:75:61:d7:c1:6c:26:
-        8b:9b:e0:d5:dc:67:ed:8c:6b:33:d7:74:22:3c:4c:db:b5:8d:
-        2a:ce:2c:0d:08:59:05:09:05:a6:39:9f:b3:67:1b:e2:83:e5:
-        e1:8f:53:f6:67:93:c7:f9:6f:76:44:58:12:e8:3a:d4:97:e7:
-        e9:c0:3e:a8:7a:72:3d:87:53:1f:e5:2c:84:84:e7:9a:9e:7f:
-        66:d9:1f:9b:f5:13:48:b0:4d:14:d1:de:b2:24:d9:78:7d:f5:
-        35:cc:58:19:d1:d2:99:ef:4d:73:f8:1f:89:d4:5a:d0:52:ce:
-        09:f5:b1:46:51:6a:00:8e:3b:cc:6f:63:01:00:99:ed:9d:a6:
-        08:60:cd:32:18:d0:73:e0:58:71:d9:e5:d2:53:d7:8d:d0:ca:
-        e9:5d:2a:0a:0d:5d:55:ec:21:50:17:16:e6:06:4a:cd:5e:de:
-        f7:e0:e9:54
 -----BEGIN CERTIFICATE-----
-MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
-A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
+MIIDRDCCAiygAwIBAgIBAzANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
+MTkwMjEwMTQ0NDAwWhcNMjkwMjEwMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G
+A1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G
 CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx
 mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny
 50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n
 YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL
 R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu
 KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj
-gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH
-/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV
-BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz
-dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ
-SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H
-DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF
-pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf
-m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ
-7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==
+UzBRMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLRa5KWz3tJS9rnVppUP6z68
+x/3/MB8GA1UdIwQYMBaAFLRa5KWz3tJS9rnVppUP6z68x/3/MA0GCSqGSIb3DQEB
+BQUAA4IBAQCz557ZZmWv5UTTHebzTyVzku5ldpcicJPqKHP3xZ4tPPY52JQyJg/T
+hsRB44yTyNo3/jo9or2KgVnc+/nCmnlvTq22a/j26DtKZ7wD9MWxunpkqRwExtA/
+G816msrl6X6m50WwdLXTvaVJGXCYp8TPVLx5YY3WPIVoX0CPN7Hs9iNJNiEWo4Qf
+7dAqjWBB/QpusmWhjaDSc4+cFhT24Yo9HuS1yrkUTrBtJaj0AykTsiyFm6SBVDNH
+9XIxCgYy9QrYbDKNtJXhuevpN0yUMV/aUnIkU2wTTouhOzZisjNk0sS1guqmSHzf
+hlf8qotOhNvFXpEsCGwZUywayo7c4DtO
 -----END CERTIFICATE-----
diff --git a/tests/data_files/server9.crt b/tests/data_files/server9.crt
index a6f9fbc76c..26567aee91 100644
--- a/tests/data_files/server9.crt
+++ b/tests/data_files/server9.crt
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
 MIIDBTCCAeegAwIBAgIBFjATBgkqhkiG9w0BAQowBqIEAgIA6jA7MQswCQYDVQQG
-EwJOTDERMA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3Qg
-Q0EwHhcNMTQwMTIwMTMzODE2WhcNMjQwMTE4MTMzODE2WjA0MQswCQYDVQQGEwJO
-TDERMA8GA1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkq
+EwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3Qg
+Q0EwHhcNMjMwNTE3MDgwNDAwWhcNMzMwNTE3MDgwNDAwWjA0MQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIUG9sYXJTU0wxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkq
 hkiG9w0BAQEFAAOBjQAwgYkCgYEA3RGKn5m6sGjKKuo7am1Zl+1OyVTkDe7OoH2g
 HqroDsK7E0DbihKOiRMkpcX1+tj1kNfIysvF/pMdr9oSI3NSeUYauqBXK3YWMbOo
 r+c4mwiLY5k6CiXuRdIYWLq5kxrt1FiaYxs3/PcUCJ+FZUnzWTJt0eDobd5S7Wa0
-qQvaQJUCAwEAAaOBkjCBjzAJBgNVHRMEAjAAMB0GA1UdDgQWBBTu88f1HxWlTUeJ
-wdMiY7Lfp869UTBjBgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0w
-OzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xh
-clNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQDAog/jXydR
-vDIugTzBXtfVK0CEX8iyQ4cVzQmXWSne8204v943K5D2hktSBkjdQUdcnVvVgLR6
-te50jV89ptN/NofX+fo9fhSRN9vGgQVWzOOFiO0zcThy749pirJu1Kq5OJdthIyW
-Pu0UCz5G0k3kTp0JPevGlsNc8S9Ak1tFuB0IPJjrbfODWHS2LDuO+dB6gpkNTdrj
-88ogYtBsN4D5gsXBRUfobXokUwejBwLrD6XwyQx+0bMwSCxgHEhxvuUkx1vdlXGw
-JG3aF92u8mIxoKSAPaPdqy930mQvmpUWcN5Y1IMbtEGoQCKMYgosFcazJpJcjnX1
-o4Hl/lqjwCEG
+qQvaQJUCAwEAAaOBkjCBjzAdBgNVHQ4EFgQU7vPH9R8VpU1HicHTImOy36fOvVEw
+YwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNVBAYT
+Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
+QYIBAzAJBgNVHRMEAjAAMBMGCSqGSIb3DQEBCjAGogQCAgDqA4IBAQC2DLHQ05x6
+imJNztE/Tnk/lPQ01Pw6Girdbk4bgxcGwGj+1u5wAIHNpJ50TOggg3HxTyb7p344
+/tVMxz7nrHZQ5ASdn2kDCyCmEqhmj48isWAIml+7J9cBeImJoEfYqjtqtoVkGxFy
+SuoZAQWkkqDpyFhKhIjLQ8JuSE6wWMX/kc6TFSSxepnZU1SFOXfCiaVr5tFQzBP7
+loppIANLjKeMjpOdU86PmRQ2LyzaCH1OMnjVndeqNmZt0NyzZ18cFPvm6+DVVVuP
+Q+6nReShCdAlU+dJqsqj8JsQneNMTxjv4OBoXVmE/kZTj/DBTtwmxkVi7K4aYMFi
+UYUZ4RiwG1/7
 -----END CERTIFICATE-----

From 59f392cd4d5c1498ec34258c1eb0ccf1a99e372c Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 19 May 2023 23:07:09 +0800
Subject: [PATCH 049/264] upgrade server9-bad-saltlen.crt

Upgrade scripts
```python
import subprocess
from asn1crypto import pem, x509,core

output_filename="server9-bad-saltlen.crt"
tmp_filename="server9-bad-saltlen.crt.tmp"
tmp1_filename="server9-bad-saltlen.crt.tmp1"

subprocess.check_call(rf''' openssl x509 -req -extfile server5.crt.openssl.v3_ext \
        -passin "pass:PolarSSLTest" -CA test-ca.crt -CAkey test-ca.key \
        -set_serial 24 -days 3650 \
        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
        -sigopt rsa_mgf1_md:sha256 -sha256 \
        -in server9.csr -out {output_filename}
''',shell=True)

with open(output_filename,'rb') as f:
    _,_,der_bytes=pem.unarmor(f.read())
    target_certificate=x509.Certificate.load(der_bytes)

with open(tmp_filename,'wb') as f:
    f.write(target_certificate['tbs_certificate'].dump())

subprocess.check_call(rf'openssl dgst -sign test-ca.key -passin "pass:PolarSSLTest" \
                        -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:32 \
                        -sigopt rsa_mgf1_md:sha256 -out {tmp1_filename} {tmp_filename}',
                        shell=True)

with open(tmp1_filename,'rb') as f:
    signature_value= core.OctetBitString(f.read())

with open(output_filename,'wb') as f:
    target_certificate['signature_value']=signature_value
    f.write(pem.armor('CERTIFICATE',target_certificate.dump()))
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/data_files/Makefile                | 10 ++--------
 tests/data_files/server9-bad-saltlen.crt | 24 ++++++++++++------------
 2 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 6239c97ed6..5225774b36 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -572,15 +572,9 @@ server9-with-ca.crt: server9.crt $(test_ca_crt)
 	cat $^ > $@
 all_final += server9-with-ca.crt
 
-# FIXME: this file expected a bad-saltlen, but it create a good saltlen.
+# FIXME: This file needs special sequence. It should be update manually
 server9-bad-saltlen.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
-	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
-		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
-		-set_serial 24 -days 3653 \
-		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
-		-sigopt rsa_mgf1_md:sha256 -sha256 \
-		-in $< -out $@
-all_final += server9-bad-saltlen.crt
+	false
 
 server9-bad-mgfhash.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
 	$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa \
diff --git a/tests/data_files/server9-bad-saltlen.crt b/tests/data_files/server9-bad-saltlen.crt
index 78298e98b9..45bf20e274 100644
--- a/tests/data_files/server9-bad-saltlen.crt
+++ b/tests/data_files/server9-bad-saltlen.crt
@@ -2,20 +2,20 @@
 MIIDYzCCAhagAwIBAgIBGDBCBgkqhkiG9w0BAQowNaAPMA0GCWCGSAFlAwQCAQUA
 oRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogQCAgDeMDsxCzAJBgNVBAYT
 Ak5MMREwDwYDVQQKDAhQb2xhclNTTDEZMBcGA1UEAwwQUG9sYXJTU0wgVGVzdCBD
-QTAeFw0yMzA1MTcwODMzNDJaFw0zMzA1MTcwODMzNDJaMDQxCzAJBgNVBAYTAk5M
+QTAeFw0yMzA1MjIwNzMwMDZaFw0zMzA1MTkwNzMwMDZaMDQxCzAJBgNVBAYTAk5M
 MREwDwYDVQQKDAhQb2xhclNTTDESMBAGA1UEAwwJbG9jYWxob3N0MIGfMA0GCSqG
 SIb3DQEBAQUAA4GNADCBiQKBgQDdEYqfmbqwaMoq6jtqbVmX7U7JVOQN7s6gfaAe
 qugOwrsTQNuKEo6JEySlxfX62PWQ18jKy8X+kx2v2hIjc1J5Rhq6oFcrdhYxs6iv
 5zibCItjmToKJe5F0hhYurmTGu3UWJpjGzf89xQIn4VlSfNZMm3R4Oht3lLtZrSp
-C9pAlQIDAQABo4GSMIGPMB0GA1UdDgQWBBTu88f1HxWlTUeJwdMiY7Lfp869UTBj
-BgNVHSMEXDBagBS0WuSls97SUva51aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMC
-TkwxETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENB
-ggEDMAkGA1UdEwQCMAAwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
-MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEALIe0VtQaT92x
-fNkzIdRHkv+3C6P4URzFP9cBMm+ulX86ld/Szl4J2eUywtzQz22UZE5ZT23xutCx
-pUC3AZyzRNiDAdsPvofvf88MJtxDROe7v/MgmXqKxx2t+/N62Mf2mzd9Wu9ibBcO
-DrawRQtlUgUkwlzdTtWUxu/VYMEhdeXMPHRSzX0ODAQOA9EydR/BvPmuvMYIvb8M
-L1ifzupTm+W92v6kB1AmEXjtvcPEba6rvfZylKISJPmRH3wTdt1+s/1j/PjdUfIa
-WbjiucXRSk3NBsza+w5cS4CQu3dbZaY2lBhBkoWvxZm+XU4mfxmjCW6jl59NAmMD
-X7c2Uua8SA==
+C9pAlQIDAQABo4GSMIGPMAkGA1UdEwQCMAAwHQYDVR0OBBYEFO7zx/UfFaVNR4nB
+0yJjst+nzr1RMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnVppUP6z68x/3/oT+kPTA7
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFy
+U1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEc
+MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3gOCAQEAlQo9OnchZbLQ
+PTXs9NgXDoQb4JvUG/Fsq09/e8ivWaHkE7mKeNRrP8qMdAw914Bs1NQf9F75CWJe
+5YtmLcE5gSbVj3qa6zVuQWEcrseKz6wpAFLsHKbF6kKfUgcI56xmD2DhhIHny+5B
+9ObM0RQpCmAYXjU2CvknXeBzpX2cGOLD/Nexk1oBF6PI0rDUBqg3cexsJ5XfJwYg
+tkjkZ321s9N09BsioauH6d9x9/Ysz7Qp7Bqpb1E7dV4bDuT5vwPWwPIUAav897Vt
+s0uMZHoVasj57UwqDv8tm0db6f2VOL7r5GBMjbp6newW8Me47uXSBXKy8tFJMolj
+yKuEQkKKyA==
 -----END CERTIFICATE-----

From 736d2bb7150082900b3407c8cc9c66275c8bc17b Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Mon, 29 May 2023 15:32:31 +0800
Subject: [PATCH 050/264] Update crl-rsa-pss-*.pem manually

The rules will be in a seperate PR.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/crl-rsa-pss-sha1-badsign.pem | 22 +++++++--------
 tests/data_files/crl-rsa-pss-sha1.pem         | 22 +++++++--------
 tests/data_files/crl-rsa-pss-sha224.pem       | 28 +++++++++----------
 tests/data_files/crl-rsa-pss-sha256.pem       | 28 +++++++++----------
 tests/data_files/crl-rsa-pss-sha384.pem       | 28 +++++++++----------
 tests/data_files/crl-rsa-pss-sha512.pem       | 28 +++++++++----------
 6 files changed, 78 insertions(+), 78 deletions(-)

diff --git a/tests/data_files/crl-rsa-pss-sha1-badsign.pem b/tests/data_files/crl-rsa-pss-sha1-badsign.pem
index 7e2a59677a..d236910d90 100644
--- a/tests/data_files/crl-rsa-pss-sha1-badsign.pem
+++ b/tests/data_files/crl-rsa-pss-sha1-badsign.pem
@@ -1,14 +1,14 @@
 -----BEGIN X509 CRL-----
 MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x
-NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4
-WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
-1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM
-MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC
-AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS
-4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0
-MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo
-mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O
-7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa
-y6li0JzWNHtkKUlCv2+SESZbD3NU8GQY
+ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y
+MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5
+WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
+1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM
+MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC
+AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi
+8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz
+ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf
+Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk
+M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27
+IXSTrZJj4WeQMk289pIccMHj5DUSo4u0
 -----END X509 CRL-----
diff --git a/tests/data_files/crl-rsa-pss-sha1.pem b/tests/data_files/crl-rsa-pss-sha1.pem
index 59ca4f703e..c129c0c813 100644
--- a/tests/data_files/crl-rsa-pss-sha1.pem
+++ b/tests/data_files/crl-rsa-pss-sha1.pem
@@ -1,14 +1,14 @@
 -----BEGIN X509 CRL-----
 MIICJDCCAQYCAQEwEwYJKoZIhvcNAQEKMAaiBAICAOowOzELMAkGA1UEBhMCTkwx
-ETAPBgNVBAoTCFBvbGFyU1NMMRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBFw0x
-NDAxMjAxMzQ2MzVaFw0yNDAxMTgxMzQ2MzVaMCgwEgIBChcNMTMwOTI0MTYyODM4
-WjASAgEWFw0xNDAxMjAxMzQzMDVaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
-1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoTCFBvbGFyU1NM
-MRkwFwYDVQQDExBQb2xhclNTTCBUZXN0IENBggEAMBMGCSqGSIb3DQEBCjAGogQC
-AgDqA4IBAQB8ZBX0BEgRcx0lfk1ctELRu1AYoJ5BnsmQpq23Ca4YIP2yb2kTN1ZS
-4fR4SgYcNctgo2JJiNiUkCu1ZnRUOJUy8UlEio0+aeumTNz6CbeJEDhr5NC3oiV0
-MzvLn9rJVLPetOT9UrvvIy8iz5Pn1d8mu5rkt9BKQRq9NQx8riKnSIoTc91NLCMo
-mkCCB55DVbazODSWK19e6yQ0JS454RglOsqRtLJ/EDbi6lCsLXotFt3GEGMrob1O
-7Qck1Z59boaHxGYFEVnx90+4M3/qikVtwZdcBjLEmfuwYvszFw8J2y6Xwmg/HtUa
-y6li0JzWNHtkKUlCv2+SESZbD3NU8GQZ
+ETAPBgNVBAoMCFBvbGFyU1NMMRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBFw0y
+MzA1MTcwODA3NDlaFw0zMzA1MTcwODA3NDlaMCgwEgIBChcNMjMwNTE3MDgwNzQ5
+WjASAgEWFw0yMzA1MTcwODA3NDlaoGcwZTBjBgNVHSMEXDBagBS0WuSls97SUva5
+1aaVD+s+vMf9/6E/pD0wOzELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NM
+MRkwFwYDVQQDDBBQb2xhclNTTCBUZXN0IENBggEDMBMGCSqGSIb3DQEBCjAGogQC
+AgDqA4IBAQCMUepEfAXs1G3hDE7rcIPT/AFv/oLQSVwRE8O2G5r4j0CgzN6CSGNi
+8qfFVX6f7ds+QM4pxAXk5FH4QJJkev0ZBQxmA/ZDLEFmmCEfPMsA69nG//Xeq+Xz
+ZOqJpAewmXoP2UUxV5rRpAIr9g9NvDkTT012eQEpoGkJlpxOln1VW+Dk24PCZFWf
+Nf8GMUzUsXfXm7ZdCeuc8ZDYNma0nWAMR9Jw6qaEhyH4Fd/scFvXiF/i4cpVp8Rk
+M71wSrCC0pkFzw4/bYMnf0aHle/lNg5e78SAT+/6PA8pXL7Urc0IufOfxCGwqY27
+IXSTrZJj4WeQMk289pIccMHj5DUSo4uO
 -----END X509 CRL-----
diff --git a/tests/data_files/crl-rsa-pss-sha224.pem b/tests/data_files/crl-rsa-pss-sha224.pem
index a51d5d9113..1108b3ddba 100644
--- a/tests/data_files/crl-rsa-pss-sha224.pem
+++ b/tests/data_files/crl-rsa-pss-sha224.pem
@@ -1,16 +1,16 @@
 -----BEGIN X509 CRL-----
-MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgShGjAYBgkq
-hkiG9w0BAQgwCwYJYIZIAWUDBAIEogQCAgDiMDsxCzAJBgNVBAYTAk5MMREwDwYD
-VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw
-MTM1NjA2WhcNMjQwMTE4MTM1NjA2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB
-FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r
-PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG
-A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG
-SAFlAwQCBKEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgSiBAICAOIDggEBAEJI
-i9sQOzMvvOTksN48+X+kk/wkLMKRGI222lqU6y6tP1LX3OE/+KN8gPXR+lCC+e0v
-TsRTJkpKEcmHZoP/8kOtZnLb9PdITKGMQnZ+dmn5MFEzZI/zyrYWuJTuK1Q83w0e
-Mc88cAhu8i4PTk/WnsWDphK1Q2YRupmmwWSUpp1Z2rpR+YSCedC01TVrtSUJUBw9
-NSqKDhyWYJIbS6/bFaERswC8xlMRhyLHUvikjmAK36TbIdhTnEffHOPW75sEOEEB
-f0A3VtlZ7y5yt2/a6vOauJCivxKt/PutdHfBqH43QQmoVLWC2FmT9ADTJwcsZB3D
-a6JSqCIMRCQY2JOUn0A=
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgQFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA4jA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla
+MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgQFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgQFAKIEAgIA
+4gOCAQEANsElK5qMavcgBXsqgysCIIwEPj+dXdBOwXW17HWh2jcSwAssFNRxhiIc
+PoUjj2fNlbOWXLPoxXBitgkJ31UAYCteGSv3j5P3WEuriVwCG889JEoMWn9U4+f9
+f5jSVNfynyiAOiwpA0TrOhZOAs9SEj742S1pzhsb9yaOXeQXNnDv8HYe3uX9/D9w
+ynot+/EwCYEuvK8XQ6qnV6588NHEAd9x+OcV9pxWrmUE8Muz1KffBwD5+SOW+Taj
+4fKQPcKJoRXOKyLXpOz7yMl/6fCf6h3Qj/H4YI/2gsWI0iduKoXDsuQkMEdPTZvk
+7P88YK3/4MReaZS3sDyhhUrojELPXw==
 -----END X509 CRL-----
diff --git a/tests/data_files/crl-rsa-pss-sha256.pem b/tests/data_files/crl-rsa-pss-sha256.pem
index f16a49118e..26f7935ccc 100644
--- a/tests/data_files/crl-rsa-pss-sha256.pem
+++ b/tests/data_files/crl-rsa-pss-sha256.pem
@@ -1,16 +1,16 @@
 -----BEGIN X509 CRL-----
-MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgGhGjAYBgkq
-hkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeMDsxCzAJBgNVBAYTAk5MMREwDwYD
-VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw
-MTM1NjE2WhcNMjQwMTE4MTM1NjE2WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB
-FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r
-PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG
-A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG
-SAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBAEZ4
-oqp9i5eXrN6aCSTaU1j07MVTFW/U1jQAq6GseB6bEvoEXFMUHJsgAObqCK9flfEC
-FEqXqWSo33hhPU7AKKttbDLjUYRNnQAPRUnRIl1/a1+UjqgKchWWD9ityeW8ICxo
-IdATX9reYmPDLIMqTC7zuflYkvrvdEOuBORQP5mn4j8t84MSQF/p4qzaU0XxLo4X
-ckzZCcHpa45AApCDjJMd9onhFVCYsykiYrF9NQFO8TI4lQ5jv79GoufEzvhY1SPB
-r1xz4sMpfyaoPaa3SM2/nD65E5jzXell2u2VWNGKv4zAQP0E5yGel+1rklBltadb
-XLdJyyak33CLBKu+nJc=
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgEFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA3jA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc0OVoXDTMzMDUxNzA4MDc0OVowKDASAgEKFw0yMzA1MTcwODA3NDla
+MBICARYXDTIzMDUxNzA4MDc0OVqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIEAgIA
+3gOCAQEAHLzvRF0RVQL48ZGVFnTk1nsOHXVHS0UVMItsILurXJ4XrOgN1I7iTzu2
+wYNtgr+T15jwsPdgU+Gg3127vb2Djm0IUX0dCfYpSFRUv8BjaK962ZPjM0rkWhC6
+JUTWSLMAMy4ScqcoC7e4vuN2h4kPOzlvDBIhzWKA03+taAtuIOWjXZu2/Cyeggxs
+oXARKI8BEv4b94xwiFJMoMuzcYAkuDIH4MRYANVgOS/zncCRS9D5ZerfoBt70LKX
+nzJtT4a0XoxbUJeU8MZ0fR5aAHUQulAPA9CMmBsHkSx7pzAAhCwx/vXbnWPyhA6G
+XG6gCKcDR5PZQvQNgi29SLlhRTT5TA==
 -----END X509 CRL-----
diff --git a/tests/data_files/crl-rsa-pss-sha384.pem b/tests/data_files/crl-rsa-pss-sha384.pem
index 50f7e4cd24..45431f0133 100644
--- a/tests/data_files/crl-rsa-pss-sha384.pem
+++ b/tests/data_files/crl-rsa-pss-sha384.pem
@@ -1,16 +1,16 @@
 -----BEGIN X509 CRL-----
-MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAYBgkq
-hkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgDOMDsxCzAJBgNVBAYTAk5MMREwDwYD
-VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw
-MTM1NjI4WhcNMjQwMTE4MTM1NjI4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB
-FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r
-PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG
-A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG
-SAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAM4DggEBAAco
-SntUGDLBOAu0IIZaVea5Nt1NMsMcppC0hWPuH1LKAwyUODBqpT+0+AuALK0eIdYR
-a7mAB+cv2fFwmwxnQWJ1Fvx4ft/N2AAfB83VRKpSo3xR8bxloHfTWKmyxJHmH9j1
-EYmLS86rj3Nhjf4m/YlQQ3Im5HwOgSgBOE8glq5D+0Wmsi9LsNEZXEzMw7TMUgbs
-y9o/ghYF/shKU4mewK3DeM9gQiTcH5A4ISXR87hBQ08AKJRAG1CLvTyzqWiUUY+k
-q8iZDYF17sHrPi2yn8q9c4zdxiaWDGDdL0Lh90wXGTAageoGEq25TMuL5FpX+u1u
-KUH/xf1jEnNzbYNGiZw=
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgIFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIAzjA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa
+MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIFAKIEAgIA
+zgOCAQEAnZvMo3nmKXPV+q4m1CdMA7jUtdanJBHDAv2+LZLq4T1QpyN+nmLEB1yX
+ARN8/5Px47zm7XyZw6HI1Il34MjblAKIPBVXoswj4YLRceijwiG1bxkh1Kz3lcV0
+GCNPNo7tMPii9iATWlVzWBCzx2rLmt/ys0DtNRCMISOYGW1HkyuO28dwA6nUJwSS
+Ddjr3iilavnBdpzddH9AiN5Fm0sfrFBANx79Qyp0/r8hqrv7rT33maeRKj3S4e9G
+zpO6uHPAh9Obo93DxpKpXoMwxDiHv+bwHPO4J1YOiryy/KZmHhzUMPfvP09pGg9f
+zGO/bOyiHGH0Lf4F9JVMxpfitdbtwg==
 -----END X509 CRL-----
diff --git a/tests/data_files/crl-rsa-pss-sha512.pem b/tests/data_files/crl-rsa-pss-sha512.pem
index 0f1d6510bc..71f2b7cd50 100644
--- a/tests/data_files/crl-rsa-pss-sha512.pem
+++ b/tests/data_files/crl-rsa-pss-sha512.pem
@@ -1,16 +1,16 @@
 -----BEGIN X509 CRL-----
-MIICejCCATECAQEwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgOhGjAYBgkq
-hkiG9w0BAQgwCwYJYIZIAWUDBAIDogQCAgC+MDsxCzAJBgNVBAYTAk5MMREwDwYD
-VQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVzdCBDQRcNMTQwMTIw
-MTM1NjM4WhcNMjQwMTE4MTM1NjM4WjAoMBICAQoXDTEzMDkyNDE2MjgzOFowEgIB
-FhcNMTQwMTIwMTM0MzA1WqBnMGUwYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/r
-PrzH/f+hP6Q9MDsxCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcG
-A1UEAxMQUG9sYXJTU0wgVGVzdCBDQYIBADA+BgkqhkiG9w0BAQowMaANMAsGCWCG
-SAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiBAICAL4DggEBAB9F
-ywBfxOjetxNbCFhOYoPY2jvFCFVdlowMGuxEhX/LktqiBXqRc2r5naQSzuHqO8Iq
-1zACtiDLri0CvgSHlravBNeY4c2wj//ueFE89tY5pK9E6vZp7cV+RfMx2YfGPAA2
-t7tWZ2rJWzELg8cZ8hpjSwFH7JmgJzjE5gi2gADhBYO6Vv5S3SOgqNjiN1OM31AU
-p6GHK5Y1jurF5Zwzs+w3wXoXgpOxxwEC4eiS86c9kNSudwTLvDTU0bYEQE1cF+K0
-sB8QWABFJfuO5kjD2w3rWgmAiOKsZoxd1xrda+WD3JhDXnoVq3oVBIVlWVz6YID8
-enMfMvwScA5AImzu9xA=
+MIICgjCCATUCAQEwQgYJKoZIhvcNAQEKMDWgDzANBglghkgBZQMEAgMFAKEcMBoG
+CSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIAvjA7MQswCQYDVQQGEwJOTDER
+MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EXDTIz
+MDUxNzA4MDc1MFoXDTMzMDUxNzA4MDc1MFowKDASAgEKFw0yMzA1MTcwODA3NTBa
+MBICARYXDTIzMDUxNzA4MDc1MFqgZzBlMGMGA1UdIwRcMFqAFLRa5KWz3tJS9rnV
+ppUP6z68x/3/oT+kPTA7MQswCQYDVQQGEwJOTDERMA8GA1UECgwIUG9sYXJTU0wx
+GTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0GCAQMwQgYJKoZIhvcNAQEKMDWgDzAN
+BglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIEAgIA
+vgOCAQEAtMPpQMet9BfMRLg0AW9QfL3QkktV7xk++BqYFOYynBiqxjQH4AKu3wU8
+eiGd3+2xNpQd2/sG7UUNo1Vnl9gCHRiT4bje6+CdvvqaZKSgpmsiztbgBAYORriF
+flKOKOOQTxaikqJ4t7vp727JmstADuyizTgOBE0k3V1glas8B0G122YheeHF02S4
++33Nss4hbfbTilR0RccOaqiXzF9bkFsTlD5KgyUFZbFtdy+1zHZLnRUAJA1HmDeP
+r5p2mJxKwXmZzLnw/FPa8fUH665TKYk08AuIpN+VHdPwiBoYHJ2YZJWgM+1qHq1y
+tlyoAOC6beqsh9OfxcQZaEiWbUI9yQ==
 -----END X509 CRL-----

From 19e949e64437e091de4764e58fb96496b635955a Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 8 Jun 2023 09:20:16 +0800
Subject: [PATCH 051/264] Fix typo and long line format

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 5225774b36..fb61ba8944 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -112,7 +112,9 @@ cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem
 all_intermediate += cert_example_multi_nocn.csr
 
 cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt
-	$(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) -extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" -set_serial  0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@
+	$(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) \
+		-extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" \
+		-set_serial  0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@
 all_final += cert_example_multi_nocn.crt
 
 parse_input/test_csr_v3_keyUsage.csr.der: rsa_pkcs1_1024_clear.pem
@@ -448,7 +450,9 @@ all_final += server5-ss-expired.crt
 
 # try to forge a copy of test-int-ca3 with different key
 server5-ss-forgeca.crt: server5.key
-	$(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" -set_serial 77 -config $(test_ca_config_file) -extensions noext_ca -days 3650 -sha256 -key $< -out $@
+	$(OPENSSL) req -x509 -new -subj "/C=UK/O=mbed TLS/CN=mbed TLS Test intermediate CA 3" \
+		-set_serial 77 -config $(test_ca_config_file) -extensions noext_ca \
+		-days 3650 -sha256 -key $< -out $@
 all_final += server5-ss-forgeca.crt
 
 server5-selfsigned.crt: server5.key
@@ -561,7 +565,7 @@ server9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
 		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
 		-set_serial 72 -days 3653 \
 		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max -sha1 \
-		-in $< -o $@
+		-in $< -out $@
 all_final += server9-defaults.crt
 
 server9-badsign.crt: server9.crt

From 49c56e651da520e306ef1f3bb00a34cd601b0f85 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Tue, 4 Jul 2023 15:56:59 +0800
Subject: [PATCH 052/264] Add target for
 parse_input/cert_example_multi_nocn.crt

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index fb61ba8944..aa72a847f5 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -111,7 +111,7 @@ cert_example_multi_nocn.csr: rsa_pkcs1_1024_clear.pem
 	$(MBEDTLS_CERT_REQ) filename=$< output_file=$@ subject_name='C=NL'
 all_intermediate += cert_example_multi_nocn.csr
 
-cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt
+parse_input/cert_example_multi_nocn.crt cert_example_multi_nocn.crt: cert_example_multi_nocn.csr test-ca_nocn.crt
 	$(OPENSSL) x509 -req -CA test-ca_nocn.crt -CAkey $(test_ca_key_file_rsa) \
 		-extfile $(test_ca_config_file) -extensions ext_multi_nocn -passin "pass:$(test_ca_pwd_rsa)" \
 		-set_serial  0xf7c67ff8e9a963f9 -days 3653 -sha1 -in $< > $@

From b687c03183a43fa684f111d3dbaf666955eeb8e5 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Tue, 4 Jul 2023 16:01:01 +0800
Subject: [PATCH 053/264] Fix the command for server9-sha*.crt

The new command could generate
parse_input/server9-sha*.crt correctly.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 tests/data_files/Makefile | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index aa72a847f5..60ec0c255f 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -541,7 +541,7 @@ all_final += test-int-ca3-badsign.crt
 server9.csr: server9.key
 	$(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
 					-key $< -out $@
-server9.crt: server9-sha1.crt
+parse_input/server9.crt server9.crt: server9-sha1.crt
 	cp $< $@
 all_final += server9.crt
 all_intermediate += server9.csr server9-sha1.crt
@@ -551,13 +551,13 @@ server9-%.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)
 		-passin "pass:$(test_ca_pwd_rsa)" -CA $(test_ca_crt) -CAkey $(test_ca_key_file_rsa) \
 		-set_serial $(SERVER9_CRT_SERIAL) -days 3653 \
 		-sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:max \
-		-sigopt rsa_mgf1_md:$(@:server9-%.crt=%) -$(@:server9-%.crt=%) \
+		-sigopt rsa_mgf1_md:$(@F:server9-%.crt=%) -$(@F:server9-%.crt=%) \
 		-in $< -out $@
 server9-sha1.crt: SERVER9_CRT_SERIAL=22
-server9-sha224.crt: SERVER9_CRT_SERIAL=23
-server9-sha256.crt: SERVER9_CRT_SERIAL=24
-server9-sha384.crt: SERVER9_CRT_SERIAL=25
-server9-sha512.crt: SERVER9_CRT_SERIAL=26
+parse_input/server9-sha224.crt server9-sha224.crt: SERVER9_CRT_SERIAL=23
+parse_input/server9-sha256.crt server9-sha256.crt: SERVER9_CRT_SERIAL=24
+parse_input/server9-sha384.crt server9-sha384.crt: SERVER9_CRT_SERIAL=25
+parse_input/server9-sha512.crt server9-sha512.crt: SERVER9_CRT_SERIAL=26
 all_final += server9-sha224.crt server9-sha256.crt server9-sha384.crt server9-sha512.crt
 
 server9-defaults.crt: server9.csr $(test_ca_crt) $(test_ca_key_file_rsa)

From 3cb6e41dfa7e1603876b03e256f6ca1f814054d3 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:14:15 +0530
Subject: [PATCH 054/264] Add define for builtin pbkdf2_cmac

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/mbedtls/config_psa.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index b7e89472f7..f1cff20b51 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -599,6 +599,14 @@ extern "C" {
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
 
+#if defined(PSA_WANT_ALG_CMAC) && defined(PSA_HAVE_SOFT_KEY_TYPE_AES)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
+#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
+#define MBEDTLS_CMAC_C
+#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
+#endif /* PSA_WANT_ALG_CMAC && PSA_HAVE_SOFT_KEY_TYPE_AES */
+
 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
 #define MBEDTLS_ECP_DP_BP256R1_ENABLED

From dd45667a18fa3d37a10db3b8a72b7af35ff33a8f Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:21:13 +0530
Subject: [PATCH 055/264] Define struct for pbkdf2_cmac

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_builtin_key_derivation.h         | 6 ++++--
 include/psa/crypto_driver_contexts_key_derivation.h | 3 ++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h
index cd6d51df02..c598fa438e 100644
--- a/include/psa/crypto_builtin_key_derivation.h
+++ b/include/psa/crypto_builtin_key_derivation.h
@@ -105,7 +105,8 @@ typedef struct psa_tls12_prf_key_derivation_s {
 } psa_tls12_prf_key_derivation_t;
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
         * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
 typedef enum {
     PSA_PBKDF2_STATE_INIT,             /* no input provided */
     PSA_PBKDF2_STATE_INPUT_COST_SET,   /* input cost has been set */
@@ -125,6 +126,7 @@ typedef struct {
     uint8_t MBEDTLS_PRIVATE(bytes_used);
     uint32_t MBEDTLS_PRIVATE(block_number);
 } psa_pbkdf2_key_derivation_t;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
+        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
 
 #endif /* PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H */
diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h
index 5b4e4745d6..32de4f7654 100644
--- a/include/psa/crypto_driver_contexts_key_derivation.h
+++ b/include/psa/crypto_driver_contexts_key_derivation.h
@@ -55,7 +55,8 @@ typedef union {
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
     psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms);
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
     psa_pbkdf2_key_derivation_t MBEDTLS_PRIVATE(pbkdf2);
 #endif
 } psa_driver_key_derivation_context_t;

From 3ab146f99e51179fc8e2b37d3ec9504a205b50ab Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:35:36 +0530
Subject: [PATCH 056/264] Add builtin pbkdf2 cmac guard for all the pbkdf2
 functions

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 51 +++++++++++++++++++++++++++++---------------
 1 file changed, 34 insertions(+), 17 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2b9c8a29ff..4d8979cafd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5080,7 +5080,8 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
     defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
 #define AT_LEAST_ONE_BUILTIN_KDF
 #endif /* At least one builtin KDF */
 
@@ -5184,8 +5185,10 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
                                  sizeof(operation->ctx.tls12_ecjpake_to_pms.data));
     } else
 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
+        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         if (operation->ctx.pbkdf2.salt != NULL) {
             mbedtls_platform_zeroize(operation->ctx.pbkdf2.salt,
                                      operation->ctx.pbkdf2.salt_length);
@@ -5194,7 +5197,8 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
 
         status = PSA_SUCCESS;
     } else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) ||
+        * defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) */
     {
         status = PSA_ERROR_BAD_STATE;
     }
@@ -5521,7 +5525,8 @@ static psa_status_t psa_key_derivation_tls12_ecjpake_to_pms_read(
 }
 #endif
 
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
 static psa_status_t psa_key_derivation_pbkdf2_generate_block(
     psa_pbkdf2_key_derivation_t *pbkdf2,
     psa_algorithm_t prf_alg,
@@ -5650,7 +5655,8 @@ static psa_status_t psa_key_derivation_pbkdf2_read(
 
     return PSA_SUCCESS;
 }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
+        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
 
 psa_status_t psa_key_derivation_output_bytes(
     psa_key_derivation_operation_t *operation,
@@ -5705,12 +5711,15 @@ psa_status_t psa_key_derivation_output_bytes(
             &operation->ctx.tls12_ecjpake_to_pms, output, output_length);
     } else
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
+        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         status = psa_key_derivation_pbkdf2_read(&operation->ctx.pbkdf2, kdf_alg,
                                                 output, output_length);
     } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
+        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
 
     {
         (void) kdf_alg;
@@ -6628,7 +6637,8 @@ static psa_status_t psa_tls12_ecjpake_to_pms_input(
 }
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
 
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
 static psa_status_t psa_pbkdf2_set_input_cost(
     psa_pbkdf2_key_derivation_t *pbkdf2,
     psa_key_derivation_step_t step,
@@ -6749,7 +6759,8 @@ static psa_status_t psa_pbkdf2_input(psa_pbkdf2_key_derivation_t *pbkdf2,
             return PSA_ERROR_INVALID_ARGUMENT;
     }
 }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
+        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
 
 /** Check whether the given key type is acceptable for the given
  * input step of a key derivation.
@@ -6846,12 +6857,15 @@ static psa_status_t psa_key_derivation_input_internal(
             &operation->ctx.tls12_ecjpake_to_pms, step, data, data_length);
     } else
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
+        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         status = psa_pbkdf2_input(&operation->ctx.pbkdf2, kdf_alg,
                                   step, data, data_length);
     } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
+        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
     {
         /* This can't happen unless the operation object was not initialized */
         (void) data;
@@ -6875,12 +6889,15 @@ static psa_status_t psa_key_derivation_input_integer_internal(
     psa_status_t status;
     psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
 
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
+    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
+        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         status = psa_pbkdf2_set_input_cost(
             &operation->ctx.pbkdf2, step, value);
     } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
+        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
     {
         (void) step;
         (void) value;

From 857cd4b3eeba38961010c00c5a750abd26a2aada Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:37:23 +0530
Subject: [PATCH 057/264] Add AES_CMAC_PRF_128 output size macro

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_sizes.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 8cc965b09f..61ec2e6c8d 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -276,6 +276,9 @@
  * This is a vendor-specific macro. This can be configured if necessary */
 #define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 0xffffffff
 
+/* Output size of AES_CMAC_PRF_128 algorithm */
+#define AES_CMAC_PRF_128_OUTPUT_SIZE 16
+
 /** The maximum size of a block cipher. */
 #define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
 

From 2cd649684af255a20628679628dd9fada0cc8d4c Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:38:57 +0530
Subject: [PATCH 058/264] Add pbkdf2_cmac to key derivation setup

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4d8979cafd..f29d1abde5 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6142,6 +6142,11 @@ static int is_kdf_alg_supported(psa_algorithm_t kdf_alg)
     if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
         return 1;
     }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+        return 1;
+    }
 #endif
     return 0;
 }
@@ -6168,10 +6173,14 @@ static psa_status_t psa_key_derivation_setup_kdf(
     }
 
     /* All currently supported key derivation algorithms (apart from
-     * ecjpake to pms) are based on a hash algorithm. */
+     * ecjpake to pms and pbkdf2_aes_cmac_128) are based on a hash algorithm. */
     psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg);
     size_t hash_size = PSA_HASH_LENGTH(hash_alg);
-    if (kdf_alg != PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
+    if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
+        hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256);
+    } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+        hash_size = AES_CMAC_PRF_128_OUTPUT_SIZE;
+    } else {
         if (hash_size == 0) {
             return PSA_ERROR_NOT_SUPPORTED;
         }
@@ -6183,8 +6192,6 @@ static psa_status_t psa_key_derivation_setup_kdf(
         if (status != PSA_SUCCESS) {
             return status;
         }
-    } else {
-        hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256);
     }
 
     if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) ||

From 3d5edb8eeffbf3a7c0d7485acbd73312e4645113 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:41:25 +0530
Subject: [PATCH 059/264] Add input password function for pbkdf2 cmac

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 43 ++++++++++++++++++++++++++++++++++++-------
 1 file changed, 36 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f29d1abde5..8606f17c70 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6727,6 +6727,33 @@ static psa_status_t psa_pbkdf2_hmac_set_password(psa_algorithm_t hash_alg,
     return status;
 }
 
+static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
+                                                 size_t input_len,
+                                                 uint8_t *output,
+                                                 size_t *output_len)
+{
+    psa_status_t status = PSA_SUCCESS;
+    if (input_len != AES_CMAC_PRF_128_OUTPUT_SIZE) {
+        psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+        uint8_t zeros[16] = {0};
+        psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+        psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(sizeof(zeros)));
+        psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+        /* Passing AES_CMAC_PRF_128_OUTPUT_SIZE as mac_size as the driver
+         * function sets mac_output_length = mac_size on success. See #7801*/
+        status = psa_driver_wrapper_mac_compute(&attributes,
+                                                zeros, sizeof(zeros),
+                                                PSA_ALG_CMAC, input, input_len,
+                                                output,
+                                                AES_CMAC_PRF_128_OUTPUT_SIZE,
+                                                output_len);
+    } else {
+        memcpy(output, input, input_len);
+        *output_len = AES_CMAC_PRF_128_OUTPUT_SIZE;
+    }
+    return status;
+}
+
 static psa_status_t psa_pbkdf2_set_password(psa_pbkdf2_key_derivation_t *pbkdf2,
                                             psa_algorithm_t kdf_alg,
                                             const uint8_t *data,
@@ -6737,13 +6764,15 @@ static psa_status_t psa_pbkdf2_set_password(psa_pbkdf2_key_derivation_t *pbkdf2,
         return PSA_ERROR_BAD_STATE;
     }
 
-    if (data_length != 0) {
-        if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
-            psa_algorithm_t hash_alg = PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg);
-            status = psa_pbkdf2_hmac_set_password(hash_alg, data, data_length,
-                                                  pbkdf2->password,
-                                                  &pbkdf2->password_length);
-        }
+    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
+        psa_algorithm_t hash_alg = PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg);
+        status = psa_pbkdf2_hmac_set_password(hash_alg, data, data_length,
+                                              pbkdf2->password,
+                                              &pbkdf2->password_length);
+    } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+        status = psa_pbkdf2_cmac_set_password(data, data_length,
+                                              pbkdf2->password,
+                                              &pbkdf2->password_length);
     }
 
     pbkdf2->state = PSA_PBKDF2_STATE_PASSWORD_SET;

From a2520a5b7e9fadb887c915fab5d8d866ee6dc557 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:42:19 +0530
Subject: [PATCH 060/264] Add pbkdf2 cmac to key derivation output_bytes

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8606f17c70..c3531e404a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5611,8 +5611,10 @@ static psa_status_t psa_key_derivation_pbkdf2_read(
         prf_alg = PSA_ALG_HMAC(PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg));
         prf_output_length = PSA_HASH_LENGTH(prf_alg);
         psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
-    } else {
-        return PSA_ERROR_INVALID_ARGUMENT;
+    } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+        prf_alg = PSA_ALG_CMAC;
+        prf_output_length = AES_CMAC_PRF_128_OUTPUT_SIZE;
+        psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
     }
 
     switch (pbkdf2->state) {

From 4536bb6f2bfdb3a552f756607ac815961a7e0c8c Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:42:59 +0530
Subject: [PATCH 061/264] Change mac_size parameter in driver_mac_compute to
 output length

See #7801 for reference

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c3531e404a..1f5ab0d557 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5575,11 +5575,14 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
     memcpy(U_accumulator, U_i, prf_output_length);
 
     for (i = 1; i < pbkdf2->input_cost; i++) {
+        /* We are passing prf_output_length as mac_size because the driver
+         * function directly sets mac_output_length as mac_size upon success.
+         * See #7801 */
         status = psa_driver_wrapper_mac_compute(attributes,
                                                 pbkdf2->password,
                                                 pbkdf2->password_length,
                                                 prf_alg, U_i, prf_output_length,
-                                                U_i, sizeof(U_i),
+                                                U_i, prf_output_length,
                                                 &mac_output_length);
         if (status != PSA_SUCCESS) {
             goto cleanup;

From 1d3fca21b18cfae44838af3daf3fa1dafe4b15d6 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:45:15 +0530
Subject: [PATCH 062/264] Add test cases for input validation of pbkdf2 cmac

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 73 +++++++++++++++++++++++++
 1 file changed, 73 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 6587e93d65..4895f9bc42 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -5543,6 +5543,79 @@ PSA key derivation: PBKDF2-HMAC-SHA256, reject cost greater than PSA_VENDOR_PBKD
 depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256
 derive_input_invalid_cost:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_VENDOR_PBKDF2_MAX_ITERATIONS+1ULL
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, direct output
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, key output
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, DERIVE key as password, key output
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, input cost greater than PSA_VENDOR_PBKDF2_MAX_ITERATIONS
+#Input cost is passed as hex number. Value of PSA_VENDOR_PBKDF2_MAX_ITERATIONS is 0xffffffff
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"0100000000":PSA_ERROR_NOT_SUPPORTED:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt missing
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password missing
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt and password before cost
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password before cost
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password bad key type
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_RAW_DATA:"706173737764":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct password, direct output
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct empty password, direct output
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct password, key output
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, DERIVE key as salt
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"73616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, duplicate cost step
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, duplicate salt step
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"6c74":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject secret step
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject label step
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject seed step
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
 PSA key derivation over capacity: HKDF
 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
 derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)

From 9d4c74f25c9763f17c5440faa522b7ae266d1a91 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 22 Jun 2023 15:47:25 +0530
Subject: [PATCH 063/264] Add test cases for output validation of pbkdf2 cmac

PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome

Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):

Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_ms.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16

password         : 4a30314e4d45
salt             : 54687265616437333563383762344f70656e54687265616444656d6f
input cost       : 16384
derived key len  : 16
output           : 8b27beed7e7a4dd6c53138c879a8e33c

"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys

def main():
    #check args
    if len(sys.argv) != 5:
        print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
        return

    password    = bytes.fromhex(sys.argv[1])
    salt        = bytes.fromhex(sys.argv[2])
    iterations  = int(sys.argv[3])
    dklen       = int(sys.argv[4])

    # If password is not 16 bytes then we need to use CMAC to derive the password
    if len(password) != 16:
        zeros     = bytes.fromhex("00000000000000000000000000000000")
        cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
        passwd    = bytes.fromhex(cobj_pass.hexdigest())
    else:
        passwd = password

    cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()

    actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)

    print('password         : ' + password.hex())
    print('salt             : ' + salt.hex())
    print('input cost       : ' + str(iterations))
    print('derived key len  : ' + str(dklen))
    print('output           : ' + actual_output.hex())

if __name__ == "__main__":
    main()
"""

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 37 +++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 4895f9bc42..021af4dbea 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -6398,6 +6398,43 @@ PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 20+1 (over capacity)
 depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1
 derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9b524af6012062fe037a6":"00":0:1:0
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 16+0
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 15+1
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e3":"3c":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 0+16
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"":"8b27beed7e7a4dd6c53138c879a8e33c":0:1:0
+
+#The following test vectors were generated by a python script. Details can be found in the commit message.
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 2
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"02":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"160597e28021fb3dd9cf088b007b688360fed438":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 3
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"38ba9795fe87e47d519eacb77e82e35daa795870":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 4
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726450415353574f524470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":25:"25e7c43283d2e98cb6d9537a783e93153a45595a876779e00d":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 5
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361006c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"7061737300776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"3d2828c5a437d781e7733ca353c40579":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 6
+depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"28e288c6345bb5ecf7ca70274208a3ba0f1148b5868537d5e09d3ee6813b1f524d9ecbf864eb814a46cda50ad5ec4c0dc03578c6c5fb4a3f9880deb5cab537e4":"":0:1:0
+
 PSA key derivation: ECJPAKE to PMS, no input
 depends_on:PSA_WANT_ALG_SHA_256
 derive_ecjpake_to_pms:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:32:PSA_SUCCESS:"":PSA_ERROR_INVALID_ARGUMENT

From b3042c39fe4686769f17bb092dcd2337bf196e30 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Tue, 27 Jun 2023 10:39:47 +0530
Subject: [PATCH 064/264] Define PSA_ALG_WANT_PBKDF2_AES_CMAC_PRF_128 and fix
 config

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/mbedtls/config_psa.h | 13 +++++--------
 include/psa/crypto_config.h  |  1 +
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index f1cff20b51..9f6b9cafed 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -519,6 +519,11 @@ extern "C" {
 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
 #define MBEDTLS_CMAC_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
+#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
+#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
 #endif /* PSA_WANT_ALG_CMAC */
 
 #if defined(PSA_WANT_ALG_CTR)
@@ -599,14 +604,6 @@ extern "C" {
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
 #endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
 
-#if defined(PSA_WANT_ALG_CMAC) && defined(PSA_HAVE_SOFT_KEY_TYPE_AES)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
-#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
-#define MBEDTLS_CMAC_C
-#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
-#endif /* PSA_WANT_ALG_CMAC && PSA_HAVE_SOFT_KEY_TYPE_AES */
-
 #if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
 #if !defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256)
 #define MBEDTLS_ECP_DP_BP256R1_ENABLED
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index 9da28de8b7..af78dce177 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -76,6 +76,7 @@
 #define PSA_WANT_ALG_MD5                        1
 #define PSA_WANT_ALG_OFB                        1
 #define PSA_WANT_ALG_PBKDF2_HMAC                1
+#define PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128    1
 #define PSA_WANT_ALG_RIPEMD160                  1
 #define PSA_WANT_ALG_RSA_OAEP                   1
 #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT         1

From 3fde8feaa96236e075e43d515126bb685318cd67 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Tue, 27 Jun 2023 10:41:43 +0530
Subject: [PATCH 065/264] FIx name of macro

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_sizes.h |  2 +-
 library/psa_crypto.c       | 16 +++++++++-------
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 61ec2e6c8d..b884defe0c 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -277,7 +277,7 @@
 #define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 0xffffffff
 
 /* Output size of AES_CMAC_PRF_128 algorithm */
-#define AES_CMAC_PRF_128_OUTPUT_SIZE 16
+#define PSA_AES_CMAC_PRF_128_OUTPUT_SIZE 16
 
 /** The maximum size of a block cipher. */
 #define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1f5ab0d557..048ab58b33 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5616,8 +5616,10 @@ static psa_status_t psa_key_derivation_pbkdf2_read(
         psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
     } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         prf_alg = PSA_ALG_CMAC;
-        prf_output_length = AES_CMAC_PRF_128_OUTPUT_SIZE;
+        prf_output_length = PSA_AES_CMAC_PRF_128_OUTPUT_SIZE;
         psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    } else {
+        return PSA_ERROR_INVALID_ARGUMENT;
     }
 
     switch (pbkdf2->state) {
@@ -6184,7 +6186,7 @@ static psa_status_t psa_key_derivation_setup_kdf(
     if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
         hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256);
     } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
-        hash_size = AES_CMAC_PRF_128_OUTPUT_SIZE;
+        hash_size = PSA_AES_CMAC_PRF_128_OUTPUT_SIZE;
     } else {
         if (hash_size == 0) {
             return PSA_ERROR_NOT_SUPPORTED;
@@ -6738,23 +6740,23 @@ static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
                                                  size_t *output_len)
 {
     psa_status_t status = PSA_SUCCESS;
-    if (input_len != AES_CMAC_PRF_128_OUTPUT_SIZE) {
+    if (input_len != PSA_AES_CMAC_PRF_128_OUTPUT_SIZE) {
         psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-        uint8_t zeros[16] = {0};
+        uint8_t zeros[16] = { 0 };
         psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
         psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(sizeof(zeros)));
         psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
-        /* Passing AES_CMAC_PRF_128_OUTPUT_SIZE as mac_size as the driver
+        /* Passing PSA_AES_CMAC_PRF_128_OUTPUT_SIZE as mac_size as the driver
          * function sets mac_output_length = mac_size on success. See #7801*/
         status = psa_driver_wrapper_mac_compute(&attributes,
                                                 zeros, sizeof(zeros),
                                                 PSA_ALG_CMAC, input, input_len,
                                                 output,
-                                                AES_CMAC_PRF_128_OUTPUT_SIZE,
+                                                PSA_AES_CMAC_PRF_128_OUTPUT_SIZE,
                                                 output_len);
     } else {
         memcpy(output, input, input_len);
-        *output_len = AES_CMAC_PRF_128_OUTPUT_SIZE;
+        *output_len = PSA_AES_CMAC_PRF_128_OUTPUT_SIZE;
     }
     return status;
 }

From 671320633c08458b5b7a81b9d1fafd131784559a Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Tue, 27 Jun 2023 10:45:06 +0530
Subject: [PATCH 066/264] Add test cases for key and plain inputs

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 70 +++++++++++++++----------
 1 file changed, 43 insertions(+), 27 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 021af4dbea..2cb9bf55e8 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -5544,76 +5544,76 @@ depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256
 derive_input_invalid_cost:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_VENDOR_PBKDF2_MAX_ITERATIONS+1ULL
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, direct output
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, key output
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, DERIVE key as password, key output
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, input cost greater than PSA_VENDOR_PBKDF2_MAX_ITERATIONS
 #Input cost is passed as hex number. Value of PSA_VENDOR_PBKDF2_MAX_ITERATIONS is 0xffffffff
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"0100000000":PSA_ERROR_NOT_SUPPORTED:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt missing
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password missing
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt and password before cost
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password before cost
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, password bad key type
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_RAW_DATA:"706173737764":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct password, direct output
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct empty password, direct output
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, direct password, key output
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, DERIVE key as salt
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_DERIVE:"73616c74":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, duplicate cost step
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, duplicate salt step
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"6c74":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject secret step
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject label step
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject seed step
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
 PSA key derivation over capacity: HKDF
@@ -6399,42 +6399,58 @@ depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1
 derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9b524af6012062fe037a6":"00":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 16+0
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 15+1
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e3":"3c":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 0+16
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"":"8b27beed7e7a4dd6c53138c879a8e33c":0:1:0
 
 #The following test vectors were generated by a python script. Details can be found in the commit message.
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 2
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"02":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"160597e28021fb3dd9cf088b007b688360fed438":"":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 3
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"38ba9795fe87e47d519eacb77e82e35daa795870":"":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 4
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726450415353574f524470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":25:"25e7c43283d2e98cb6d9537a783e93153a45595a876779e00d":"":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 5
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361006c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"7061737300776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"3d2828c5a437d781e7733ca353c40579":"":0:1:0
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 6
-depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"28e288c6345bb5ecf7ca70274208a3ba0f1148b5868537d5e09d3ee6813b1f524d9ecbf864eb814a46cda50ad5ec4c0dc03578c6c5fb4a3f9880deb5cab537e4":"":0:1:0
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, salt in two step
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"5468726561643733356338376234":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, password as key, derive key
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":""::0:1:1
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, password as bytes
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:0:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, password as bytes, derive key
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:0:1
+
 PSA key derivation: ECJPAKE to PMS, no input
 depends_on:PSA_WANT_ALG_SHA_256
 derive_ecjpake_to_pms:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:32:PSA_SUCCESS:"":PSA_ERROR_INVALID_ARGUMENT

From d80183864a6c2375d27e2e1b83831a7efaeff5fc Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Tue, 27 Jun 2023 10:51:16 +0530
Subject: [PATCH 067/264] Add test case for zero input cost

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2cb9bf55e8..ee9b1e20a8 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -5616,6 +5616,10 @@ PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject seed step
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject zero input cost
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"00":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
 PSA key derivation over capacity: HKDF
 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
 derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)

From 7333ed3efa66c1ac9d886b7506a476a6c4b1995e Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Tue, 4 Jul 2023 11:42:08 +0530
Subject: [PATCH 068/264] Add max iterations test case for cmac

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index ee9b1e20a8..0bbe6bcc14 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -5555,11 +5555,6 @@ PSA key derivation: PBKDF2-AES-CMAC-PRF-128, good case, DERIVE key as password,
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, input cost greater than PSA_VENDOR_PBKDF2_MAX_ITERATIONS
-#Input cost is passed as hex number. Value of PSA_VENDOR_PBKDF2_MAX_ITERATIONS is 0xffffffff
-depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"0100000000":PSA_ERROR_NOT_SUPPORTED:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_DERIVE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
-
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, salt missing
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"01":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_PASSWORD:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
@@ -5620,6 +5615,10 @@ PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject zero input cost
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_input:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:INPUT_INTEGER:"00":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"73616c74":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_PASSWORD:PSA_KEY_TYPE_NONE:"706173737764":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, reject cost greater than PSA_VENDOR_PBKDF2_MAX_ITERATIONS
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_input_invalid_cost:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_VENDOR_PBKDF2_MAX_ITERATIONS+1ULL
+
 PSA key derivation over capacity: HKDF
 depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
 derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)

From 5168bd5f0f06f6ac5e63d9f3e4bd5d41b06bc5f2 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Tue, 4 Jul 2023 11:43:45 +0530
Subject: [PATCH 069/264] Add changelog entry

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 ChangeLog.d/add-pbkdf2-cmac.txt | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 ChangeLog.d/add-pbkdf2-cmac.txt

diff --git a/ChangeLog.d/add-pbkdf2-cmac.txt b/ChangeLog.d/add-pbkdf2-cmac.txt
new file mode 100644
index 0000000000..0ed84ea51c
--- /dev/null
+++ b/ChangeLog.d/add-pbkdf2-cmac.txt
@@ -0,0 +1,2 @@
+Features
+   * Add support for PBKDF2-CMAC through the PSA API.

From 026235c4ec17e52e88b0b6b5a7fb40247a6a2e9e Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 5 Jul 2023 08:32:43 -0400
Subject: [PATCH 070/264] Disable msan errors on null allocation in all.sh

Such error was raised in platform tests,
and it's a valid test case.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 tests/scripts/all.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 46d249d662..604b457c38 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -191,6 +191,7 @@ pre_initialize_variables () {
 
     # Platform tests have an allocation that returns null
     export ASAN_OPTIONS="allocator_may_return_null=1"
+    export MSAN_OPTIONS="allocator_may_return_null=1"
 
     # Gather the list of available components. These are the functions
     # defined in this script whose name starts with "component_".

From 548894fea1e6ef8046ed4e16ee90dc1a0b5208ca Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Wed, 5 Jul 2023 08:50:25 -0400
Subject: [PATCH 071/264] Add msan and asan env variables to .travis.yml

This way the CI tests don't fail on a null allocation.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 .travis.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index bf5ccd96e6..8313317b29 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -32,6 +32,10 @@ jobs:
           packages:
           - clang-10
           - gnutls-bin
+      env:
+        # Platform tests have an allocation that returns null
+        - ASAN_OPTIONS="allocator_may_return_null=1"
+        - MSAN_OPTIONS="allocator_may_return_null=1"
       script:
         # Do a manual build+test sequence rather than using all.sh,
         # because there's no all.sh component that does what we want,
@@ -89,6 +93,10 @@ jobs:
         apt:
           packages:
           - gcc
+      env:
+        # Platform tests have an allocation that returns null
+        - ASAN_OPTIONS="allocator_may_return_null=1"
+        - MSAN_OPTIONS="allocator_may_return_null=1"
       script:
         # Do a manual build+test sequence rather than using all.sh.
         #
@@ -115,6 +123,10 @@ jobs:
           packages:
           - clang
           - gnutls-bin
+      env:
+        # Platform tests have an allocation that returns null
+        - ASAN_OPTIONS="allocator_may_return_null=1"
+        - MSAN_OPTIONS="allocator_may_return_null=1"
       script:
         # Do a manual build+test sequence rather than using all.sh.
         #

From 527f48f14d8b11f674903cb4b02e172771593f9a Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 18:57:30 +0100
Subject: [PATCH 072/264] Add OID definitions for SHA3

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/oid.h |  9 +++++++++
 library/oid.c         | 24 ++++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index e333ba11bb..f894205892 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -270,6 +270,15 @@
 
 #define MBEDTLS_OID_DIGEST_ALG_RIPEMD160        MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */
 
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_224         MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_256         MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_384         MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */
+
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_512         MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */
+
+
 #define MBEDTLS_OID_HMAC_SHA1                   MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
 
 #define MBEDTLS_OID_HMAC_SHA224                 MBEDTLS_OID_RSA_COMPANY "\x02\x08" /**< id-hmacWithSHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 8 } */
diff --git a/library/oid.c b/library/oid.c
index 47a311b940..9ea41cbae2 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -760,6 +760,30 @@ static const oid_md_alg_t oid_md_alg[] =
         OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_RIPEMD160, "id-ripemd160", "RIPEMD-160"),
         MBEDTLS_MD_RIPEMD160,
     },
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_224)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_224,    "id-sha3-224",    "SHA-3-224"),
+        MBEDTLS_MD_SHA3_224,
+    },
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_256)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_256,    "id-sha3-256",    "SHA-3-256"),
+        MBEDTLS_MD_SHA3_256,
+    },
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_384)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_384,    "id-sha3-384",    "SHA-3-384"),
+        MBEDTLS_MD_SHA3_384,
+    },
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_512)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_DIGEST_ALG_SHA3_512,    "id-sha3-512",    "SHA-3-512"),
+        MBEDTLS_MD_SHA3_512,
+    },
 #endif
     {
         NULL_OID_DESCRIPTOR,

From 3a498a6ccbe7b821012ba2404b03ccd45fa14628 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 18:58:04 +0100
Subject: [PATCH 073/264] Add SHA-3 cases in mbedtls_md_type_from_psa_alg,
 mbedtls_md_psa_alg_from_type

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/md.c | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/library/md.c b/library/md.c
index a29d876e9e..b04e364456 100644
--- a/library/md.c
+++ b/library/md.c
@@ -816,6 +816,22 @@ psa_algorithm_t mbedtls_md_psa_alg_from_type(mbedtls_md_type_t md_type)
 #if defined(MBEDTLS_MD_CAN_SHA512)
         case MBEDTLS_MD_SHA512:
             return PSA_ALG_SHA_512;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_224)
+        case MBEDTLS_MD_SHA3_224:
+            return PSA_ALG_SHA3_224;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_256)
+        case MBEDTLS_MD_SHA3_256:
+            return PSA_ALG_SHA3_256;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_384)
+        case MBEDTLS_MD_SHA3_384:
+            return PSA_ALG_SHA3_384;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_512)
+        case MBEDTLS_MD_SHA3_512:
+            return PSA_ALG_SHA3_512;
 #endif
         default:
             return PSA_ALG_NONE;
@@ -852,6 +868,22 @@ mbedtls_md_type_t mbedtls_md_type_from_psa_alg(psa_algorithm_t psa_alg)
 #if defined(MBEDTLS_MD_CAN_SHA512)
         case PSA_ALG_SHA_512:
             return MBEDTLS_MD_SHA512;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_224)
+        case PSA_ALG_SHA3_224:
+            return MBEDTLS_MD_SHA3_224;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_256)
+        case PSA_ALG_SHA3_256:
+            return MBEDTLS_MD_SHA3_256;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_384)
+        case PSA_ALG_SHA3_384:
+            return MBEDTLS_MD_SHA3_384;
+#endif
+#if defined(MBEDTLS_MD_CAN_SHA3_512)
+        case PSA_ALG_SHA3_512:
+            return MBEDTLS_MD_SHA3_512;
 #endif
         default:
             return MBEDTLS_MD_NONE;

From 7bb7602a6630d2e33b6d6cdcfff95befb28e6fc3 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 19:03:21 +0100
Subject: [PATCH 074/264] Add OID tests for SHA-3

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_oid.data | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data
index 00f6e0b4d7..cc23c5b665 100644
--- a/tests/suites/test_suite_oid.data
+++ b/tests/suites/test_suite_oid.data
@@ -82,6 +82,22 @@ OID hash id - id-sha512
 depends_on:MBEDTLS_MD_CAN_SHA512
 oid_get_md_alg_id:"608648016503040203":MBEDTLS_MD_SHA512
 
+OID hash id - id-sha3-224
+depends_on:MBEDTLS_MD_CAN_SHA3_224
+oid_get_md_alg_id:"608648016503040207":MBEDTLS_MD_SHA3_224
+
+OID hash id - id-sha3-256
+depends_on:MBEDTLS_MD_CAN_SHA3_256
+oid_get_md_alg_id:"608648016503040208":MBEDTLS_MD_SHA3_256
+
+OID hash id - id-sha3-384
+depends_on:MBEDTLS_MD_CAN_SHA3_384
+oid_get_md_alg_id:"608648016503040209":MBEDTLS_MD_SHA3_384
+
+OID hash id - id-sha3-512
+depends_on:MBEDTLS_MD_CAN_SHA3_512
+oid_get_md_alg_id:"60864801650304020a":MBEDTLS_MD_SHA3_512
+
 OID hash id - id-ripemd160
 depends_on:MBEDTLS_MD_CAN_RIPEMD160
 oid_get_md_alg_id:"2b24030201":MBEDTLS_MD_RIPEMD160

From c0a0990b6e176ff0d7efd90424242662a6597d0a Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 19:15:53 +0100
Subject: [PATCH 075/264] Improve testing of md/PSA alg identifier macro
 conversions

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_md.function | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index ac9516ab8d..2768707e9f 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -28,6 +28,11 @@ void mbedtls_md_list()
         TEST_EQUAL(0, mbedtls_md_starts(&ctx));
         TEST_EQUAL(0, mbedtls_md_finish(&ctx, out));
         mbedtls_md_free(&ctx);
+
+        /* Ensure that we can convert to and from a psa_algorithm_t */
+        psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr);
+        TEST_ASSERT(p != PSA_ALG_NONE);
+        TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p));
     }
 
 exit:

From 76814b6207b141de1137a5c77b372ede829e1858 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 19:38:21 +0100
Subject: [PATCH 076/264] fix missing include

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_md.function | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index 2768707e9f..75087e7eea 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -1,5 +1,6 @@
 /* BEGIN_HEADER */
 #include "mbedtls/md.h"
+#include "../library/md_psa.h"
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES

From 852b6c30b787f28a1fc085b7ccf3b776b0fa09f5 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 19:47:08 +0100
Subject: [PATCH 077/264] Support MBEDTLS_MD_SHA3_xxx_VIA_PSA

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/md.h | 21 +++++++++++++++++++++
 library/md.c         | 16 ++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index f717618d27..de4f8758ed 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -85,6 +85,26 @@
 #define MBEDTLS_MD_RIPEMD160_VIA_PSA
 #define MBEDTLS_MD_SOME_PSA
 #endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_224)
+#define MBEDTLS_MD_CAN_SHA3_224
+#define MBEDTLS_MD_SHA3_224_VIA_PSA
+#define MBEDTLS_MD_SOME_PSA
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_256)
+#define MBEDTLS_MD_CAN_SHA3_256
+#define MBEDTLS_MD_SHA3_256_VIA_PSA
+#define MBEDTLS_MD_SOME_PSA
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_384)
+#define MBEDTLS_MD_CAN_SHA3_384
+#define MBEDTLS_MD_SHA3_384_VIA_PSA
+#define MBEDTLS_MD_SOME_PSA
+#endif
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA3_512)
+#define MBEDTLS_MD_CAN_SHA3_512
+#define MBEDTLS_MD_SHA3_512_VIA_PSA
+#define MBEDTLS_MD_SOME_PSA
+#endif
 #endif /* MBEDTLS_PSA_CRYPTO_C */
 
 /* Built-in implementations */
@@ -117,6 +137,7 @@
 #define MBEDTLS_MD_CAN_SHA3_256
 #define MBEDTLS_MD_CAN_SHA3_384
 #define MBEDTLS_MD_CAN_SHA3_512
+#define MBEDTLS_MD_SOME_LEGACY
 #endif
 #if defined(MBEDTLS_RIPEMD160_C)
 #define MBEDTLS_MD_CAN_RIPEMD160
diff --git a/library/md.c b/library/md.c
index b04e364456..4223c865ba 100644
--- a/library/md.c
+++ b/library/md.c
@@ -258,6 +258,22 @@ static psa_algorithm_t psa_alg_of_md(const mbedtls_md_info_t *info)
 #if defined(MBEDTLS_MD_SHA512_VIA_PSA)
         case MBEDTLS_MD_SHA512:
             return PSA_ALG_SHA_512;
+#endif
+#if defined(MBEDTLS_MD_SHA3_224_VIA_PSA)
+        case MBEDTLS_MD_SHA3_224:
+            return PSA_ALG_SHA3_224;
+#endif
+#if defined(MBEDTLS_MD_SHA3_256_VIA_PSA)
+        case MBEDTLS_MD_SHA3_256:
+            return PSA_ALG_SHA3_256;
+#endif
+#if defined(MBEDTLS_MD_SHA3_384_VIA_PSA)
+        case MBEDTLS_MD_SHA3_384:
+            return PSA_ALG_SHA3_384;
+#endif
+#if defined(MBEDTLS_MD_SHA3_512_VIA_PSA)
+        case MBEDTLS_MD_SHA3_512:
+            return PSA_ALG_SHA3_512;
 #endif
         default:
             return PSA_ALG_NONE;

From f324a74fab4969f1037d715bb3f9905a40aa0b73 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 19:55:15 +0100
Subject: [PATCH 078/264] Add tests for MBEDTLS_MD_SHA3_xxx_VIA_PSA

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_md.psa.data | 48 +++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/tests/suites/test_suite_md.psa.data b/tests/suites/test_suite_md.psa.data
index 5266f187ff..cd24add46d 100644
--- a/tests/suites/test_suite_md.psa.data
+++ b/tests/suites/test_suite_md.psa.data
@@ -85,3 +85,51 @@ md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_
 PSA dispatch SHA512 legacy+driver
 depends_on:MBEDTLS_SHA512_C:MBEDTLS_MD_SHA512_VIA_PSA
 md_psa_dynamic_dispatch:MBEDTLS_MD_SHA512:0:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-224 legacy only
+depends_on:MBEDTLS_SHA3_224_C:!MBEDTLS_MD_SHA3_224_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_LEGACY
+
+PSA dispatch SHA3-224 driver only
+depends_on:!MBEDTLS_SHA3_224_C:MBEDTLS_MD_SHA3_224_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-224 legacy+driver
+depends_on:MBEDTLS_SHA3_224_C:MBEDTLS_MD_SHA3_224_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_224:0:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-256 legacy only
+depends_on:MBEDTLS_SHA3_256_C:!MBEDTLS_MD_SHA3_256_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_LEGACY
+
+PSA dispatch SHA3-256 driver only
+depends_on:!MBEDTLS_SHA3_256_C:MBEDTLS_MD_SHA3_256_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-256 legacy+driver
+depends_on:MBEDTLS_SHA3_256_C:MBEDTLS_MD_SHA3_256_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_256:0:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-384 legacy only
+depends_on:MBEDTLS_SHA3_384_C:!MBEDTLS_MD_SHA3_384_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_LEGACY
+
+PSA dispatch SHA3-384 driver only
+depends_on:!MBEDTLS_SHA3_384_C:MBEDTLS_MD_SHA3_384_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-384 legacy+driver
+depends_on:MBEDTLS_SHA3_384_C:MBEDTLS_MD_SHA3_384_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_384:0:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-512 legacy only
+depends_on:MBEDTLS_SHA3_512_C:!MBEDTLS_MD_SHA3_512_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_LEGACY
+
+PSA dispatch SHA3-512 driver only
+depends_on:!MBEDTLS_SHA3_512_C:MBEDTLS_MD_SHA3_512_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:MBEDTLS_ERR_MD_BAD_INPUT_DATA:MBEDTLS_MD_ENGINE_PSA
+
+PSA dispatch SHA3-512 legacy+driver
+depends_on:MBEDTLS_SHA3_512_C:MBEDTLS_MD_SHA3_512_VIA_PSA
+md_psa_dynamic_dispatch:MBEDTLS_MD_SHA3_512:0:MBEDTLS_MD_ENGINE_PSA

From 0c2d1afaf328f840959db099b7d668474e948db8 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 20:23:09 +0100
Subject: [PATCH 079/264] Fix free before pointers initialised

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_md.function | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index 75087e7eea..03b18640b7 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -386,7 +386,6 @@ exit:
 void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine)
 {
     const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
-    TEST_ASSERT(md_info != NULL);
     mbedtls_md_context_t ctx1, ctx2;
 
     /* Intentionally no PSA init here! (Will be done later.) */
@@ -394,6 +393,8 @@ void md_psa_dynamic_dispatch(int md_type, int pre_psa_ret, int post_psa_engine)
     mbedtls_md_init(&ctx1);
     mbedtls_md_init(&ctx2);
 
+    TEST_ASSERT(md_info != NULL);
+
     /* Before PSA crypto init */
     TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx1, md_info, 0));
     TEST_EQUAL(pre_psa_ret, mbedtls_md_setup(&ctx2, md_info, 0));

From 6cc1734f3e7ac9e1de336937d41cfa6ec308873f Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 5 Jul 2023 20:27:45 +0100
Subject: [PATCH 080/264] Fix test dependency

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_md.function | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index 03b18640b7..384b408c81 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -30,10 +30,12 @@ void mbedtls_md_list()
         TEST_EQUAL(0, mbedtls_md_finish(&ctx, out));
         mbedtls_md_free(&ctx);
 
+#if defined MBEDTLS_PSA_CRYPTO_C
         /* Ensure that we can convert to and from a psa_algorithm_t */
         psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr);
         TEST_ASSERT(p != PSA_ALG_NONE);
         TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p));
+#endif
     }
 
 exit:

From 8dda131a0ad44805f56ea8e6ddb7e5f68f4279bb Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 6 Jul 2023 09:30:37 +0100
Subject: [PATCH 081/264] Test OID lookup for every hash algorithm

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_md.function | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/tests/suites/test_suite_md.function b/tests/suites/test_suite_md.function
index 384b408c81..7a10891238 100644
--- a/tests/suites/test_suite_md.function
+++ b/tests/suites/test_suite_md.function
@@ -1,6 +1,8 @@
 /* BEGIN_HEADER */
 #include "mbedtls/md.h"
 #include "../library/md_psa.h"
+#include "mbedtls/oid.h"
+#include "mbedtls/asn1.h"
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
@@ -30,12 +32,23 @@ void mbedtls_md_list()
         TEST_EQUAL(0, mbedtls_md_finish(&ctx, out));
         mbedtls_md_free(&ctx);
 
-#if defined MBEDTLS_PSA_CRYPTO_C
+#if defined(MBEDTLS_PSA_CRYPTO_C)
         /* Ensure that we can convert to and from a psa_algorithm_t */
         psa_algorithm_t p = mbedtls_md_psa_alg_from_type(*md_type_ptr);
         TEST_ASSERT(p != PSA_ALG_NONE);
         TEST_EQUAL(*md_type_ptr, mbedtls_md_type_from_psa_alg(p));
 #endif
+
+#if defined(MBEDTLS_OID_C)
+        mbedtls_asn1_buf asn1;
+        /* Check that we have an OID definition */
+        TEST_EQUAL(mbedtls_oid_get_oid_by_md((mbedtls_md_type_t) *md_type_ptr,
+                                             (const char **) &asn1.p, &asn1.len), 0);
+        /* Check that this OID definition maps back to the correct mbedtls_md_type_t */
+        mbedtls_md_type_t m;
+        TEST_EQUAL(mbedtls_oid_get_md_alg(&asn1, &m), 0);
+        TEST_EQUAL(m, *md_type_ptr);
+#endif
     }
 
 exit:

From f14a5c3fcb54ae2dae758c39ee3137eca19d88de Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Fri, 14 Jul 2023 06:15:15 -0400
Subject: [PATCH 082/264] Improve the documentation of MBEDTLS_PLATFORM_MEMORY

Introduce requests from review comments.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 include/mbedtls/mbedtls_config.h | 75 +++++++++++++++++---------------
 1 file changed, 40 insertions(+), 35 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index ddbef7a66f..d0f8c46554 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -172,15 +172,47 @@
  * This allows different allocators (self-implemented or provided) to be
  * provided to the platform abstraction layer.
  *
- * Enabling MBEDTLS_PLATFORM_MEMORY without the
+ * Enabling #MBEDTLS_PLATFORM_MEMORY without the
  * MBEDTLS_PLATFORM_{FREE,CALLOC}_MACROs will provide
  * "mbedtls_platform_set_calloc_free()" allowing you to set an alternative calloc() and
  * free() function pointer at runtime.
  *
- * Enabling MBEDTLS_PLATFORM_MEMORY and specifying
+ * Enabling #MBEDTLS_PLATFORM_MEMORY and specifying
  * MBEDTLS_PLATFORM_{CALLOC,FREE}_MACROs will allow you to specify the
  * alternate function at compile time.
  *
+ * An overview of how the value of mbedtls_calloc is determined:
+ *
+ * - if !MBEDTLS_PLATFORM_MEMORY
+ *     - mbedtls_calloc = calloc
+ * - if MBEDTLS_PLATFORM_MEMORY
+ *     - if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
+ *         - mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO
+ *     - if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
+ *         - Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC.
+ *         - How is MBEDTLS_PLATFORM_STD_CALLOC handled?
+ *         - if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
+ *             - MBEDTLS_PLATFORM_STD_CALLOC is not set to anything;
+ *             - MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present;
+ *         - if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
+ *             - if MBEDTLS_PLATFORM_STD_CALLOC is present:
+ *                 - User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected;
+ *             - if !MBEDTLS_PLATFORM_STD_CALLOC:
+ *                 - MBEDTLS_PLATFORM_STD_CALLOC = calloc
+ *
+ *         - At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked.
+ *         - if !MBEDTLS_PLATFORM_STD_CALLOC
+ *             - MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc
+ *
+ *         - mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC.
+ *
+ * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and #MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible.
+ * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time.
+ * #MBEDTLS_PLATFORM_STD_CALLOC and #MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used,
+ * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything.
+ *
  * Requires: MBEDTLS_PLATFORM_C
  *
  * Enable this layer to allow use of alternative memory allocators.
@@ -3681,53 +3713,26 @@
 /* Platform options */
 //#define MBEDTLS_PLATFORM_STD_MEM_HDR   <stdlib.h> /**< Header to include if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS is defined. Don't define if no header is needed. */
 
-/* An overview of how the value of mbedtls_calloc is determined:
- *
- * if !MBEDTLS_PLATFORM_MEMORY
- *     mbedtls_calloc = calloc
- * if MBEDTLS_PLATFORM_MEMORY
- *     if (MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
- *         mbedtls_calloc = MBEDTLS_PLATFORM_CALLOC_MACRO
- *     if !(MBEDTLS_PLATFORM_CALLOC_MACRO && MBEDTLS_PLATFORM_FREE_MACRO):
- *         Dynamic setup via mbedtls_platform_set_calloc_free is now possible with a default value MBEDTLS_PLATFORM_STD_CALLOC.
- *         How is MBEDTLS_PLATFORM_STD_CALLOC handled?
- *         if MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
- *             MBEDTLS_PLATFORM_STD_CALLOC is not set to anything;
- *             MBEDTLS_PLATFORM_STD_MEM_HDR can be included if present;
- *         if !MBEDTLS_PLATFORM_NO_STD_FUNCTIONS:
- *             if MBEDTLS_PLATFORM_STD_CALLOC is present:
- *                 User-defined MBEDTLS_PLATFORM_STD_CALLOC is respected;
- *             if !MBEDTLS_PLATFORM_STD_CALLOC:
- *                 MBEDTLS_PLATFORM_STD_CALLOC = calloc
- *
- *         At this point the presence of MBEDTLS_PLATFORM_STD_CALLOC is checked.
- *         if !MBEDTLS_PLATFORM_STD_CALLOC
- *             MBEDTLS_PLATFORM_STD_CALLOC = uninitialized_calloc
- *
- *         mbedtls_calloc = MBEDTLS_PLATFORM_STD_CALLOC.
- *
- * Defining MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC at the same time is not possible.
- * MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_FREE_MACRO must both be defined or undefined at the same time.
- * MBEDTLS_PLATFORM_STD_CALLOC and MBEDTLS_PLATFORM_STD_FREE do not have to be defined at the same time, as, if they are used,
- * dynamic setup of these functions is possible. See the tree above to see how are they handled in all cases.
- */
-
 /** \def MBEDTLS_PLATFORM_STD_CALLOC
  *
- * Default allocator to use, can be undefined. See the description above for details.
+ * Default allocator to use, can be undefined.
  * It must initialize the allocated buffer memory to zeroes.
  * The size of the buffer is the product of the two parameters.
  * The calloc function returns either a null pointer or a pointer to the allocated space.
  * If the product is 0, the function may either return NULL or a valid pointer to an array of size 0 which is a valid input to the deallocation function.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_CALLOC always fails, returning a null pointer.
+ * See the description of #MBEDTLS_PLATFORM_MEMORY for more details.
  * The corresponding deallocation function is #MBEDTLS_PLATFORM_STD_FREE.
  */
 //#define MBEDTLS_PLATFORM_STD_CALLOC        calloc
 
 /** \def MBEDTLS_PLATFORM_STD_FREE
  *
- * Default free to use, can be undefined. See the description above for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply).
+ * Default free to use, can be undefined.
  * NULL is a valid parameter, and the function must do nothing.
  * A non-null parameter will always be a pointer previously returned by #MBEDTLS_PLATFORM_STD_CALLOC and not yet freed.
+ * An uninitialized #MBEDTLS_PLATFORM_STD_FREE does not do anything.
+ * See the description of #MBEDTLS_PLATFORM_MEMORY for more details (same principles as for MBEDTLS_PLATFORM_STD_CALLOC apply).
  */
 //#define MBEDTLS_PLATFORM_STD_FREE            free
 //#define MBEDTLS_PLATFORM_STD_SETBUF      setbuf /**< Default setbuf to use, can be undefined */

From fc6ed4ddad41e6ca10e807bb1b5aac34752ece87 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 14 Jul 2023 17:33:09 +0800
Subject: [PATCH 083/264] code_size_compare: add a parser to generate code size
 with size tool

This commit splits CodeSizeBase as a separate class to prepare a
parser as CodeSizeGenerator. The benefit is we can extend the tool
of code size measurement in order to generate more types of code
size record.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 35 ++++++++++++++++++++---------------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 0ed28999b3..3c0f83d9a4 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -125,17 +125,18 @@ class CodeSizeInfo: # pylint: disable=too-few-public-methods
                 print(comb)
             sys.exit(1)
 
-class SizeEntry: # pylint: disable=too-few-public-methods
-    """Data Structure to only store information of code size."""
-    def __init__(self, text, data, bss, dec):
-        self.text = text
-        self.data = data
-        self.bss = bss
-        self.total = dec # total <=> dec
 
-class CodeSizeBase:
+class CodeSizeGeneratorWithSize:
     """Code Size Base Class for size record saving and writing."""
 
+    class SizeEntry: # pylint: disable=too-few-public-methods
+        """Data Structure to only store information of code size."""
+        def __init__(self, text, data, bss, dec):
+            self.text = text
+            self.data = data
+            self.bss = bss
+            self.total = dec # total <=> dec
+
     def __init__(self) -> None:
         """ Variable code_size is used to store size info for any revisions.
         code_size: (data format)
@@ -157,7 +158,8 @@ class CodeSizeBase:
         size_record = {}
         for line in size_text.splitlines()[1:]:
             data = line.split()
-            size_record[data[5]] = SizeEntry(data[0], data[1], data[2], data[3])
+            size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry(\
+                    data[0], data[1], data[2], data[3])
         if revision in self.code_size:
             self.code_size[revision].update({mod: size_record})
         else:
@@ -180,7 +182,8 @@ class CodeSizeBase:
 
                 if mod:
                     size_record[data[0]] = \
-                        SizeEntry(data[1], data[2], data[3], data[4])
+                        CodeSizeGeneratorWithSize.SizeEntry(\
+                        data[1], data[2], data[3], data[4])
 
                 # check if we hit record for the end of a module
                 m = re.match(r'.?TOTALS', line)
@@ -247,7 +250,7 @@ class CodeSizeBase:
                 output.write("{} {}\n".format(fname, new_size))
 
 
-class CodeSizeComparison(CodeSizeBase):
+class CodeSizeComparison:
     """Compare code size between two Git revisions."""
 
     def __init__(
@@ -278,6 +281,7 @@ class CodeSizeComparison(CodeSizeBase):
         self.make_command = code_size_info.make_command
         self.fname_suffix = "-" + code_size_info.arch + "-" +\
                             code_size_info.config
+        self.code_size_generator = CodeSizeGeneratorWithSize()
 
     @staticmethod
     def validate_revision(revision: str) -> bytes:
@@ -336,12 +340,12 @@ class CodeSizeComparison(CodeSizeBase):
                 self._handle_called_process_error(e, git_worktree_path)
             size_text = result.decode("utf-8")
 
-            self.set_size_record(revision, mod, size_text)
+            self.code_size_generator.set_size_record(revision, mod, size_text)
 
         print("Generating code size csv for", revision)
         csv_file = open(os.path.join(self.csv_dir, revision +
                                      self.fname_suffix + ".csv"), "w")
-        self.write_size_record(revision, csv_file)
+        self.code_size_generator.write_size_record(revision, csv_file)
 
     def _remove_worktree(self, git_worktree_path: str) -> None:
         """Remove temporary worktree."""
@@ -361,7 +365,8 @@ class CodeSizeComparison(CodeSizeBase):
         if (revision != "current") and \
            os.path.exists(os.path.join(self.csv_dir, csv_fname)):
             print("Code size csv file for", revision, "already exists.")
-            self.read_size_record(revision, os.path.join(self.csv_dir, csv_fname))
+            self.code_size_generator.read_size_record(revision,\
+                    os.path.join(self.csv_dir, csv_fname))
         else:
             git_worktree_path = self._create_git_worktree(revision)
             self._build_libraries(git_worktree_path)
@@ -380,7 +385,7 @@ class CodeSizeComparison(CodeSizeBase):
 
         print("\nGenerating comparison results between",\
                 self.old_rev, "and", self.new_rev)
-        self.write_comparison(self.old_rev, self.new_rev, res_file)
+        self.code_size_generator.write_comparison(self.old_rev, self.new_rev, res_file)
 
         return 0
 

From 15c43f34073f6315bc006de4c992ab19a6cbaa28 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 17 Jul 2023 11:17:12 +0800
Subject: [PATCH 084/264] code_size_compare: add a base class as
 CodeSizeGenerator

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 64 +++++++++++++++++++++++++++++++++++-
 1 file changed, 63 insertions(+), 1 deletion(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 3c0f83d9a4..a5625c32a1 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -126,7 +126,44 @@ class CodeSizeInfo: # pylint: disable=too-few-public-methods
             sys.exit(1)
 
 
-class CodeSizeGeneratorWithSize:
+class CodeSizeGenerator:
+    """ A generator based on size measurement tool for library objects.
+
+    This is an abstract class. To use it, derive a class that implements
+    size_generator_write_record and size_generator_write_comparison methods,
+    then call both of them with proper arguments.
+    """
+    def size_generator_write_record(
+            self,
+            revision: str,
+            code_size_text: typing.Dict,
+            output_file: str
+    ) -> None:
+        """Write size record into a file.
+
+        revision: Git revision.(E.g: commit)
+        code_size_text: text output (utf-8) from code size measurement tool.
+        output_file: file which the code size record is written to.
+        """
+        raise NotImplementedError
+
+    def size_generator_write_comparison(
+            self,
+            old_rev: str,
+            new_rev: str,
+            output_stream
+    ) -> None:
+        """Write a comparision result into a stream between two revisions.
+
+        old_rev: old git revision to compared with.
+        new_rev: new git revision to compared with.
+        output_stream: stream which the code size record is written to.
+                       (E.g: file / sys.stdout)
+        """
+        raise NotImplementedError
+
+
+class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     """Code Size Base Class for size record saving and writing."""
 
     class SizeEntry: # pylint: disable=too-few-public-methods
@@ -249,6 +286,31 @@ class CodeSizeGeneratorWithSize:
             else:
                 output.write("{} {}\n".format(fname, new_size))
 
+    def size_generator_write_record(
+            self,
+            revision: str,
+            code_size_text: typing.Dict,
+            output_file: str
+    ) -> None:
+        """Write size record into a specified file based on Git revision and
+        output from `size` tool."""
+        for mod, size_text in code_size_text.items():
+            self.set_size_record(revision, mod, size_text)
+
+        print("Generating code size csv for", revision)
+        output = open(output_file, "w")
+        self.write_size_record(revision, output)
+
+    def size_generator_write_comparison(
+            self,
+            old_rev: str,
+            new_rev: str,
+            output_stream
+    ) -> None:
+        """Write a comparision result into a stream between two revisions."""
+        output = open(output_stream, "w")
+        self.write_comparison(old_rev, new_rev, output)
+
 
 class CodeSizeComparison:
     """Compare code size between two Git revisions."""

From e0e276046bda6a1feb8121b44a565cee2bfd9543 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 14 Jul 2023 17:37:45 +0800
Subject: [PATCH 085/264] code_size_compare: add CodeSizeCalculator to
 calculate code size

CodeSizeCalculator is aimed to calculate code size based on a Git
revision and code size measurement tool. The output of code size is
in utf-8 encoding.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 223 +++++++++++++++++++++--------------
 1 file changed, 132 insertions(+), 91 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index a5625c32a1..01d93cad0f 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -126,6 +126,123 @@ class CodeSizeInfo: # pylint: disable=too-few-public-methods
             sys.exit(1)
 
 
+class CodeSizeCalculator:
+    """ A calculator to calculate code size of library objects based on
+    Git revision and code size measurement tool.
+    """
+
+    def __init__(
+            self,
+            revision: str,
+            make_cmd: str,
+    ) -> None:
+        """
+        revision: Git revision.(E.g: commit)
+        make_cmd: command to build library objects.
+        """
+        self.repo_path = "."
+        self.git_command = "git"
+        self.make_clean = 'make clean'
+
+        self.revision = revision
+        self.make_cmd = make_cmd
+
+    @staticmethod
+    def validate_revision(revision: str) -> bytes:
+        result = subprocess.check_output(["git", "rev-parse", "--verify",
+                                          revision + "^{commit}"], shell=False)
+        return result
+
+    def _create_git_worktree(self, revision: str) -> str:
+        """Make a separate worktree for revision.
+        Do not modify the current worktree."""
+
+        if revision == "current":
+            print("Using current work directory")
+            git_worktree_path = self.repo_path
+        else:
+            print("Creating git worktree for", revision)
+            git_worktree_path = os.path.join(self.repo_path, "temp-" + revision)
+            subprocess.check_output(
+                [self.git_command, "worktree", "add", "--detach",
+                 git_worktree_path, revision], cwd=self.repo_path,
+                stderr=subprocess.STDOUT
+            )
+
+        return git_worktree_path
+
+    def _build_libraries(self, git_worktree_path: str) -> None:
+        """Build libraries in the specified worktree."""
+
+        my_environment = os.environ.copy()
+        try:
+            subprocess.check_output(
+                self.make_clean, env=my_environment, shell=True,
+                cwd=git_worktree_path, stderr=subprocess.STDOUT,
+            )
+            subprocess.check_output(
+                self.make_cmd, env=my_environment, shell=True,
+                cwd=git_worktree_path, stderr=subprocess.STDOUT,
+            )
+        except subprocess.CalledProcessError as e:
+            self._handle_called_process_error(e, git_worktree_path)
+
+    def _gen_raw_code_size(self, revision, git_worktree_path):
+        """Calculate code size with measurement tool in UTF-8 encoding."""
+        if revision == "current":
+            print("Measuring code size in current work directory")
+        else:
+            print("Measuring code size for", revision)
+
+        res = {}
+        for mod, st_lib in MBEDTLS_STATIC_LIB.items():
+            try:
+                result = subprocess.check_output(
+                    ["size", st_lib, "-t"], cwd=git_worktree_path,
+                    universal_newlines=True
+                )
+                res[mod] = result
+            except subprocess.CalledProcessError as e:
+                self._handle_called_process_error(e, git_worktree_path)
+
+        return res
+
+    def _remove_worktree(self, git_worktree_path: str) -> None:
+        """Remove temporary worktree."""
+        if git_worktree_path != self.repo_path:
+            print("Removing temporary worktree", git_worktree_path)
+            subprocess.check_output(
+                [self.git_command, "worktree", "remove", "--force",
+                 git_worktree_path], cwd=self.repo_path,
+                stderr=subprocess.STDOUT
+            )
+
+    def _handle_called_process_error(self, e: subprocess.CalledProcessError,
+                                     git_worktree_path: str) -> None:
+        """Handle a CalledProcessError and quit the program gracefully.
+        Remove any extra worktrees so that the script may be called again."""
+
+        # Tell the user what went wrong
+        print("The following command: {} failed and exited with code {}"
+              .format(e.cmd, e.returncode))
+        print("Process output:\n {}".format(str(e.output, "utf-8")))
+
+        # Quit gracefully by removing the existing worktree
+        self._remove_worktree(git_worktree_path)
+        sys.exit(-1)
+
+    def cal_libraries_code_size(self) -> typing.Dict:
+        """Calculate code size of libraries by measurement tool."""
+
+        revision = self.revision
+        git_worktree_path = self._create_git_worktree(revision)
+        self._build_libraries(git_worktree_path)
+        res = self._gen_raw_code_size(revision, git_worktree_path)
+        self._remove_worktree(git_worktree_path)
+
+        return res
+
+
 class CodeSizeGenerator:
     """ A generator based on size measurement tool for library objects.
 
@@ -328,7 +445,6 @@ class CodeSizeComparison:
         result_dir: directory for comparison result.
         code_size_info: an object containing information to build library.
         """
-        super().__init__()
         self.repo_path = "."
         self.result_dir = os.path.abspath(result_dir)
         os.makedirs(self.result_dir, exist_ok=True)
@@ -345,47 +461,7 @@ class CodeSizeComparison:
                             code_size_info.config
         self.code_size_generator = CodeSizeGeneratorWithSize()
 
-    @staticmethod
-    def validate_revision(revision: str) -> bytes:
-        result = subprocess.check_output(["git", "rev-parse", "--verify",
-                                          revision + "^{commit}"], shell=False)
-        return result
-
-    def _create_git_worktree(self, revision: str) -> str:
-        """Make a separate worktree for revision.
-        Do not modify the current worktree."""
-
-        if revision == "current":
-            print("Using current work directory")
-            git_worktree_path = self.repo_path
-        else:
-            print("Creating git worktree for", revision)
-            git_worktree_path = os.path.join(self.repo_path, "temp-" + revision)
-            subprocess.check_output(
-                [self.git_command, "worktree", "add", "--detach",
-                 git_worktree_path, revision], cwd=self.repo_path,
-                stderr=subprocess.STDOUT
-            )
-
-        return git_worktree_path
-
-    def _build_libraries(self, git_worktree_path: str) -> None:
-        """Build libraries in the specified worktree."""
-
-        my_environment = os.environ.copy()
-        try:
-            subprocess.check_output(
-                self.make_clean, env=my_environment, shell=True,
-                cwd=git_worktree_path, stderr=subprocess.STDOUT,
-            )
-            subprocess.check_output(
-                self.make_command, env=my_environment, shell=True,
-                cwd=git_worktree_path, stderr=subprocess.STDOUT,
-            )
-        except subprocess.CalledProcessError as e:
-            self._handle_called_process_error(e, git_worktree_path)
-
-    def _gen_code_size_csv(self, revision: str, git_worktree_path: str) -> None:
+    def _gen_code_size_csv(self, revision: str) -> None:
         """Generate code size csv file."""
 
         if revision == "current":
@@ -393,31 +469,13 @@ class CodeSizeComparison:
         else:
             print("Measuring code size for", revision)
 
-        for mod, st_lib in MBEDTLS_STATIC_LIB.items():
-            try:
-                result = subprocess.check_output(
-                    ["size", st_lib, "-t"], cwd=git_worktree_path
-                )
-            except subprocess.CalledProcessError as e:
-                self._handle_called_process_error(e, git_worktree_path)
-            size_text = result.decode("utf-8")
+        code_size_text = CodeSizeCalculator(revision, self.make_command).\
+                cal_libraries_code_size()
 
-            self.code_size_generator.set_size_record(revision, mod, size_text)
-
-        print("Generating code size csv for", revision)
-        csv_file = open(os.path.join(self.csv_dir, revision +
-                                     self.fname_suffix + ".csv"), "w")
-        self.code_size_generator.write_size_record(revision, csv_file)
-
-    def _remove_worktree(self, git_worktree_path: str) -> None:
-        """Remove temporary worktree."""
-        if git_worktree_path != self.repo_path:
-            print("Removing temporary worktree", git_worktree_path)
-            subprocess.check_output(
-                [self.git_command, "worktree", "remove", "--force",
-                 git_worktree_path], cwd=self.repo_path,
-                stderr=subprocess.STDOUT
-            )
+        csv_file = os.path.join(self.csv_dir, revision +
+                                self.fname_suffix + ".csv")
+        self.code_size_generator.size_generator_write_record(revision,\
+                code_size_text, csv_file)
 
     def _get_code_size_for_rev(self, revision: str) -> None:
         """Generate code size csv file for the specified git revision."""
@@ -430,24 +488,21 @@ class CodeSizeComparison:
             self.code_size_generator.read_size_record(revision,\
                     os.path.join(self.csv_dir, csv_fname))
         else:
-            git_worktree_path = self._create_git_worktree(revision)
-            self._build_libraries(git_worktree_path)
-            self._gen_code_size_csv(revision, git_worktree_path)
-            self._remove_worktree(git_worktree_path)
+            self._gen_code_size_csv(revision)
 
     def _gen_code_size_comparison(self) -> int:
         """Generate results of the size changes between two revisions,
         old and new. Measured code size results of these two revisions
         must be available."""
 
-        res_file = open(os.path.join(self.result_dir, "compare-" +
-                                     self.old_rev + "-" + self.new_rev +
-                                     self.fname_suffix +
-                                     ".csv"), "w")
+        res_file = os.path.join(self.result_dir, "compare-" +
+                                self.old_rev + "-" + self.new_rev +
+                                self.fname_suffix + ".csv")
 
         print("\nGenerating comparison results between",\
                 self.old_rev, "and", self.new_rev)
-        self.code_size_generator.write_comparison(self.old_rev, self.new_rev, res_file)
+        self.code_size_generator.size_generator_write_comparison(\
+                self.old_rev, self.new_rev, res_file)
 
         return 0
 
@@ -459,20 +514,6 @@ class CodeSizeComparison:
         self._get_code_size_for_rev(self.new_rev)
         return self._gen_code_size_comparison()
 
-    def _handle_called_process_error(self, e: subprocess.CalledProcessError,
-                                     git_worktree_path: str) -> None:
-        """Handle a CalledProcessError and quit the program gracefully.
-        Remove any extra worktrees so that the script may be called again."""
-
-        # Tell the user what went wrong
-        print("The following command: {} failed and exited with code {}"
-              .format(e.cmd, e.returncode))
-        print("Process output:\n {}".format(str(e.output, "utf-8")))
-
-        # Quit gracefully by removing the existing worktree
-        self._remove_worktree(git_worktree_path)
-        sys.exit(-1)
-
 def main():
     parser = argparse.ArgumentParser(description=(__doc__))
     group_required = parser.add_argument_group(
@@ -509,11 +550,11 @@ def main():
         print("Error: {} is not a directory".format(comp_args.result_dir))
         parser.exit()
 
-    validate_res = CodeSizeComparison.validate_revision(comp_args.old_rev)
+    validate_res = CodeSizeCalculator.validate_revision(comp_args.old_rev)
     old_revision = validate_res.decode().replace("\n", "")
 
     if comp_args.new_rev is not None:
-        validate_res = CodeSizeComparison.validate_revision(comp_args.new_rev)
+        validate_res = CodeSizeCalculator.validate_revision(comp_args.new_rev)
         new_revision = validate_res.decode().replace("\n", "")
     else:
         new_revision = "current"

From 5e9130a5e9ed156400ce56efc4a0e7c86c59185a Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 17 Jul 2023 11:55:54 +0800
Subject: [PATCH 086/264] code_size_compare: simplify methods in
 CodeSizeComparison

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 56 ++++++++++++++----------------------
 1 file changed, 22 insertions(+), 34 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 01d93cad0f..8cd1b27751 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -92,12 +92,11 @@ class CodeSizeInfo: # pylint: disable=too-few-public-methods
         arch: architecture to measure code size on.
         config: configuration type to measure code size with.
         sys_arch: host architecture.
-        make_command: command to build library (Inferred from arch and config).
         """
         self.arch = arch
         self.config = config
         self.sys_arch = sys_arch
-        self.make_command = self.set_make_command()
+        self.make_cmd = self.set_make_command()
 
     def set_make_command(self) -> str:
         """Infer build command based on architecture and configuration."""
@@ -456,63 +455,52 @@ class CodeSizeComparison:
         self.new_rev = new_revision
         self.git_command = "git"
         self.make_clean = 'make clean'
-        self.make_command = code_size_info.make_command
+        self.make_cmd = code_size_info.make_cmd
         self.fname_suffix = "-" + code_size_info.arch + "-" +\
                             code_size_info.config
         self.code_size_generator = CodeSizeGeneratorWithSize()
 
-    def _gen_code_size_csv(self, revision: str) -> None:
-        """Generate code size csv file."""
+    def cal_code_size(self, revision: str):
+        """Calculate code size of library objects in a UTF-8 encoding"""
 
-        if revision == "current":
-            print("Measuring code size in current work directory")
-        else:
-            print("Measuring code size for", revision)
-
-        code_size_text = CodeSizeCalculator(revision, self.make_command).\
+        return CodeSizeCalculator(revision, self.make_cmd).\
                 cal_libraries_code_size()
 
-        csv_file = os.path.join(self.csv_dir, revision +
-                                self.fname_suffix + ".csv")
-        self.code_size_generator.size_generator_write_record(revision,\
-                code_size_text, csv_file)
-
-    def _get_code_size_for_rev(self, revision: str) -> None:
-        """Generate code size csv file for the specified git revision."""
+    def gen_code_size_report(self, revision):
+        """Generate code size record and write it into a file."""
 
+        output_file = os.path.join(self.csv_dir,\
+                revision + self.fname_suffix +  ".csv")
         # Check if the corresponding record exists
-        csv_fname = revision + self.fname_suffix +  ".csv"
-        if (revision != "current") and \
-           os.path.exists(os.path.join(self.csv_dir, csv_fname)):
+        if (revision != "current") and os.path.exists(output_file):
             print("Code size csv file for", revision, "already exists.")
-            self.code_size_generator.read_size_record(revision,\
-                    os.path.join(self.csv_dir, csv_fname))
+            self.code_size_generator.read_size_record(revision, output_file)
         else:
-            self._gen_code_size_csv(revision)
+            self.code_size_generator.size_generator_write_record(revision,\
+                self.cal_code_size(revision), output_file)
 
-    def _gen_code_size_comparison(self) -> int:
-        """Generate results of the size changes between two revisions,
+    def gen_code_size_comparison(self) -> int:
+        """Generate results of code size changes between two revisions,
         old and new. Measured code size results of these two revisions
         must be available."""
 
-        res_file = os.path.join(self.result_dir, "compare-" +
-                                self.old_rev + "-" + self.new_rev +
-                                self.fname_suffix + ".csv")
+        output_file = os.path.join(self.result_dir, "compare-" +
+                                   self.old_rev + "-" + self.new_rev +
+                                   self.fname_suffix + ".csv")
 
         print("\nGenerating comparison results between",\
                 self.old_rev, "and", self.new_rev)
         self.code_size_generator.size_generator_write_comparison(\
-                self.old_rev, self.new_rev, res_file)
-
+                self.old_rev, self.new_rev, output_file)
         return 0
 
     def get_comparision_results(self) -> int:
         """Compare size of library/*.o between self.old_rev and self.new_rev,
         and generate the result file."""
         build_tree.check_repo_path()
-        self._get_code_size_for_rev(self.old_rev)
-        self._get_code_size_for_rev(self.new_rev)
-        return self._gen_code_size_comparison()
+        self.gen_code_size_report(self.old_rev)
+        self.gen_code_size_report(self.new_rev)
+        return self.gen_code_size_comparison()
 
 def main():
     parser = argparse.ArgumentParser(description=(__doc__))

From 923f943a3e992fda89ea6c31ac611085ceda9783 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 17 Jul 2023 12:43:00 +0800
Subject: [PATCH 087/264] code_size_compare: introduce SimpleNamespace to store
 info

We use SimpleNamespace class to store all the information used to
measure code size of objects in library.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 127 +++++++++++++++++++++--------------
 1 file changed, 76 insertions(+), 51 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 8cd1b27751..8f3730f240 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -31,6 +31,7 @@ import sys
 import typing
 from enum import Enum
 
+from types import SimpleNamespace
 from mbedtls_dev import typing_util
 from mbedtls_dev import build_tree
 
@@ -72,7 +73,7 @@ def detect_arch() -> str:
         print("Unknown host architecture, cannot auto-detect arch.")
         sys.exit(1)
 
-class CodeSizeInfo: # pylint: disable=too-few-public-methods
+class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
     """Gather information used to measure code size.
 
     It collects information about architecture, configuration in order to
@@ -87,25 +88,23 @@ class CodeSizeInfo: # pylint: disable=too-few-public-methods
         "-a " + SupportedArch.ARMV8_M.value + " -c " + SupportedConfig.TFM_MEDIUM.value,
     ]
 
-    def __init__(self, arch: str, config: str, sys_arch: str) -> None:
+    def __init__(self, size_version: SimpleNamespace) -> None:
         """
-        arch: architecture to measure code size on.
-        config: configuration type to measure code size with.
-        sys_arch: host architecture.
+        size_version: SimpleNamespace containing info for code size measurement.
+        size_version.arch: architecture to measure code size on.
+        size_version.config: configuration type to measure code size with.
+        size_version.host_arch: host architecture.
         """
-        self.arch = arch
-        self.config = config
-        self.sys_arch = sys_arch
-        self.make_cmd = self.set_make_command()
+        self.size_version = size_version
 
-    def set_make_command(self) -> str:
+    def infer_make_command(self) -> str:
         """Infer build command based on architecture and configuration."""
 
-        if self.config == SupportedConfig.DEFAULT.value and \
-            self.arch == self.sys_arch:
+        if self.size_version.config == SupportedConfig.DEFAULT.value and \
+            self.size_version.arch == self.size_version.host_arch:
             return 'make -j lib CFLAGS=\'-Os \' '
-        elif self.arch == SupportedArch.ARMV8_M.value and \
-             self.config == SupportedConfig.TFM_MEDIUM.value:
+        elif self.size_version.arch == SupportedArch.ARMV8_M.value and \
+             self.size_version.config == SupportedConfig.TFM_MEDIUM.value:
             return \
                  'make -j lib CC=armclang \
                   CFLAGS=\'--target=arm-arm-none-eabi -mcpu=cortex-m33 -Os \
@@ -113,13 +112,13 @@ class CodeSizeInfo: # pylint: disable=too-few-public-methods
                  -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_PSA_CRYPTO_H + '\\\" \''
         else:
             print("Unsupported combination of architecture: {} and configuration: {}"
-                  .format(self.arch, self.config))
+                  .format(self.size_version.arch, self.size_version.config))
             print("\nPlease use supported combination of architecture and configuration:")
-            for comb in CodeSizeInfo.SupportedArchConfig:
+            for comb in CodeSizeBuildInfo.SupportedArchConfig:
                 print(comb)
             print("\nFor your system, please use:")
-            for comb in CodeSizeInfo.SupportedArchConfig:
-                if "default" in comb and self.sys_arch not in comb:
+            for comb in CodeSizeBuildInfo.SupportedArchConfig:
+                if "default" in comb and self.size_version.host_arch not in comb:
                     continue
                 print(comb)
             sys.exit(1)
@@ -433,16 +432,14 @@ class CodeSizeComparison:
 
     def __init__(
             self,
-            old_revision: str,
-            new_revision: str,
+            old_size_version: SimpleNamespace,
+            new_size_version: SimpleNamespace,
             result_dir: str,
-            code_size_info: CodeSizeInfo
     ) -> None:
         """
         old_revision: revision to compare against.
         new_revision:
         result_dir: directory for comparison result.
-        code_size_info: an object containing information to build library.
         """
         self.repo_path = "."
         self.result_dir = os.path.abspath(result_dir)
@@ -451,57 +448,73 @@ class CodeSizeComparison:
         self.csv_dir = os.path.abspath("code_size_records/")
         os.makedirs(self.csv_dir, exist_ok=True)
 
-        self.old_rev = old_revision
-        self.new_rev = new_revision
+        self.old_size_version = old_size_version
+        self.new_size_version = new_size_version
+        self.old_size_version.make_cmd = \
+                CodeSizeBuildInfo(self.old_size_version).infer_make_command()
+        self.new_size_version.make_cmd = \
+                CodeSizeBuildInfo(self.new_size_version).infer_make_command()
         self.git_command = "git"
         self.make_clean = 'make clean'
-        self.make_cmd = code_size_info.make_cmd
-        self.fname_suffix = "-" + code_size_info.arch + "-" +\
-                            code_size_info.config
         self.code_size_generator = CodeSizeGeneratorWithSize()
 
-    def cal_code_size(self, revision: str):
+    @staticmethod
+    def cal_code_size(size_version: SimpleNamespace):
         """Calculate code size of library objects in a UTF-8 encoding"""
 
-        return CodeSizeCalculator(revision, self.make_cmd).\
+        return CodeSizeCalculator(size_version.revision, size_version.make_cmd).\
                 cal_libraries_code_size()
 
-    def gen_code_size_report(self, revision):
+    @staticmethod
+    def gen_file_name(old_size_version, new_size_version=None):
+        if new_size_version:
+            return '{}-{}-{}-{}-{}-{}.csv'\
+                    .format(old_size_version.revision[:7],
+                            old_size_version.arch, old_size_version.config,
+                            new_size_version.revision[:7],
+                            new_size_version.arch, new_size_version.config)
+        else:
+            return '{}-{}-{}.csv'\
+                    .format(old_size_version.revision[:7],
+                            old_size_version.arch, old_size_version.config)
+
+    def gen_code_size_report(self, size_version: SimpleNamespace):
         """Generate code size record and write it into a file."""
 
-        output_file = os.path.join(self.csv_dir,\
-                revision + self.fname_suffix +  ".csv")
+        output_file = os.path.join(self.csv_dir, self.gen_file_name(size_version))
         # Check if the corresponding record exists
-        if (revision != "current") and os.path.exists(output_file):
-            print("Code size csv file for", revision, "already exists.")
-            self.code_size_generator.read_size_record(revision, output_file)
+        if (size_version.revision != "current") and os.path.exists(output_file):
+            print("Code size csv file for", size_version.revision, "already exists.")
+            self.code_size_generator.read_size_record(size_version.revision, output_file)
         else:
-            self.code_size_generator.size_generator_write_record(revision,\
-                self.cal_code_size(revision), output_file)
+            self.code_size_generator.size_generator_write_record(\
+                    size_version.revision, self.cal_code_size(size_version),
+                    output_file)
 
     def gen_code_size_comparison(self) -> int:
         """Generate results of code size changes between two revisions,
         old and new. Measured code size results of these two revisions
         must be available."""
 
-        output_file = os.path.join(self.result_dir, "compare-" +
-                                   self.old_rev + "-" + self.new_rev +
-                                   self.fname_suffix + ".csv")
+        output_file = os.path.join(self.result_dir,\
+                self.gen_file_name(self.old_size_version, self.new_size_version))
 
         print("\nGenerating comparison results between",\
-                self.old_rev, "and", self.new_rev)
+                self.old_size_version.revision, "and", self.new_size_version.revision)
         self.code_size_generator.size_generator_write_comparison(\
-                self.old_rev, self.new_rev, output_file)
+                self.old_size_version.revision, self.new_size_version.revision,\
+                output_file)
         return 0
 
     def get_comparision_results(self) -> int:
         """Compare size of library/*.o between self.old_rev and self.new_rev,
         and generate the result file."""
         build_tree.check_repo_path()
-        self.gen_code_size_report(self.old_rev)
-        self.gen_code_size_report(self.new_rev)
+        self.gen_code_size_report(self.old_size_version)
+        self.gen_code_size_report(self.new_size_version)
         return self.gen_code_size_comparison()
 
+
 def main():
     parser = argparse.ArgumentParser(description=(__doc__))
     group_required = parser.add_argument_group(
@@ -547,13 +560,25 @@ def main():
     else:
         new_revision = "current"
 
-    code_size_info = CodeSizeInfo(comp_args.arch, comp_args.config,
-                                  detect_arch())
-    print("Measure code size for architecture: {}, configuration: {}\n"
-          .format(code_size_info.arch, code_size_info.config))
-    result_dir = comp_args.result_dir
-    size_compare = CodeSizeComparison(old_revision, new_revision, result_dir,
-                                      code_size_info)
+    old_size_version = SimpleNamespace(
+        version="old",
+        revision=old_revision,
+        config=comp_args.config,
+        arch=comp_args.arch,
+        host_arch=detect_arch(),
+        make_cmd='',
+    )
+    new_size_version = SimpleNamespace(
+        version="new",
+        revision=new_revision,
+        config=comp_args.config,
+        arch=comp_args.arch,
+        host_arch=detect_arch(),
+        make_cmd='',
+    )
+
+    size_compare = CodeSizeComparison(old_size_version, new_size_version,\
+            comp_args.result_dir)
     return_code = size_compare.get_comparision_results()
     sys.exit(return_code)
 

From 802af160b44b1e5993043aa7a0d0468c8a641d01 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 17 Jul 2023 14:04:30 +0800
Subject: [PATCH 088/264] code_size_compare: support to measure code size with
 multiple tools

For time being, code_size_compare.py only supports `size`. This
commit builds up foundation to extend code size measurement with
other tools.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 68 ++++++++++++++++++++++++------------
 1 file changed, 46 insertions(+), 22 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 8f3730f240..6b2b3a9c4c 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -88,20 +88,25 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         "-a " + SupportedArch.ARMV8_M.value + " -c " + SupportedConfig.TFM_MEDIUM.value,
     ]
 
-    def __init__(self, size_version: SimpleNamespace) -> None:
+    def __init__(
+            self,
+            size_version: SimpleNamespace,
+            host_arch: str
+    ) -> None:
         """
         size_version: SimpleNamespace containing info for code size measurement.
         size_version.arch: architecture to measure code size on.
         size_version.config: configuration type to measure code size with.
-        size_version.host_arch: host architecture.
+        host_arch: host architecture.
         """
         self.size_version = size_version
+        self.host_arch = host_arch
 
     def infer_make_command(self) -> str:
         """Infer build command based on architecture and configuration."""
 
         if self.size_version.config == SupportedConfig.DEFAULT.value and \
-            self.size_version.arch == self.size_version.host_arch:
+            self.size_version.arch == self.host_arch:
             return 'make -j lib CFLAGS=\'-Os \' '
         elif self.size_version.arch == SupportedArch.ARMV8_M.value and \
              self.size_version.config == SupportedConfig.TFM_MEDIUM.value:
@@ -118,7 +123,7 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
                 print(comb)
             print("\nFor your system, please use:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
-                if "default" in comb and self.size_version.host_arch not in comb:
+                if "default" in comb and self.host_arch not in comb:
                     continue
                 print(comb)
             sys.exit(1)
@@ -133,10 +138,12 @@ class CodeSizeCalculator:
             self,
             revision: str,
             make_cmd: str,
+            measure_cmd: str
     ) -> None:
         """
         revision: Git revision.(E.g: commit)
-        make_cmd: command to build library objects.
+        make_cmd: command to build objects in library.
+        measure_cmd: command to measure code size for objects in library.
         """
         self.repo_path = "."
         self.git_command = "git"
@@ -144,6 +151,7 @@ class CodeSizeCalculator:
 
         self.revision = revision
         self.make_cmd = make_cmd
+        self.measure_cmd = measure_cmd
 
     @staticmethod
     def validate_revision(revision: str) -> bytes:
@@ -196,8 +204,8 @@ class CodeSizeCalculator:
         for mod, st_lib in MBEDTLS_STATIC_LIB.items():
             try:
                 result = subprocess.check_output(
-                    ["size", st_lib, "-t"], cwd=git_worktree_path,
-                    universal_newlines=True
+                    [self.measure_cmd + ' ' + st_lib], cwd=git_worktree_path,
+                    shell=True, universal_newlines=True
                 )
                 res[mod] = result
             except subprocess.CalledProcessError as e:
@@ -434,6 +442,7 @@ class CodeSizeComparison:
             self,
             old_size_version: SimpleNamespace,
             new_size_version: SimpleNamespace,
+            code_size_common: SimpleNamespace,
             result_dir: str,
     ) -> None:
         """
@@ -450,33 +459,46 @@ class CodeSizeComparison:
 
         self.old_size_version = old_size_version
         self.new_size_version = new_size_version
+        self.code_size_common = code_size_common
         self.old_size_version.make_cmd = \
-                CodeSizeBuildInfo(self.old_size_version).infer_make_command()
+                CodeSizeBuildInfo(self.old_size_version,\
+                    self.code_size_common.host_arch).infer_make_command()
         self.new_size_version.make_cmd = \
-                CodeSizeBuildInfo(self.new_size_version).infer_make_command()
+                CodeSizeBuildInfo(self.new_size_version,\
+                    self.code_size_common.host_arch).infer_make_command()
         self.git_command = "git"
         self.make_clean = 'make clean'
-        self.code_size_generator = CodeSizeGeneratorWithSize()
+        self.code_size_generator = self.__init_code_size_generator__(\
+                self.code_size_common.measure_cmd)
 
     @staticmethod
-    def cal_code_size(size_version: SimpleNamespace):
+    def __init_code_size_generator__(measure_cmd):
+        if re.match(r'size', measure_cmd.strip()):
+            return CodeSizeGeneratorWithSize()
+        else:
+            print("Error: unsupported tool:", measure_cmd.strip().split(' ')[0])
+            sys.exit(1)
+
+
+    def cal_code_size(self, size_version: SimpleNamespace):
         """Calculate code size of library objects in a UTF-8 encoding"""
 
-        return CodeSizeCalculator(size_version.revision, size_version.make_cmd).\
-                cal_libraries_code_size()
+        return CodeSizeCalculator(size_version.revision, size_version.make_cmd,\
+                self.code_size_common.measure_cmd).cal_libraries_code_size()
 
-    @staticmethod
-    def gen_file_name(old_size_version, new_size_version=None):
+    def gen_file_name(self, old_size_version, new_size_version=None):
         if new_size_version:
-            return '{}-{}-{}-{}-{}-{}.csv'\
+            return '{}-{}-{}-{}-{}-{}-{}.csv'\
                     .format(old_size_version.revision[:7],
                             old_size_version.arch, old_size_version.config,
                             new_size_version.revision[:7],
-                            new_size_version.arch, new_size_version.config)
+                            new_size_version.arch, new_size_version.config,
+                            self.code_size_common.measure_cmd.strip().split(' ')[0])
         else:
-            return '{}-{}-{}.csv'\
+            return '{}-{}-{}-{}.csv'\
                     .format(old_size_version.revision[:7],
-                            old_size_version.arch, old_size_version.config)
+                            old_size_version.arch, old_size_version.config,
+                            self.code_size_common.measure_cmd.strip().split(' ')[0])
 
     def gen_code_size_report(self, size_version: SimpleNamespace):
         """Generate code size record and write it into a file."""
@@ -565,7 +587,6 @@ def main():
         revision=old_revision,
         config=comp_args.config,
         arch=comp_args.arch,
-        host_arch=detect_arch(),
         make_cmd='',
     )
     new_size_version = SimpleNamespace(
@@ -573,12 +594,15 @@ def main():
         revision=new_revision,
         config=comp_args.config,
         arch=comp_args.arch,
-        host_arch=detect_arch(),
         make_cmd='',
     )
+    code_size_common = SimpleNamespace(
+        host_arch=detect_arch(),
+        measure_cmd='size -t',
+    )
 
     size_compare = CodeSizeComparison(old_size_version, new_size_version,\
-            comp_args.result_dir)
+            code_size_common, comp_args.result_dir)
     return_code = size_compare.get_comparision_results()
     sys.exit(return_code)
 

From 9b174e90d3786ba6ef3f14c822e39d2f9ad8a7f8 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 17 Jul 2023 17:59:53 +0800
Subject: [PATCH 089/264] code_size_compare: generate text,data as comparison
 result

Previously we used dec(total) as comparison result of code size
measurement. However, it's not accurate because dec(total) is
the sum of text, data and bss. Now we show text,data instead
since those are sections we care about in code size perspective
specifically for TF-M.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 48 +++++++++++++++++++++++++-----------
 1 file changed, 34 insertions(+), 14 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 6b2b3a9c4c..e679af0a5f 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -300,7 +300,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     def __init__(self) -> None:
         """ Variable code_size is used to store size info for any revisions.
         code_size: (data format)
-        {revision: {module: {file_name: SizeEntry,
+        {revision: {module: {file_name: [text, data, bss, dec],
                              etc ...
                             },
                     etc ...
@@ -318,8 +318,9 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         size_record = {}
         for line in size_text.splitlines()[1:]:
             data = line.split()
-            size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry(\
-                    data[0], data[1], data[2], data[3])
+            # file_name: SizeEntry(text, data, bss, dec)
+            size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry(
+                data[0], data[1], data[2], data[3])
         if revision in self.code_size:
             self.code_size[revision].update({mod: size_record})
         else:
@@ -341,8 +342,8 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                     continue
 
                 if mod:
-                    size_record[data[0]] = \
-                        CodeSizeGeneratorWithSize.SizeEntry(\
+                    # file_name: SizeEntry(text, data, bss, dec)
+                    size_record[data[0]] = CodeSizeGeneratorWithSize.SizeEntry(
                         data[1], data[2], data[3], data[4])
 
                 # check if we hit record for the end of a module
@@ -390,24 +391,43 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     ) -> None:
         """Write comparison result into a file.
 
-        Writing Format: file_name current(total) old(total) change(Byte) change_pct(%)
+        Writing Format: file_name current(text,data) old(text,data)\
+                change(text,data) change_pct%(text,data)
         """
-        output.write("{:<30} {:>7} {:>7} {:>7} {:>7}\n"
-                     .format("filename", "current", "old", "change", "change%"))
-        for mod, fname, size_entry in self._size_reader_helper(new_rev, output):
-            new_size = int(size_entry.total)
+
+        def cal_size_section_variation(mod, fname, size_entry, attr):
+            new_size = int(size_entry.__dict__[attr])
             # check if we have the file in old revision
             if fname in self.code_size[old_rev][mod]:
-                old_size = int(self.code_size[old_rev][mod][fname].total)
+                old_size = int(self.code_size[old_rev][mod][fname].__dict__[attr])
                 change = new_size - old_size
                 if old_size != 0:
                     change_pct = change / old_size
                 else:
                     change_pct = 0
-                output.write("{:<30} {:>7} {:>7} {:>7} {:>7.2%}\n"
-                             .format(fname, new_size, old_size, change, change_pct))
+                return [new_size, old_size, change, change_pct]
             else:
-                output.write("{} {}\n".format(fname, new_size))
+                return [new_size]
+
+        output.write("{:<30} {:<18} {:<14} {:<17} {:<18}\n"
+                     .format("filename", "current(text,data)", "old(text,data)",\
+                             "change(text,data)", "change%(text,data)"))
+        for mod, fname, size_entry in self._size_reader_helper(new_rev, output):
+            text_vari = cal_size_section_variation(mod, fname, size_entry, 'text')
+            data_vari = cal_size_section_variation(mod, fname, size_entry, 'data')
+
+            if len(text_vari) != 1:
+                output.write("{:<30} {:<18} {:<14} {:<17} {:<18}\n"
+                             .format(fname,\
+                                     str(text_vari[0]) + "," + str(data_vari[0]),\
+                                     str(text_vari[1]) + "," + str(data_vari[1]),\
+                                     str(text_vari[2]) + "," + str(data_vari[2]),\
+                                     "{:.2%}".format(text_vari[3]) + "," +\
+                                     "{:.2%}".format(data_vari[3])))
+            else:
+                output.write("{:<30} {:<18}\n"
+                             .format(fname,\
+                                     str(text_vari[0]) + "," + str(data_vari[0])))
 
     def size_generator_write_record(
             self,

From b664cb75695869800b24eef629175ee5d223eec0 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Tue, 18 Jul 2023 12:28:35 +0800
Subject: [PATCH 090/264] code_size_compare: add --markdown to show result in a
 markdown table

The option --markdown supports to only show the files that
have changed in a markdown table between two commits.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 82 ++++++++++++++++++++++++------------
 1 file changed, 54 insertions(+), 28 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index e679af0a5f..e42a6603bf 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -274,7 +274,8 @@ class CodeSizeGenerator:
             self,
             old_rev: str,
             new_rev: str,
-            output_stream
+            output_stream,
+            with_markdown=False
     ) -> None:
         """Write a comparision result into a stream between two revisions.
 
@@ -282,6 +283,8 @@ class CodeSizeGenerator:
         new_rev: new git revision to compared with.
         output_stream: stream which the code size record is written to.
                        (E.g: file / sys.stdout)
+        with_markdown: write comparision result in a markdown table.
+                       (Default: False)
         """
         raise NotImplementedError
 
@@ -359,11 +362,13 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     def _size_reader_helper(
             self,
             revision: str,
-            output: typing_util.Writable
+            output: typing_util.Writable,
+            with_markdown=False
     ) -> typing.Iterator[tuple]:
         """A helper function to peel code_size based on revision."""
         for mod, file_size in self.code_size[revision].items():
-            output.write("\n" + mod + "\n")
+            if not with_markdown:
+                output.write("\n" + mod + "\n")
             for fname, size_entry in file_size.items():
                 yield mod, fname, size_entry
 
@@ -376,18 +381,20 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
         Writing Format: file_name text data bss total(dec)
         """
-        output.write("{:<30} {:>7} {:>7} {:>7} {:>7}\n"
-                     .format("filename", "text", "data", "bss", "total"))
+        format_string = "{:<30} {:>7} {:>7} {:>7} {:>7}\n"
+        output.write(format_string.format("filename",
+                                          "text", "data", "bss", "total"))
         for _, fname, size_entry in self._size_reader_helper(revision, output):
-            output.write("{:<30} {:>7} {:>7} {:>7} {:>7}\n"
-                         .format(fname, size_entry.text, size_entry.data,\
-                                 size_entry.bss, size_entry.total))
+            output.write(format_string.format(fname,
+                                              size_entry.text, size_entry.data,
+                                              size_entry.bss, size_entry.total))
 
     def write_comparison(
             self,
             old_rev: str,
             new_rev: str,
-            output: typing_util.Writable
+            output: typing_util.Writable,
+            with_markdown: bool
     ) -> None:
         """Write comparison result into a file.
 
@@ -409,25 +416,38 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             else:
                 return [new_size]
 
-        output.write("{:<30} {:<18} {:<14} {:<17} {:<18}\n"
-                     .format("filename", "current(text,data)", "old(text,data)",\
-                             "change(text,data)", "change%(text,data)"))
-        for mod, fname, size_entry in self._size_reader_helper(new_rev, output):
-            text_vari = cal_size_section_variation(mod, fname, size_entry, 'text')
-            data_vari = cal_size_section_variation(mod, fname, size_entry, 'data')
+        if with_markdown:
+            format_string = "| {:<30} | {:<18} | {:<14} | {:<17} | {:<18} |\n"
+        else:
+            format_string = "{:<30} {:<18} {:<14} {:<17} {:<18}\n"
+
+        output.write(format_string.format("filename", "current(text,data)",\
+                "old(text,data)", "change(text,data)", "change%(text,data)"))
+        if with_markdown:
+            output.write(format_string
+                         .format("----:", "----:", "----:", "----:", "----:"))
+
+        for mod, fname, size_entry in\
+                self._size_reader_helper(new_rev, output, with_markdown):
+            text_vari = cal_size_section_variation(mod, fname,
+                                                   size_entry, 'text')
+            data_vari = cal_size_section_variation(mod, fname,
+                                                   size_entry, 'data')
 
             if len(text_vari) != 1:
-                output.write("{:<30} {:<18} {:<14} {:<17} {:<18}\n"
-                             .format(fname,\
-                                     str(text_vari[0]) + "," + str(data_vari[0]),\
-                                     str(text_vari[1]) + "," + str(data_vari[1]),\
-                                     str(text_vari[2]) + "," + str(data_vari[2]),\
-                                     "{:.2%}".format(text_vari[3]) + "," +\
-                                     "{:.2%}".format(data_vari[3])))
+                # skip the files that haven't changed in code size if we write
+                # comparison result in a markdown table.
+                if with_markdown and text_vari[2] == 0 and data_vari[2] == 0:
+                    continue
+                output.write(format_string.format(fname,\
+                        str(text_vari[0]) + "," + str(data_vari[0]),\
+                        str(text_vari[1]) + "," + str(data_vari[1]),\
+                        str(text_vari[2]) + "," + str(data_vari[2]),\
+                        "{:.2%}".format(text_vari[3]) + "," +\
+                        "{:.2%}".format(data_vari[3])))
             else:
-                output.write("{:<30} {:<18}\n"
-                             .format(fname,\
-                                     str(text_vari[0]) + "," + str(data_vari[0])))
+                output.write("{:<30} {:<18}\n".format(fname,\
+                        str(text_vari[0]) + "," + str(data_vari[0])))
 
     def size_generator_write_record(
             self,
@@ -448,11 +468,12 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             self,
             old_rev: str,
             new_rev: str,
-            output_stream
+            output_stream,
+            with_markdown=False
     ) -> None:
         """Write a comparision result into a stream between two revisions."""
         output = open(output_stream, "w")
-        self.write_comparison(old_rev, new_rev, output)
+        self.write_comparison(old_rev, new_rev, output, with_markdown)
 
 
 class CodeSizeComparison:
@@ -545,7 +566,7 @@ class CodeSizeComparison:
                 self.old_size_version.revision, "and", self.new_size_version.revision)
         self.code_size_generator.size_generator_write_comparison(\
                 self.old_size_version.revision, self.new_size_version.revision,\
-                output_file)
+                output_file, self.code_size_common.with_markdown)
         return 0
 
     def get_comparision_results(self) -> int:
@@ -587,6 +608,10 @@ def main():
         choices=list(map(lambda s: s.value, SupportedConfig)),
         help="specify configuration type for code size comparison,\
               default is the current MbedTLS configuration.")
+    group_optional.add_argument(
+        '--markdown', action='store_true', dest='markdown',
+        help="Show comparision of code size in a markdown table\
+              (only show the files that have changed).")
     comp_args = parser.parse_args()
 
     if os.path.isfile(comp_args.result_dir):
@@ -619,6 +644,7 @@ def main():
     code_size_common = SimpleNamespace(
         host_arch=detect_arch(),
         measure_cmd='size -t',
+        with_markdown=comp_args.markdown
     )
 
     size_compare = CodeSizeComparison(old_size_version, new_size_version,\

From 227576aaa4b18bd8e7408fdac9ad9df824535fc9 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Tue, 18 Jul 2023 14:35:05 +0800
Subject: [PATCH 091/264] code_size_compare: add option --stdout to show result
 in sys.stdout

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 33 ++++++++++++++++++++++-----------
 1 file changed, 22 insertions(+), 11 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index e42a6603bf..0bd9143961 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -275,7 +275,7 @@ class CodeSizeGenerator:
             old_rev: str,
             new_rev: str,
             output_stream,
-            with_markdown=False
+            result_options: SimpleNamespace
     ) -> None:
         """Write a comparision result into a stream between two revisions.
 
@@ -283,8 +283,9 @@ class CodeSizeGenerator:
         new_rev: new git revision to compared with.
         output_stream: stream which the code size record is written to.
                        (E.g: file / sys.stdout)
-        with_markdown: write comparision result in a markdown table.
-                       (Default: False)
+        result_options: SimpleNamespace containing options for comparison result.
+            with_markdown: write comparision result in a markdown table. (Default: False)
+            stdout: direct comparison result into sys.stdout. (Default: False)
         """
         raise NotImplementedError
 
@@ -469,11 +470,14 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             old_rev: str,
             new_rev: str,
             output_stream,
-            with_markdown=False
+            result_options: SimpleNamespace
     ) -> None:
         """Write a comparision result into a stream between two revisions."""
-        output = open(output_stream, "w")
-        self.write_comparison(old_rev, new_rev, output, with_markdown)
+        if result_options.stdout:
+            output = sys.stdout
+        else:
+            output = open(output_stream, "w")
+        self.write_comparison(old_rev, new_rev, output, result_options.with_markdown)
 
 
 class CodeSizeComparison:
@@ -484,7 +488,6 @@ class CodeSizeComparison:
             old_size_version: SimpleNamespace,
             new_size_version: SimpleNamespace,
             code_size_common: SimpleNamespace,
-            result_dir: str,
     ) -> None:
         """
         old_revision: revision to compare against.
@@ -492,7 +495,7 @@ class CodeSizeComparison:
         result_dir: directory for comparison result.
         """
         self.repo_path = "."
-        self.result_dir = os.path.abspath(result_dir)
+        self.result_dir = os.path.abspath(code_size_common.result_options.result_dir)
         os.makedirs(self.result_dir, exist_ok=True)
 
         self.csv_dir = os.path.abspath("code_size_records/")
@@ -566,7 +569,7 @@ class CodeSizeComparison:
                 self.old_size_version.revision, "and", self.new_size_version.revision)
         self.code_size_generator.size_generator_write_comparison(\
                 self.old_size_version.revision, self.new_size_version.revision,\
-                output_file, self.code_size_common.with_markdown)
+                output_file, self.code_size_common.result_options)
         return 0
 
     def get_comparision_results(self) -> int:
@@ -612,6 +615,10 @@ def main():
         '--markdown', action='store_true', dest='markdown',
         help="Show comparision of code size in a markdown table\
               (only show the files that have changed).")
+    group_optional.add_argument(
+        '--stdout', action='store_true', dest='stdout',
+        help="Set this option to direct comparison result into sys.stdout.\
+              (Default: file)")
     comp_args = parser.parse_args()
 
     if os.path.isfile(comp_args.result_dir):
@@ -642,13 +649,17 @@ def main():
         make_cmd='',
     )
     code_size_common = SimpleNamespace(
+        result_options=SimpleNamespace(
+            result_dir=comp_args.result_dir,
+            with_markdown=comp_args.markdown,
+            stdout=comp_args.stdout,
+        ),
         host_arch=detect_arch(),
         measure_cmd='size -t',
-        with_markdown=comp_args.markdown
     )
 
     size_compare = CodeSizeComparison(old_size_version, new_size_version,\
-            code_size_common, comp_args.result_dir)
+            code_size_common)
     return_code = size_compare.get_comparision_results()
     sys.exit(return_code)
 

From 8dc913899db0179916d06a0602824ecf36370d32 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Mon, 24 Jul 2023 10:44:00 +0100
Subject: [PATCH 092/264] Fix server1.crt.der in makefile

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 tests/data_files/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index eff44d8ac0..f21ad561c0 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1449,7 +1449,7 @@ server1.der: server1.crt
 	$(OPENSSL) x509 -inform PEM -in $< -outform DER -out $@
 server1.commas.crt: server1.key parse_input/server1.req.commas.sha256 $(test_ca_crt) $(test_ca_key_file_rsa)
 	$(MBEDTLS_CERT_WRITE) request_file=parse_input/server1.req.commas.sha256 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) version=1 not_before=20190210144406 not_after=20290210144406 md=SHA1 version=3 output_file=$@
-all_final += server1.crt server1.noauthid.crt server1.crt.der server1.commas.crt
+all_final += server1.crt server1.noauthid.crt parse_input/server1.crt.der server1.commas.crt
 
 parse_input/server1.key_usage.crt: parse_input/server1.req.sha256
 server1.key_usage.crt: server1.req.sha256

From 21127f709546fe5d08d6f683e5ebc21a3a214510 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 19 Jul 2023 12:09:45 +0800
Subject: [PATCH 093/264] code_size_compare: add logging module and tweak
 prompt message

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py          | 164 +++++++++++++++++---------
 scripts/mbedtls_dev/logging_util.py   |  55 +++++++++
 tests/scripts/audit-validity-dates.py |  36 +-----
 3 files changed, 163 insertions(+), 92 deletions(-)
 create mode 100644 scripts/mbedtls_dev/logging_util.py

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 0bd9143961..dc41d262d5 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -24,6 +24,7 @@ Note: must be run from Mbed TLS root.
 # limitations under the License.
 
 import argparse
+import logging
 import os
 import re
 import subprocess
@@ -32,8 +33,9 @@ import typing
 from enum import Enum
 
 from types import SimpleNamespace
-from mbedtls_dev import typing_util
 from mbedtls_dev import build_tree
+from mbedtls_dev import logging_util
+from mbedtls_dev import typing_util
 
 class SupportedArch(Enum):
     """Supported architecture for code size measurement."""
@@ -91,7 +93,8 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
     def __init__(
             self,
             size_version: SimpleNamespace,
-            host_arch: str
+            host_arch: str,
+            logger: logging.Logger,
     ) -> None:
         """
         size_version: SimpleNamespace containing info for code size measurement.
@@ -101,6 +104,7 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         """
         self.size_version = size_version
         self.host_arch = host_arch
+        self.logger = logger
 
     def infer_make_command(self) -> str:
         """Infer build command based on architecture and configuration."""
@@ -116,16 +120,20 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
                  -DMBEDTLS_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_MBEDCRYPTO_H + '\\\" \
                  -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_PSA_CRYPTO_H + '\\\" \''
         else:
-            print("Unsupported combination of architecture: {} and configuration: {}"
-                  .format(self.size_version.arch, self.size_version.config))
-            print("\nPlease use supported combination of architecture and configuration:")
+            self.logger.error("Unsupported combination of architecture: {} " \
+                              "and configuration: {}.\n"
+                              .format(self.size_version.arch,
+                                      self.size_version.config))
+            self.logger.info("Please use supported combination of " \
+                             "architecture and configuration:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
-                print(comb)
-            print("\nFor your system, please use:")
+                self.logger.info(comb)
+            self.logger.info("")
+            self.logger.info("For your system, please use:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
                 if "default" in comb and self.host_arch not in comb:
                     continue
-                print(comb)
+                self.logger.info(comb)
             sys.exit(1)
 
 
@@ -138,7 +146,8 @@ class CodeSizeCalculator:
             self,
             revision: str,
             make_cmd: str,
-            measure_cmd: str
+            measure_cmd: str,
+            logger: logging.Logger,
     ) -> None:
         """
         revision: Git revision.(E.g: commit)
@@ -152,6 +161,7 @@ class CodeSizeCalculator:
         self.revision = revision
         self.make_cmd = make_cmd
         self.measure_cmd = measure_cmd
+        self.logger = logger
 
     @staticmethod
     def validate_revision(revision: str) -> bytes:
@@ -159,19 +169,21 @@ class CodeSizeCalculator:
                                           revision + "^{commit}"], shell=False)
         return result
 
-    def _create_git_worktree(self, revision: str) -> str:
+    def _create_git_worktree(self) -> str:
         """Make a separate worktree for revision.
         Do not modify the current worktree."""
 
-        if revision == "current":
-            print("Using current work directory")
+        if self.revision == "current":
+            self.logger.debug("Using current work directory.")
             git_worktree_path = self.repo_path
         else:
-            print("Creating git worktree for", revision)
-            git_worktree_path = os.path.join(self.repo_path, "temp-" + revision)
+            self.logger.debug("Creating git worktree for {}."
+                              .format(self.revision))
+            git_worktree_path = os.path.join(self.repo_path,
+                                             "temp-" + self.revision)
             subprocess.check_output(
                 [self.git_command, "worktree", "add", "--detach",
-                 git_worktree_path, revision], cwd=self.repo_path,
+                 git_worktree_path, self.revision], cwd=self.repo_path,
                 stderr=subprocess.STDOUT
             )
 
@@ -180,6 +192,8 @@ class CodeSizeCalculator:
     def _build_libraries(self, git_worktree_path: str) -> None:
         """Build libraries in the specified worktree."""
 
+        self.logger.debug("Building objects of library for {}."
+                          .format(self.revision))
         my_environment = os.environ.copy()
         try:
             subprocess.check_output(
@@ -193,12 +207,12 @@ class CodeSizeCalculator:
         except subprocess.CalledProcessError as e:
             self._handle_called_process_error(e, git_worktree_path)
 
-    def _gen_raw_code_size(self, revision, git_worktree_path):
+    def _gen_raw_code_size(self, git_worktree_path: str) -> typing.Dict:
         """Calculate code size with measurement tool in UTF-8 encoding."""
-        if revision == "current":
-            print("Measuring code size in current work directory")
-        else:
-            print("Measuring code size for", revision)
+
+        self.logger.debug("Measuring code size for {} by `{}`."
+                          .format(self.revision,
+                                  self.measure_cmd.strip().split(' ')[0]))
 
         res = {}
         for mod, st_lib in MBEDTLS_STATIC_LIB.items():
@@ -216,7 +230,8 @@ class CodeSizeCalculator:
     def _remove_worktree(self, git_worktree_path: str) -> None:
         """Remove temporary worktree."""
         if git_worktree_path != self.repo_path:
-            print("Removing temporary worktree", git_worktree_path)
+            self.logger.debug("Removing temporary worktree {}."
+                              .format(git_worktree_path))
             subprocess.check_output(
                 [self.git_command, "worktree", "remove", "--force",
                  git_worktree_path], cwd=self.repo_path,
@@ -229,9 +244,8 @@ class CodeSizeCalculator:
         Remove any extra worktrees so that the script may be called again."""
 
         # Tell the user what went wrong
-        print("The following command: {} failed and exited with code {}"
-              .format(e.cmd, e.returncode))
-        print("Process output:\n {}".format(str(e.output, "utf-8")))
+        self.logger.error(e, exc_info=True)
+        self.logger.error("Process output:\n {}".format(str(e.output, "utf-8")))
 
         # Quit gracefully by removing the existing worktree
         self._remove_worktree(git_worktree_path)
@@ -240,10 +254,9 @@ class CodeSizeCalculator:
     def cal_libraries_code_size(self) -> typing.Dict:
         """Calculate code size of libraries by measurement tool."""
 
-        revision = self.revision
-        git_worktree_path = self._create_git_worktree(revision)
+        git_worktree_path = self._create_git_worktree()
         self._build_libraries(git_worktree_path)
-        res = self._gen_raw_code_size(revision, git_worktree_path)
+        res = self._gen_raw_code_size(git_worktree_path)
         self._remove_worktree(git_worktree_path)
 
         return res
@@ -256,6 +269,9 @@ class CodeSizeGenerator:
     size_generator_write_record and size_generator_write_comparison methods,
     then call both of them with proper arguments.
     """
+    def __init__(self, logger: logging.Logger) -> None:
+        self.logger = logger
+
     def size_generator_write_record(
             self,
             revision: str,
@@ -301,7 +317,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             self.bss = bss
             self.total = dec # total <=> dec
 
-    def __init__(self) -> None:
+    def __init__(self, logger: logging.Logger) -> None:
         """ Variable code_size is used to store size info for any revisions.
         code_size: (data format)
         {revision: {module: {file_name: [text, data, bss, dec],
@@ -312,6 +328,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
          etc ...
         }
         """
+        super().__init__(logger)
         self.code_size = {} #type: typing.Dict[str, typing.Dict]
 
     def set_size_record(self, revision: str, mod: str, size_text: str) -> None:
@@ -458,10 +475,11 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     ) -> None:
         """Write size record into a specified file based on Git revision and
         output from `size` tool."""
+        self.logger.debug("Generating code size csv for {}.".format(revision))
+
         for mod, size_text in code_size_text.items():
             self.set_size_record(revision, mod, size_text)
 
-        print("Generating code size csv for", revision)
         output = open(output_file, "w")
         self.write_size_record(revision, output)
 
@@ -473,6 +491,9 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             result_options: SimpleNamespace
     ) -> None:
         """Write a comparision result into a stream between two revisions."""
+        self.logger.debug("Generating comparison results between {} and {}."
+                          .format(old_rev, new_rev))
+
         if result_options.stdout:
             output = sys.stdout
         else:
@@ -488,6 +509,7 @@ class CodeSizeComparison:
             old_size_version: SimpleNamespace,
             new_size_version: SimpleNamespace,
             code_size_common: SimpleNamespace,
+            logger: logging.Logger,
     ) -> None:
         """
         old_revision: revision to compare against.
@@ -501,36 +523,40 @@ class CodeSizeComparison:
         self.csv_dir = os.path.abspath("code_size_records/")
         os.makedirs(self.csv_dir, exist_ok=True)
 
+        self.logger = logger
+
         self.old_size_version = old_size_version
         self.new_size_version = new_size_version
         self.code_size_common = code_size_common
-        self.old_size_version.make_cmd = \
-                CodeSizeBuildInfo(self.old_size_version,\
-                    self.code_size_common.host_arch).infer_make_command()
-        self.new_size_version.make_cmd = \
-                CodeSizeBuildInfo(self.new_size_version,\
-                    self.code_size_common.host_arch).infer_make_command()
+        self.old_size_version.make_cmd = CodeSizeBuildInfo(
+            self.old_size_version, self.code_size_common.host_arch,
+            self.logger).infer_make_command()
+        self.new_size_version.make_cmd = CodeSizeBuildInfo(
+            self.new_size_version, self.code_size_common.host_arch,
+            self.logger).infer_make_command()
         self.git_command = "git"
         self.make_clean = 'make clean'
-        self.code_size_generator = self.__init_code_size_generator__(\
-                self.code_size_common.measure_cmd)
+        self.code_size_generator = self.__generate_size_parser()
 
-    @staticmethod
-    def __init_code_size_generator__(measure_cmd):
-        if re.match(r'size', measure_cmd.strip()):
-            return CodeSizeGeneratorWithSize()
+    def __generate_size_parser(self):
+        if re.match(r'size', self.code_size_common.measure_cmd.strip()):
+            return CodeSizeGeneratorWithSize(self.logger)
         else:
-            print("Error: unsupported tool:", measure_cmd.strip().split(' ')[0])
+            self.logger.error("Unsupported measurement tool: `{}`."
+                              .format(self.code_size_common.measure_cmd
+                                      .strip().split(' ')[0]))
             sys.exit(1)
 
 
     def cal_code_size(self, size_version: SimpleNamespace):
         """Calculate code size of library objects in a UTF-8 encoding"""
 
-        return CodeSizeCalculator(size_version.revision, size_version.make_cmd,\
-                self.code_size_common.measure_cmd).cal_libraries_code_size()
+        return CodeSizeCalculator(size_version.revision, size_version.make_cmd,
+                                  self.code_size_common.measure_cmd,
+                                  self.logger).cal_libraries_code_size()
 
     def gen_file_name(self, old_size_version, new_size_version=None):
+        """Generate a literal string as csv file name."""
         if new_size_version:
             return '{}-{}-{}-{}-{}-{}-{}.csv'\
                     .format(old_size_version.revision[:7],
@@ -547,11 +573,17 @@ class CodeSizeComparison:
     def gen_code_size_report(self, size_version: SimpleNamespace):
         """Generate code size record and write it into a file."""
 
-        output_file = os.path.join(self.csv_dir, self.gen_file_name(size_version))
+        self.logger.info("Start to generate code size record for {}."
+                         .format(size_version.revision))
+        output_file = os.path.join(self.csv_dir,
+                                   self.gen_file_name(size_version))
         # Check if the corresponding record exists
-        if (size_version.revision != "current") and os.path.exists(output_file):
-            print("Code size csv file for", size_version.revision, "already exists.")
-            self.code_size_generator.read_size_record(size_version.revision, output_file)
+        if size_version.revision != "current" and \
+           os.path.exists(output_file):
+            self.logger.debug("Code size csv file for {} already exists."
+                              .format(size_version.revision))
+            self.code_size_generator.read_size_record(
+                size_version.revision, output_file)
         else:
             self.code_size_generator.size_generator_write_record(\
                     size_version.revision, self.cal_code_size(size_version),
@@ -562,14 +594,18 @@ class CodeSizeComparison:
         old and new. Measured code size results of these two revisions
         must be available."""
 
-        output_file = os.path.join(self.result_dir,\
-                self.gen_file_name(self.old_size_version, self.new_size_version))
+        self.logger.info("Start to generate comparision result between "\
+                         "{} and {}."
+                         .format(self.old_size_version.revision,
+                                 self.new_size_version.revision))
+        output_file = os.path.join(
+            self.result_dir,
+            self.gen_file_name(self.old_size_version, self.new_size_version))
+
+        self.code_size_generator.size_generator_write_comparison(
+            self.old_size_version.revision, self.new_size_version.revision,
+            output_file, self.code_size_common.result_options)
 
-        print("\nGenerating comparison results between",\
-                self.old_size_version.revision, "and", self.new_size_version.revision)
-        self.code_size_generator.size_generator_write_comparison(\
-                self.old_size_version.revision, self.new_size_version.revision,\
-                output_file, self.code_size_common.result_options)
         return 0
 
     def get_comparision_results(self) -> int:
@@ -619,10 +655,17 @@ def main():
         '--stdout', action='store_true', dest='stdout',
         help="Set this option to direct comparison result into sys.stdout.\
               (Default: file)")
+    group_optional.add_argument(
+        '--verbose', action='store_true', dest='verbose',
+        help="Show logs in detail for code size measurement. (Default: False)")
     comp_args = parser.parse_args()
 
+    logger = logging.getLogger()
+    logging_util.configure_logger(logger)
+    logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
+
     if os.path.isfile(comp_args.result_dir):
-        print("Error: {} is not a directory".format(comp_args.result_dir))
+        logger.error("{} is not a directory".format(comp_args.result_dir))
         parser.exit()
 
     validate_res = CodeSizeCalculator.validate_revision(comp_args.old_rev)
@@ -658,11 +701,16 @@ def main():
         measure_cmd='size -t',
     )
 
+    logger.info("Measure code size between {}:{}-{} and {}:{}-{} by `{}`."
+                .format(old_size_version.revision, old_size_version.config,
+                        old_size_version.arch,
+                        new_size_version.revision, old_size_version.config,
+                        new_size_version.arch,
+                        code_size_common.measure_cmd.strip().split(' ')[0]))
     size_compare = CodeSizeComparison(old_size_version, new_size_version,\
-            code_size_common)
+            code_size_common, logger)
     return_code = size_compare.get_comparision_results()
     sys.exit(return_code)
 
-
 if __name__ == "__main__":
     main()
diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py
new file mode 100644
index 0000000000..962361a495
--- /dev/null
+++ b/scripts/mbedtls_dev/logging_util.py
@@ -0,0 +1,55 @@
+"""Auxiliary functions used for logging module.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import logging
+import sys
+
+def configure_logger(
+        logger: logging.Logger,
+        logger_format="[%(levelname)s]: %(message)s"
+    ) -> None:
+    """
+    Configure the logging.Logger instance so that:
+        - Format is set to any logger_format.
+            Default: "[%(levelname)s]: %(message)s"
+        - loglevel >= WARNING are printed to stderr.
+        - loglevel <  WARNING are printed to stdout.
+    """
+    class MaxLevelFilter(logging.Filter):
+        # pylint: disable=too-few-public-methods
+        def __init__(self, max_level, name=''):
+            super().__init__(name)
+            self.max_level = max_level
+
+        def filter(self, record: logging.LogRecord) -> bool:
+            return record.levelno <= self.max_level
+
+    log_formatter = logging.Formatter(logger_format)
+
+    # set loglevel >= WARNING to be printed to stderr
+    stderr_hdlr = logging.StreamHandler(sys.stderr)
+    stderr_hdlr.setLevel(logging.WARNING)
+    stderr_hdlr.setFormatter(log_formatter)
+
+    # set loglevel <= INFO to be printed to stdout
+    stdout_hdlr = logging.StreamHandler(sys.stdout)
+    stdout_hdlr.addFilter(MaxLevelFilter(logging.INFO))
+    stdout_hdlr.setFormatter(log_formatter)
+
+    logger.addHandler(stderr_hdlr)
+    logger.addHandler(stdout_hdlr)
diff --git a/tests/scripts/audit-validity-dates.py b/tests/scripts/audit-validity-dates.py
index 5506e40e7f..623fd23523 100755
--- a/tests/scripts/audit-validity-dates.py
+++ b/tests/scripts/audit-validity-dates.py
@@ -24,7 +24,6 @@ from tests/data_files/ and tests/suites/*.data files by default.
 """
 
 import os
-import sys
 import re
 import typing
 import argparse
@@ -43,6 +42,7 @@ from generate_test_code import FileWrapper
 
 import scripts_path # pylint: disable=unused-import
 from mbedtls_dev import build_tree
+from mbedtls_dev import logging_util
 
 def check_cryptography_version():
     match = re.match(r'^[0-9]+', cryptography.__version__)
@@ -393,38 +393,6 @@ def list_all(audit_data: AuditData):
             loc))
 
 
-def configure_logger(logger: logging.Logger) -> None:
-    """
-    Configure the logging.Logger instance so that:
-        - Format is set to "[%(levelname)s]: %(message)s".
-        - loglevel >= WARNING are printed to stderr.
-        - loglevel <  WARNING are printed to stdout.
-    """
-    class MaxLevelFilter(logging.Filter):
-        # pylint: disable=too-few-public-methods
-        def __init__(self, max_level, name=''):
-            super().__init__(name)
-            self.max_level = max_level
-
-        def filter(self, record: logging.LogRecord) -> bool:
-            return record.levelno <= self.max_level
-
-    log_formatter = logging.Formatter("[%(levelname)s]: %(message)s")
-
-    # set loglevel >= WARNING to be printed to stderr
-    stderr_hdlr = logging.StreamHandler(sys.stderr)
-    stderr_hdlr.setLevel(logging.WARNING)
-    stderr_hdlr.setFormatter(log_formatter)
-
-    # set loglevel <= INFO to be printed to stdout
-    stdout_hdlr = logging.StreamHandler(sys.stdout)
-    stdout_hdlr.addFilter(MaxLevelFilter(logging.INFO))
-    stdout_hdlr.setFormatter(log_formatter)
-
-    logger.addHandler(stderr_hdlr)
-    logger.addHandler(stdout_hdlr)
-
-
 def main():
     """
     Perform argument parsing.
@@ -457,7 +425,7 @@ def main():
     # start main routine
     # setup logger
     logger = logging.getLogger()
-    configure_logger(logger)
+    logging_util.configure_logger(logger)
     logger.setLevel(logging.DEBUG if args.verbose else logging.ERROR)
 
     td_auditor = TestDataAuditor(logger)

From 386c2f9e93745d8fb06b894f2c96533f519e29ab Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 20 Jul 2023 15:32:15 +0800
Subject: [PATCH 094/264] code_size_compare: clean up code to make it more
 readable

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 158 +++++++++++++++++++----------------
 1 file changed, 86 insertions(+), 72 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index dc41d262d5..01d7b165c6 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -45,8 +45,8 @@ class SupportedArch(Enum):
     X86_64 = 'x86_64'
     X86 = 'x86'
 
-CONFIG_TFM_MEDIUM_MBEDCRYPTO_H = "../configs/tfm_mbedcrypto_config_profile_medium.h"
-CONFIG_TFM_MEDIUM_PSA_CRYPTO_H = "../configs/crypto_config_profile_medium.h"
+CONFIG_TFM_MEDIUM_MBEDCRYPTO_H = '../configs/tfm_mbedcrypto_config_profile_medium.h'
+CONFIG_TFM_MEDIUM_PSA_CRYPTO_H = '../configs/crypto_config_profile_medium.h'
 class SupportedConfig(Enum):
     """Supported configuration for code size measurement."""
     DEFAULT = 'default'
@@ -63,13 +63,13 @@ DETECT_ARCH_CMD = "cc -dM -E - < /dev/null"
 def detect_arch() -> str:
     """Auto-detect host architecture."""
     cc_output = subprocess.check_output(DETECT_ARCH_CMD, shell=True).decode()
-    if "__aarch64__" in cc_output:
+    if '__aarch64__' in cc_output:
         return SupportedArch.AARCH64.value
-    if "__arm__" in cc_output:
+    if '__arm__' in cc_output:
         return SupportedArch.AARCH32.value
-    if "__x86_64__" in cc_output:
+    if '__x86_64__' in cc_output:
         return SupportedArch.X86_64.value
-    if "__x86__" in cc_output:
+    if '__x86__' in cc_output:
         return SupportedArch.X86.value
     else:
         print("Unknown host architecture, cannot auto-detect arch.")
@@ -83,11 +83,11 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
     """
 
     SupportedArchConfig = [
-        "-a " + SupportedArch.AARCH64.value + " -c " + SupportedConfig.DEFAULT.value,
-        "-a " + SupportedArch.AARCH32.value + " -c " + SupportedConfig.DEFAULT.value,
-        "-a " + SupportedArch.X86_64.value  + " -c " + SupportedConfig.DEFAULT.value,
-        "-a " + SupportedArch.X86.value     + " -c " + SupportedConfig.DEFAULT.value,
-        "-a " + SupportedArch.ARMV8_M.value + " -c " + SupportedConfig.TFM_MEDIUM.value,
+        '-a ' + SupportedArch.AARCH64.value + ' -c ' + SupportedConfig.DEFAULT.value,
+        '-a ' + SupportedArch.AARCH32.value + ' -c ' + SupportedConfig.DEFAULT.value,
+        '-a ' + SupportedArch.X86_64.value  + ' -c ' + SupportedConfig.DEFAULT.value,
+        '-a ' + SupportedArch.X86.value     + ' -c ' + SupportedConfig.DEFAULT.value,
+        '-a ' + SupportedArch.ARMV8_M.value + ' -c ' + SupportedConfig.TFM_MEDIUM.value,
     ]
 
     def __init__(
@@ -107,11 +107,13 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         self.logger = logger
 
     def infer_make_command(self) -> str:
-        """Infer build command based on architecture and configuration."""
+        """Infer make command based on architecture and configuration."""
 
+        # make command by default
         if self.size_version.config == SupportedConfig.DEFAULT.value and \
-            self.size_version.arch == self.host_arch:
+           self.size_version.arch == self.host_arch:
             return 'make -j lib CFLAGS=\'-Os \' '
+        # make command for TF-M
         elif self.size_version.arch == SupportedArch.ARMV8_M.value and \
              self.size_version.config == SupportedConfig.TFM_MEDIUM.value:
             return \
@@ -119,6 +121,7 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
                   CFLAGS=\'--target=arm-arm-none-eabi -mcpu=cortex-m33 -Os \
                  -DMBEDTLS_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_MBEDCRYPTO_H + '\\\" \
                  -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_PSA_CRYPTO_H + '\\\" \''
+        # unsupported combinations
         else:
             self.logger.error("Unsupported combination of architecture: {} " \
                               "and configuration: {}.\n"
@@ -164,10 +167,11 @@ class CodeSizeCalculator:
         self.logger = logger
 
     @staticmethod
-    def validate_revision(revision: str) -> bytes:
+    def validate_revision(revision: str) -> str:
         result = subprocess.check_output(["git", "rev-parse", "--verify",
-                                          revision + "^{commit}"], shell=False)
-        return result
+                                          revision + "^{commit}"], shell=False,
+                                         universal_newlines=True)
+        return result[:7]
 
     def _create_git_worktree(self) -> str:
         """Make a separate worktree for revision.
@@ -199,15 +203,17 @@ class CodeSizeCalculator:
             subprocess.check_output(
                 self.make_clean, env=my_environment, shell=True,
                 cwd=git_worktree_path, stderr=subprocess.STDOUT,
+                universal_newlines=True
             )
             subprocess.check_output(
                 self.make_cmd, env=my_environment, shell=True,
                 cwd=git_worktree_path, stderr=subprocess.STDOUT,
+                universal_newlines=True
             )
         except subprocess.CalledProcessError as e:
             self._handle_called_process_error(e, git_worktree_path)
 
-    def _gen_raw_code_size(self, git_worktree_path: str) -> typing.Dict:
+    def _gen_raw_code_size(self, git_worktree_path: str) -> typing.Dict[str, str]:
         """Calculate code size with measurement tool in UTF-8 encoding."""
 
         self.logger.debug("Measuring code size for {} by `{}`."
@@ -245,13 +251,13 @@ class CodeSizeCalculator:
 
         # Tell the user what went wrong
         self.logger.error(e, exc_info=True)
-        self.logger.error("Process output:\n {}".format(str(e.output, "utf-8")))
+        self.logger.error("Process output:\n {}".format(e.output))
 
         # Quit gracefully by removing the existing worktree
         self._remove_worktree(git_worktree_path)
         sys.exit(-1)
 
-    def cal_libraries_code_size(self) -> typing.Dict:
+    def cal_libraries_code_size(self) -> typing.Dict[str, str]:
         """Calculate code size of libraries by measurement tool."""
 
         git_worktree_path = self._create_git_worktree()
@@ -290,7 +296,7 @@ class CodeSizeGenerator:
             self,
             old_rev: str,
             new_rev: str,
-            output_stream,
+            output_stream: str,
             result_options: SimpleNamespace
     ) -> None:
         """Write a comparision result into a stream between two revisions.
@@ -331,7 +337,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         super().__init__(logger)
         self.code_size = {} #type: typing.Dict[str, typing.Dict]
 
-    def set_size_record(self, revision: str, mod: str, size_text: str) -> None:
+    def _set_size_record(self, revision: str, mod: str, size_text: str) -> None:
         """Store size information for target revision and high-level module.
 
         size_text Format: text data bss dec hex filename
@@ -390,7 +396,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             for fname, size_entry in file_size.items():
                 yield mod, fname, size_entry
 
-    def write_size_record(
+    def _write_size_record(
             self,
             revision: str,
             output: typing_util.Writable
@@ -407,7 +413,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                                               size_entry.text, size_entry.data,
                                               size_entry.bss, size_entry.total))
 
-    def write_comparison(
+    def _write_comparison(
             self,
             old_rev: str,
             new_rev: str,
@@ -439,13 +445,15 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         else:
             format_string = "{:<30} {:<18} {:<14} {:<17} {:<18}\n"
 
-        output.write(format_string.format("filename", "current(text,data)",\
-                "old(text,data)", "change(text,data)", "change%(text,data)"))
+        output.write(format_string
+                     .format("filename",
+                             "current(text,data)", "old(text,data)",
+                             "change(text,data)", "change%(text,data)"))
         if with_markdown:
             output.write(format_string
                          .format("----:", "----:", "----:", "----:", "----:"))
 
-        for mod, fname, size_entry in\
+        for mod, fname, size_entry in \
                 self._size_reader_helper(new_rev, output, with_markdown):
             text_vari = cal_size_section_variation(mod, fname,
                                                    size_entry, 'text')
@@ -457,15 +465,18 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 # comparison result in a markdown table.
                 if with_markdown and text_vari[2] == 0 and data_vari[2] == 0:
                     continue
-                output.write(format_string.format(fname,\
-                        str(text_vari[0]) + "," + str(data_vari[0]),\
-                        str(text_vari[1]) + "," + str(data_vari[1]),\
-                        str(text_vari[2]) + "," + str(data_vari[2]),\
-                        "{:.2%}".format(text_vari[3]) + "," +\
-                        "{:.2%}".format(data_vari[3])))
+                output.write(
+                    format_string
+                    .format(fname,
+                            str(text_vari[0]) + "," + str(data_vari[0]),
+                            str(text_vari[1]) + "," + str(data_vari[1]),
+                            str(text_vari[2]) + "," + str(data_vari[2]),
+                            "{:.2%}".format(text_vari[3]) + ","
+                            + "{:.2%}".format(data_vari[3])))
             else:
-                output.write("{:<30} {:<18}\n".format(fname,\
-                        str(text_vari[0]) + "," + str(data_vari[0])))
+                output.write("{:<30} {:<18}\n"
+                             .format(fname,
+                                     str(text_vari[0]) + "," + str(data_vari[0])))
 
     def size_generator_write_record(
             self,
@@ -478,16 +489,16 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         self.logger.debug("Generating code size csv for {}.".format(revision))
 
         for mod, size_text in code_size_text.items():
-            self.set_size_record(revision, mod, size_text)
+            self._set_size_record(revision, mod, size_text)
 
         output = open(output_file, "w")
-        self.write_size_record(revision, output)
+        self._write_size_record(revision, output)
 
     def size_generator_write_comparison(
             self,
             old_rev: str,
             new_rev: str,
-            output_stream,
+            output_stream: str,
             result_options: SimpleNamespace
     ) -> None:
         """Write a comparision result into a stream between two revisions."""
@@ -498,7 +509,8 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             output = sys.stdout
         else:
             output = open(output_stream, "w")
-        self.write_comparison(old_rev, new_rev, output, result_options.with_markdown)
+        self._write_comparison(old_rev, new_rev, output,
+                               result_options.with_markdown)
 
 
 class CodeSizeComparison:
@@ -516,8 +528,8 @@ class CodeSizeComparison:
         new_revision:
         result_dir: directory for comparison result.
         """
-        self.repo_path = "."
-        self.result_dir = os.path.abspath(code_size_common.result_options.result_dir)
+        self.result_dir = os.path.abspath(
+            code_size_common.result_options.result_dir)
         os.makedirs(self.result_dir, exist_ok=True)
 
         self.csv_dir = os.path.abspath("code_size_records/")
@@ -528,14 +540,14 @@ class CodeSizeComparison:
         self.old_size_version = old_size_version
         self.new_size_version = new_size_version
         self.code_size_common = code_size_common
+        # infer make command
         self.old_size_version.make_cmd = CodeSizeBuildInfo(
             self.old_size_version, self.code_size_common.host_arch,
             self.logger).infer_make_command()
         self.new_size_version.make_cmd = CodeSizeBuildInfo(
             self.new_size_version, self.code_size_common.host_arch,
             self.logger).infer_make_command()
-        self.git_command = "git"
-        self.make_clean = 'make clean'
+        # initialize size parser with corresponding measurement tool
         self.code_size_generator = self.__generate_size_parser()
 
     def __generate_size_parser(self):
@@ -548,29 +560,38 @@ class CodeSizeComparison:
             sys.exit(1)
 
 
-    def cal_code_size(self, size_version: SimpleNamespace):
+    def cal_code_size(
+            self,
+            size_version: SimpleNamespace
+        ) -> typing.Dict[str, str]:
         """Calculate code size of library objects in a UTF-8 encoding"""
 
         return CodeSizeCalculator(size_version.revision, size_version.make_cmd,
                                   self.code_size_common.measure_cmd,
                                   self.logger).cal_libraries_code_size()
 
-    def gen_file_name(self, old_size_version, new_size_version=None):
+    def gen_file_name(
+            self,
+            old_size_version: SimpleNamespace,
+            new_size_version=None
+        ) -> str:
         """Generate a literal string as csv file name."""
         if new_size_version:
             return '{}-{}-{}-{}-{}-{}-{}.csv'\
-                    .format(old_size_version.revision[:7],
-                            old_size_version.arch, old_size_version.config,
-                            new_size_version.revision[:7],
-                            new_size_version.arch, new_size_version.config,
-                            self.code_size_common.measure_cmd.strip().split(' ')[0])
+                   .format(old_size_version.revision, old_size_version.arch,
+                           old_size_version.config,
+                           new_size_version.revision, new_size_version.arch,
+                           new_size_version.config,
+                           self.code_size_common.measure_cmd.strip()\
+                               .split(' ')[0])
         else:
             return '{}-{}-{}-{}.csv'\
-                    .format(old_size_version.revision[:7],
-                            old_size_version.arch, old_size_version.config,
-                            self.code_size_common.measure_cmd.strip().split(' ')[0])
+                   .format(old_size_version.revision, old_size_version.arch,
+                           old_size_version.config,
+                           self.code_size_common.measure_cmd.strip()\
+                               .split(' ')[0])
 
-    def gen_code_size_report(self, size_version: SimpleNamespace):
+    def gen_code_size_report(self, size_version: SimpleNamespace) -> None:
         """Generate code size record and write it into a file."""
 
         self.logger.info("Start to generate code size record for {}."
@@ -585,11 +606,11 @@ class CodeSizeComparison:
             self.code_size_generator.read_size_record(
                 size_version.revision, output_file)
         else:
-            self.code_size_generator.size_generator_write_record(\
-                    size_version.revision, self.cal_code_size(size_version),
-                    output_file)
+            self.code_size_generator.size_generator_write_record(
+                size_version.revision, self.cal_code_size(size_version),
+                output_file)
 
-    def gen_code_size_comparison(self) -> int:
+    def gen_code_size_comparison(self) -> None:
         """Generate results of code size changes between two revisions,
         old and new. Measured code size results of these two revisions
         must be available."""
@@ -606,15 +627,13 @@ class CodeSizeComparison:
             self.old_size_version.revision, self.new_size_version.revision,
             output_file, self.code_size_common.result_options)
 
-        return 0
-
-    def get_comparision_results(self) -> int:
+    def get_comparision_results(self) -> None:
         """Compare size of library/*.o between self.old_rev and self.new_rev,
         and generate the result file."""
         build_tree.check_repo_path()
         self.gen_code_size_report(self.old_size_version)
         self.gen_code_size_report(self.new_size_version)
-        return self.gen_code_size_comparison()
+        self.gen_code_size_comparison()
 
 
 def main():
@@ -668,24 +687,21 @@ def main():
         logger.error("{} is not a directory".format(comp_args.result_dir))
         parser.exit()
 
-    validate_res = CodeSizeCalculator.validate_revision(comp_args.old_rev)
-    old_revision = validate_res.decode().replace("\n", "")
-
+    old_revision = CodeSizeCalculator.validate_revision(comp_args.old_rev)
     if comp_args.new_rev is not None:
-        validate_res = CodeSizeCalculator.validate_revision(comp_args.new_rev)
-        new_revision = validate_res.decode().replace("\n", "")
+        new_revision = CodeSizeCalculator.validate_revision(comp_args.new_rev)
     else:
         new_revision = "current"
 
     old_size_version = SimpleNamespace(
-        version="old",
+        version='old',
         revision=old_revision,
         config=comp_args.config,
         arch=comp_args.arch,
         make_cmd='',
     )
     new_size_version = SimpleNamespace(
-        version="new",
+        version='new',
         revision=new_revision,
         config=comp_args.config,
         arch=comp_args.arch,
@@ -707,10 +723,8 @@ def main():
                         new_size_version.revision, old_size_version.config,
                         new_size_version.arch,
                         code_size_common.measure_cmd.strip().split(' ')[0]))
-    size_compare = CodeSizeComparison(old_size_version, new_size_version,\
-            code_size_common, logger)
-    return_code = size_compare.get_comparision_results()
-    sys.exit(return_code)
+    CodeSizeComparison(old_size_version, new_size_version,
+                       code_size_common, logger).get_comparision_results()
 
 if __name__ == "__main__":
     main()

From 5b64e4c7e0bdbc71ab3c0cb546ac19b674f51e96 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 20 Jul 2023 15:09:51 +0800
Subject: [PATCH 095/264] code_size_compare: clean up comments

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 155 +++++++++++++++++++++--------------
 1 file changed, 94 insertions(+), 61 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 01d7b165c6..7141fb2770 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -97,10 +97,13 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
             logger: logging.Logger,
     ) -> None:
         """
-        size_version: SimpleNamespace containing info for code size measurement.
-        size_version.arch: architecture to measure code size on.
-        size_version.config: configuration type to measure code size with.
-        host_arch: host architecture.
+        :param size_version:
+            SimpleNamespace containing info for code size measurement.
+                - size_version.arch: architecture to measure code size on.
+                - size_version.config: configuration type to measure code size
+                                       with.
+        :param host_arch: host architecture.
+        :param logger: logging module
         """
         self.size_version = size_version
         self.host_arch = host_arch
@@ -141,7 +144,7 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
 
 
 class CodeSizeCalculator:
-    """ A calculator to calculate code size of library objects based on
+    """ A calculator to calculate code size of library/*.o based on
     Git revision and code size measurement tool.
     """
 
@@ -153,9 +156,10 @@ class CodeSizeCalculator:
             logger: logging.Logger,
     ) -> None:
         """
-        revision: Git revision.(E.g: commit)
-        make_cmd: command to build objects in library.
-        measure_cmd: command to measure code size for objects in library.
+        :param revision: Git revision.(E.g: commit)
+        :param make_cmd: command to build library/*.o.
+        :param measure_cmd: command to measure code size for library/*.o.
+        :param logger: logging module
         """
         self.repo_path = "."
         self.git_command = "git"
@@ -174,8 +178,8 @@ class CodeSizeCalculator:
         return result[:7]
 
     def _create_git_worktree(self) -> str:
-        """Make a separate worktree for revision.
-        Do not modify the current worktree."""
+        """Create a separate worktree for revision.
+        If revision is current, use current worktree instead."""
 
         if self.revision == "current":
             self.logger.debug("Using current work directory.")
@@ -194,9 +198,9 @@ class CodeSizeCalculator:
         return git_worktree_path
 
     def _build_libraries(self, git_worktree_path: str) -> None:
-        """Build libraries in the specified worktree."""
+        """Build library/*.o in the specified worktree."""
 
-        self.logger.debug("Building objects of library for {}."
+        self.logger.debug("Building library/*.o for {}."
                           .format(self.revision))
         my_environment = os.environ.copy()
         try:
@@ -214,7 +218,7 @@ class CodeSizeCalculator:
             self._handle_called_process_error(e, git_worktree_path)
 
     def _gen_raw_code_size(self, git_worktree_path: str) -> typing.Dict[str, str]:
-        """Calculate code size with measurement tool in UTF-8 encoding."""
+        """Measure code size by a tool and return in UTF-8 encoding."""
 
         self.logger.debug("Measuring code size for {} by `{}`."
                           .format(self.revision,
@@ -258,7 +262,12 @@ class CodeSizeCalculator:
         sys.exit(-1)
 
     def cal_libraries_code_size(self) -> typing.Dict[str, str]:
-        """Calculate code size of libraries by measurement tool."""
+        """Do a complete round to calculate code size of library/*.o
+        by measurement tool.
+
+        :return A dictionary of measured code size
+            - typing.Dict[mod: str]
+        """
 
         git_worktree_path = self._create_git_worktree()
         self._build_libraries(git_worktree_path)
@@ -269,13 +278,16 @@ class CodeSizeCalculator:
 
 
 class CodeSizeGenerator:
-    """ A generator based on size measurement tool for library objects.
+    """ A generator based on size measurement tool for library/*.o.
 
     This is an abstract class. To use it, derive a class that implements
     size_generator_write_record and size_generator_write_comparison methods,
     then call both of them with proper arguments.
     """
     def __init__(self, logger: logging.Logger) -> None:
+        """
+        :param logger: logging module
+        """
         self.logger = logger
 
     def size_generator_write_record(
@@ -286,9 +298,11 @@ class CodeSizeGenerator:
     ) -> None:
         """Write size record into a file.
 
-        revision: Git revision.(E.g: commit)
-        code_size_text: text output (utf-8) from code size measurement tool.
-        output_file: file which the code size record is written to.
+        :param revision: Git revision.(E.g: commit)
+        :param code_size_text:
+            string output (utf-8) from measurement tool of code size.
+                - typing.Dict[mod: str]
+        :param output_file: file which the code size record is written to.
         """
         raise NotImplementedError
 
@@ -301,13 +315,15 @@ class CodeSizeGenerator:
     ) -> None:
         """Write a comparision result into a stream between two revisions.
 
-        old_rev: old git revision to compared with.
-        new_rev: new git revision to compared with.
-        output_stream: stream which the code size record is written to.
-                       (E.g: file / sys.stdout)
-        result_options: SimpleNamespace containing options for comparison result.
-            with_markdown: write comparision result in a markdown table. (Default: False)
-            stdout: direct comparison result into sys.stdout. (Default: False)
+        :param old_rev: old Git revision to compared with.
+        :param new_rev: new Git revision to compared with.
+        :param output_stream: stream which the code size record is written to.
+        :param result_options:
+            SimpleNamespace containing options for comparison result.
+                - result_options.with_markdown:  write comparision result in a
+                                                 markdown table. (Default: False)
+                - result_options.stdout: direct comparison result into
+                                         sys.stdout. (Default: False)
         """
         raise NotImplementedError
 
@@ -325,14 +341,15 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
     def __init__(self, logger: logging.Logger) -> None:
         """ Variable code_size is used to store size info for any revisions.
-        code_size: (data format)
-        {revision: {module: {file_name: [text, data, bss, dec],
-                             etc ...
-                            },
-                    etc ...
-                   },
-         etc ...
-        }
+        :param code_size:
+            Data Format as following:
+                {revision: {module: {file_name: [text, data, bss, dec],
+                                     etc ...
+                                    },
+                            etc ...
+                           },
+                 etc ...
+                }
         """
         super().__init__(logger)
         self.code_size = {} #type: typing.Dict[str, typing.Dict]
@@ -501,7 +518,11 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             output_stream: str,
             result_options: SimpleNamespace
     ) -> None:
-        """Write a comparision result into a stream between two revisions."""
+        """Write a comparision result into a stream between two revisions.
+
+        By default, it's written into a file called output_stream.
+        Once result_options.stdout is set, it's written into sys.stdout instead.
+        """
         self.logger.debug("Generating comparison results between {} and {}."
                           .format(old_rev, new_rev))
 
@@ -524,9 +545,14 @@ class CodeSizeComparison:
             logger: logging.Logger,
     ) -> None:
         """
-        old_revision: revision to compare against.
-        new_revision:
-        result_dir: directory for comparison result.
+        :param old_size_version: SimpleNamespace containing old version info
+                                 to compare code size with.
+        :param new_size_version: SimpleNamespace containing new version info
+                                 to take as comparision base.
+        :param code_size_common: SimpleNamespace containing common info for
+                                 both old and new size version,
+                                 measurement tool and result options.
+        :param logger: logging module
         """
         self.result_dir = os.path.abspath(
             code_size_common.result_options.result_dir)
@@ -551,6 +577,7 @@ class CodeSizeComparison:
         self.code_size_generator = self.__generate_size_parser()
 
     def __generate_size_parser(self):
+        """Generate a parser for the corresponding measurement tool."""
         if re.match(r'size', self.code_size_common.measure_cmd.strip()):
             return CodeSizeGeneratorWithSize(self.logger)
         else:
@@ -564,7 +591,7 @@ class CodeSizeComparison:
             self,
             size_version: SimpleNamespace
         ) -> typing.Dict[str, str]:
-        """Calculate code size of library objects in a UTF-8 encoding"""
+        """Calculate code size of library/*.o in a UTF-8 encoding"""
 
         return CodeSizeCalculator(size_version.revision, size_version.make_cmd,
                                   self.code_size_common.measure_cmd,
@@ -612,8 +639,12 @@ class CodeSizeComparison:
 
     def gen_code_size_comparison(self) -> None:
         """Generate results of code size changes between two revisions,
-        old and new. Measured code size results of these two revisions
-        must be available."""
+        old and new.
+
+        - Measured code size results of these two revisions must be available.
+        - The result is directed into either file / stdout depending on
+          the option, code_size_common.result_options.stdout. (Default: file)
+        """
 
         self.logger.info("Start to generate comparision result between "\
                          "{} and {}."
@@ -628,8 +659,8 @@ class CodeSizeComparison:
             output_file, self.code_size_common.result_options)
 
     def get_comparision_results(self) -> None:
-        """Compare size of library/*.o between self.old_rev and self.new_rev,
-        and generate the result file."""
+        """Compare size of library/*.o between self.old_size_version and
+        self.old_size_version and generate the result file."""
         build_tree.check_repo_path()
         self.gen_code_size_report(self.old_size_version)
         self.gen_code_size_report(self.new_size_version)
@@ -642,41 +673,43 @@ def main():
         'required arguments',
         'required arguments to parse for running ' + os.path.basename(__file__))
     group_required.add_argument(
-        "-o", "--old-rev", type=str, required=True,
-        help="old revision for comparison.")
+        '-o', '--old-rev', type=str, required=True,
+        help='old revision for comparison.')
 
     group_optional = parser.add_argument_group(
         'optional arguments',
         'optional arguments to parse for running ' + os.path.basename(__file__))
     group_optional.add_argument(
-        "-r", "--result-dir", type=str, default="comparison",
-        help="directory where comparison result is stored, \
-              default is comparison")
+        '-r', '--result-dir', type=str, default='comparison',
+        help='directory where comparison result is stored. '
+             '(Default: comparison)')
     group_optional.add_argument(
-        "-n", "--new-rev", type=str, default=None,
-        help="new revision for comparison, default is the current work \
-              directory, including uncommitted changes.")
+        '-n', '--new-rev', type=str, default=None,
+        help='new revision as comparison base. '
+             '(Default is the current work directory, including uncommitted '
+             'changes.)')
     group_optional.add_argument(
-        "-a", "--arch", type=str, default=detect_arch(),
+        '-a', '--arch', type=str, default=detect_arch(),
         choices=list(map(lambda s: s.value, SupportedArch)),
-        help="specify architecture for code size comparison, default is the\
-              host architecture.")
+        help='Specify architecture for code size comparison. '
+             '(Default is the host architecture.)')
     group_optional.add_argument(
-        "-c", "--config", type=str, default=SupportedConfig.DEFAULT.value,
+        '-c', '--config', type=str, default=SupportedConfig.DEFAULT.value,
         choices=list(map(lambda s: s.value, SupportedConfig)),
-        help="specify configuration type for code size comparison,\
-              default is the current MbedTLS configuration.")
+        help='Specify configuration type for code size comparison. '
+             '(Default is the current MbedTLS configuration.)')
     group_optional.add_argument(
         '--markdown', action='store_true', dest='markdown',
-        help="Show comparision of code size in a markdown table\
-              (only show the files that have changed).")
+        help='Show comparision of code size in a markdown table. '
+             '(Only show the files that have changed).')
     group_optional.add_argument(
         '--stdout', action='store_true', dest='stdout',
-        help="Set this option to direct comparison result into sys.stdout.\
-              (Default: file)")
+        help='Set this option to direct comparison result into sys.stdout. '
+             '(Default: file)')
     group_optional.add_argument(
         '--verbose', action='store_true', dest='verbose',
-        help="Show logs in detail for code size measurement. (Default: False)")
+        help='Show logs in detail for code size measurement. '
+             '(Default: False)')
     comp_args = parser.parse_args()
 
     logger = logging.getLogger()

From 955671b0ef2b7faed11054c718189d7d3cd029e9 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 21 Jul 2023 12:08:27 +0800
Subject: [PATCH 096/264] code_size_compare: replace SimpleNameSpace to a
 clearer data struct

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 377 ++++++++++++++++++++---------------
 1 file changed, 220 insertions(+), 157 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 7141fb2770..9b58d5093c 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -32,7 +32,6 @@ import sys
 import typing
 from enum import Enum
 
-from types import SimpleNamespace
 from mbedtls_dev import build_tree
 from mbedtls_dev import logging_util
 from mbedtls_dev import typing_util
@@ -45,6 +44,7 @@ class SupportedArch(Enum):
     X86_64 = 'x86_64'
     X86 = 'x86'
 
+
 CONFIG_TFM_MEDIUM_MBEDCRYPTO_H = '../configs/tfm_mbedcrypto_config_profile_medium.h'
 CONFIG_TFM_MEDIUM_PSA_CRYPTO_H = '../configs/crypto_config_profile_medium.h'
 class SupportedConfig(Enum):
@@ -52,6 +52,7 @@ class SupportedConfig(Enum):
     DEFAULT = 'default'
     TFM_MEDIUM = 'tfm-medium'
 
+
 # Static library
 MBEDTLS_STATIC_LIB = {
     'CRYPTO': 'library/libmbedcrypto.a',
@@ -59,6 +60,70 @@ MBEDTLS_STATIC_LIB = {
     'TLS': 'library/libmbedtls.a',
 }
 
+class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods
+    """Data structure to store possibly distinct information for code size
+    comparison."""
+    def __init__( #pylint: disable=too-many-arguments
+            self,
+            version: str,
+            git_rev: str,
+            arch: str,
+            config: str,
+            make_cmd: str,
+    ) -> None:
+        """
+        :param: version: which version to compare with for code size.
+        :param: git_rev: Git revision to calculate code size.
+        :param: arch: architecture to measure code size on.
+        :param: config: Configuration type to calculate code size.
+                        (See SupportedConfig)
+        :param: make_cmd: make command to build library/*.o.
+        """
+        self.version = version
+        self.git_rev = git_rev
+        self.arch = arch
+        self.config = config
+        self.make_cmd = make_cmd
+
+
+class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
+    """Data structure to store common information for code size comparison."""
+    def __init__(
+            self,
+            host_arch: str,
+            measure_cmd: str,
+    ) -> None:
+        """
+        :param host_arch: host architecture.
+        :param measure_cmd: command to measure code size for library/*.o.
+        """
+        self.host_arch = host_arch
+        self.measure_cmd = measure_cmd
+
+
+class CodeSizeResultInfo: # pylint: disable=too-few-public-methods
+    """Data structure to store result options for code size comparison."""
+    def __init__(
+            self,
+            record_dir: str,
+            comp_dir: str,
+            with_markdown=False,
+            stdout=False,
+    ) -> None:
+        """
+        :param record_dir: directory to store code size record.
+        :param comp_dir: directory to store results of code size comparision.
+        :param with_markdown: write comparision result into a markdown table.
+                              (Default: False)
+        :param stdout: direct comparison result into sys.stdout.
+                       (Default False)
+        """
+        self.record_dir = record_dir
+        self.comp_dir = comp_dir
+        self.with_markdown = with_markdown
+        self.stdout = stdout
+
+
 DETECT_ARCH_CMD = "cc -dM -E - < /dev/null"
 def detect_arch() -> str:
     """Auto-detect host architecture."""
@@ -92,20 +157,20 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
 
     def __init__(
             self,
-            size_version: SimpleNamespace,
+            size_dist_info: CodeSizeDistinctInfo,
             host_arch: str,
             logger: logging.Logger,
     ) -> None:
         """
-        :param size_version:
-            SimpleNamespace containing info for code size measurement.
-                - size_version.arch: architecture to measure code size on.
-                - size_version.config: configuration type to measure code size
-                                       with.
+        :param size_dist_info:
+            CodeSizeDistinctInfo containing info for code size measurement.
+                - size_dist_info.arch: architecture to measure code size on.
+                - size_dist_info.config: configuration type to measure
+                                         code size with.
         :param host_arch: host architecture.
         :param logger: logging module
         """
-        self.size_version = size_version
+        self.size_dist_info = size_dist_info
         self.host_arch = host_arch
         self.logger = logger
 
@@ -113,12 +178,12 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         """Infer make command based on architecture and configuration."""
 
         # make command by default
-        if self.size_version.config == SupportedConfig.DEFAULT.value and \
-           self.size_version.arch == self.host_arch:
+        if self.size_dist_info.config == SupportedConfig.DEFAULT.value and \
+           self.size_dist_info.arch == self.host_arch:
             return 'make -j lib CFLAGS=\'-Os \' '
         # make command for TF-M
-        elif self.size_version.arch == SupportedArch.ARMV8_M.value and \
-             self.size_version.config == SupportedConfig.TFM_MEDIUM.value:
+        elif self.size_dist_info.arch == SupportedArch.ARMV8_M.value and \
+             self.size_dist_info.config == SupportedConfig.TFM_MEDIUM.value:
             return \
                  'make -j lib CC=armclang \
                   CFLAGS=\'--target=arm-arm-none-eabi -mcpu=cortex-m33 -Os \
@@ -128,8 +193,8 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         else:
             self.logger.error("Unsupported combination of architecture: {} " \
                               "and configuration: {}.\n"
-                              .format(self.size_version.arch,
-                                      self.size_version.config))
+                              .format(self.size_dist_info.arch,
+                                      self.size_dist_info.config))
             self.logger.info("Please use supported combination of " \
                              "architecture and configuration:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
@@ -150,13 +215,13 @@ class CodeSizeCalculator:
 
     def __init__(
             self,
-            revision: str,
+            git_rev: str,
             make_cmd: str,
             measure_cmd: str,
             logger: logging.Logger,
     ) -> None:
         """
-        :param revision: Git revision.(E.g: commit)
+        :param git_rev: Git revision. (E.g: commit)
         :param make_cmd: command to build library/*.o.
         :param measure_cmd: command to measure code size for library/*.o.
         :param logger: logging module
@@ -165,33 +230,33 @@ class CodeSizeCalculator:
         self.git_command = "git"
         self.make_clean = 'make clean'
 
-        self.revision = revision
+        self.git_rev = git_rev
         self.make_cmd = make_cmd
         self.measure_cmd = measure_cmd
         self.logger = logger
 
     @staticmethod
-    def validate_revision(revision: str) -> str:
+    def validate_git_revision(git_rev: str) -> str:
         result = subprocess.check_output(["git", "rev-parse", "--verify",
-                                          revision + "^{commit}"], shell=False,
-                                         universal_newlines=True)
+                                          git_rev + "^{commit}"],
+                                         shell=False, universal_newlines=True)
         return result[:7]
 
     def _create_git_worktree(self) -> str:
-        """Create a separate worktree for revision.
-        If revision is current, use current worktree instead."""
+        """Create a separate worktree for Git revision.
+        If Git revision is current, use current worktree instead."""
 
-        if self.revision == "current":
+        if self.git_rev == "current":
             self.logger.debug("Using current work directory.")
             git_worktree_path = self.repo_path
         else:
             self.logger.debug("Creating git worktree for {}."
-                              .format(self.revision))
+                              .format(self.git_rev))
             git_worktree_path = os.path.join(self.repo_path,
-                                             "temp-" + self.revision)
+                                             "temp-" + self.git_rev)
             subprocess.check_output(
                 [self.git_command, "worktree", "add", "--detach",
-                 git_worktree_path, self.revision], cwd=self.repo_path,
+                 git_worktree_path, self.git_rev], cwd=self.repo_path,
                 stderr=subprocess.STDOUT
             )
 
@@ -201,7 +266,7 @@ class CodeSizeCalculator:
         """Build library/*.o in the specified worktree."""
 
         self.logger.debug("Building library/*.o for {}."
-                          .format(self.revision))
+                          .format(self.git_rev))
         my_environment = os.environ.copy()
         try:
             subprocess.check_output(
@@ -221,7 +286,7 @@ class CodeSizeCalculator:
         """Measure code size by a tool and return in UTF-8 encoding."""
 
         self.logger.debug("Measuring code size for {} by `{}`."
-                          .format(self.revision,
+                          .format(self.git_rev,
                                   self.measure_cmd.strip().split(' ')[0]))
 
         res = {}
@@ -292,13 +357,13 @@ class CodeSizeGenerator:
 
     def size_generator_write_record(
             self,
-            revision: str,
+            git_rev: str,
             code_size_text: typing.Dict,
             output_file: str
     ) -> None:
         """Write size record into a file.
 
-        :param revision: Git revision.(E.g: commit)
+        :param git_rev: Git revision. (E.g: commit)
         :param code_size_text:
             string output (utf-8) from measurement tool of code size.
                 - typing.Dict[mod: str]
@@ -311,15 +376,15 @@ class CodeSizeGenerator:
             old_rev: str,
             new_rev: str,
             output_stream: str,
-            result_options: SimpleNamespace
+            result_options: CodeSizeResultInfo
     ) -> None:
-        """Write a comparision result into a stream between two revisions.
+        """Write a comparision result into a stream between two Git revisions.
 
         :param old_rev: old Git revision to compared with.
         :param new_rev: new Git revision to compared with.
         :param output_stream: stream which the code size record is written to.
         :param result_options:
-            SimpleNamespace containing options for comparison result.
+            CodeSizeResultInfo containing options for comparison result.
                 - result_options.with_markdown:  write comparision result in a
                                                  markdown table. (Default: False)
                 - result_options.stdout: direct comparison result into
@@ -340,22 +405,22 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             self.total = dec # total <=> dec
 
     def __init__(self, logger: logging.Logger) -> None:
-        """ Variable code_size is used to store size info for any revisions.
+        """ Variable code_size is used to store size info for any Git revisions.
         :param code_size:
             Data Format as following:
-                {revision: {module: {file_name: [text, data, bss, dec],
-                                     etc ...
-                                    },
-                            etc ...
-                           },
+                {git_rev: {module: {file_name: [text, data, bss, dec],
+                                    etc ...
+                                   },
+                           etc ...
+                          },
                  etc ...
                 }
         """
         super().__init__(logger)
         self.code_size = {} #type: typing.Dict[str, typing.Dict]
 
-    def _set_size_record(self, revision: str, mod: str, size_text: str) -> None:
-        """Store size information for target revision and high-level module.
+    def _set_size_record(self, git_rev: str, mod: str, size_text: str) -> None:
+        """Store size information for target Git revision and high-level module.
 
         size_text Format: text data bss dec hex filename
         """
@@ -365,12 +430,12 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             # file_name: SizeEntry(text, data, bss, dec)
             size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry(
                 data[0], data[1], data[2], data[3])
-        if revision in self.code_size:
-            self.code_size[revision].update({mod: size_record})
+        if git_rev in self.code_size:
+            self.code_size[git_rev].update({mod: size_record})
         else:
-            self.code_size[revision] = {mod: size_record}
+            self.code_size[git_rev] = {mod: size_record}
 
-    def read_size_record(self, revision: str, fname: str) -> None:
+    def read_size_record(self, git_rev: str, fname: str) -> None:
         """Read size information from csv file and write it into code_size.
 
         fname Format: filename text data bss dec
@@ -393,21 +458,21 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 # check if we hit record for the end of a module
                 m = re.match(r'.?TOTALS', line)
                 if m:
-                    if revision in self.code_size:
-                        self.code_size[revision].update({mod: size_record})
+                    if git_rev in self.code_size:
+                        self.code_size[git_rev].update({mod: size_record})
                     else:
-                        self.code_size[revision] = {mod: size_record}
+                        self.code_size[git_rev] = {mod: size_record}
                     mod = ""
                     size_record = {}
 
     def _size_reader_helper(
             self,
-            revision: str,
+            git_rev: str,
             output: typing_util.Writable,
             with_markdown=False
     ) -> typing.Iterator[tuple]:
-        """A helper function to peel code_size based on revision."""
-        for mod, file_size in self.code_size[revision].items():
+        """A helper function to peel code_size based on Git revision."""
+        for mod, file_size in self.code_size[git_rev].items():
             if not with_markdown:
                 output.write("\n" + mod + "\n")
             for fname, size_entry in file_size.items():
@@ -415,7 +480,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
     def _write_size_record(
             self,
-            revision: str,
+            git_rev: str,
             output: typing_util.Writable
     ) -> None:
         """Write size information to a file.
@@ -425,7 +490,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         format_string = "{:<30} {:>7} {:>7} {:>7} {:>7}\n"
         output.write(format_string.format("filename",
                                           "text", "data", "bss", "total"))
-        for _, fname, size_entry in self._size_reader_helper(revision, output):
+        for _, fname, size_entry in self._size_reader_helper(git_rev, output):
             output.write(format_string.format(fname,
                                               size_entry.text, size_entry.data,
                                               size_entry.bss, size_entry.total))
@@ -445,7 +510,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
         def cal_size_section_variation(mod, fname, size_entry, attr):
             new_size = int(size_entry.__dict__[attr])
-            # check if we have the file in old revision
+            # check if we have the file in old Git revision
             if fname in self.code_size[old_rev][mod]:
                 old_size = int(self.code_size[old_rev][mod][fname].__dict__[attr])
                 change = new_size - old_size
@@ -497,28 +562,28 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
     def size_generator_write_record(
             self,
-            revision: str,
+            git_rev: str,
             code_size_text: typing.Dict,
             output_file: str
     ) -> None:
         """Write size record into a specified file based on Git revision and
         output from `size` tool."""
-        self.logger.debug("Generating code size csv for {}.".format(revision))
+        self.logger.debug("Generating code size csv for {}.".format(git_rev))
 
         for mod, size_text in code_size_text.items():
-            self._set_size_record(revision, mod, size_text)
+            self._set_size_record(git_rev, mod, size_text)
 
         output = open(output_file, "w")
-        self._write_size_record(revision, output)
+        self._write_size_record(git_rev, output)
 
     def size_generator_write_comparison(
             self,
             old_rev: str,
             new_rev: str,
             output_stream: str,
-            result_options: SimpleNamespace
+            result_options: CodeSizeResultInfo
     ) -> None:
-        """Write a comparision result into a stream between two revisions.
+        """Write a comparision result into a stream between two Git revisions.
 
         By default, it's written into a file called output_stream.
         Once result_options.stdout is set, it's written into sys.stdout instead.
@@ -537,133 +602,139 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 class CodeSizeComparison:
     """Compare code size between two Git revisions."""
 
-    def __init__(
+    def __init__( #pylint: disable=too-many-arguments
             self,
-            old_size_version: SimpleNamespace,
-            new_size_version: SimpleNamespace,
-            code_size_common: SimpleNamespace,
+            old_size_dist_info: CodeSizeDistinctInfo,
+            new_size_dist_info: CodeSizeDistinctInfo,
+            size_common_info: CodeSizeCommonInfo,
+            result_options: CodeSizeResultInfo,
             logger: logging.Logger,
     ) -> None:
         """
-        :param old_size_version: SimpleNamespace containing old version info
-                                 to compare code size with.
-        :param new_size_version: SimpleNamespace containing new version info
-                                 to take as comparision base.
-        :param code_size_common: SimpleNamespace containing common info for
-                                 both old and new size version,
-                                 measurement tool and result options.
+        :param old_size_dist_info: CodeSizeDistinctInfo containing old distinct
+                                   info to compare code size with.
+        :param new_size_dist_info: CodeSizeDistinctInfo containing new distinct
+                                   info to take as comparision base.
+        :param size_common_info: CodeSizeCommonInfo containing common info for
+                                 both old and new size distinct info and
+                                 measurement tool.
+        :param result_options: CodeSizeResultInfo containing results options for
+                               code size record and comparision.
         :param logger: logging module
         """
-        self.result_dir = os.path.abspath(
-            code_size_common.result_options.result_dir)
-        os.makedirs(self.result_dir, exist_ok=True)
-
-        self.csv_dir = os.path.abspath("code_size_records/")
-        os.makedirs(self.csv_dir, exist_ok=True)
 
         self.logger = logger
 
-        self.old_size_version = old_size_version
-        self.new_size_version = new_size_version
-        self.code_size_common = code_size_common
+        self.old_size_dist_info = old_size_dist_info
+        self.new_size_dist_info = new_size_dist_info
+        self.size_common_info = size_common_info
         # infer make command
-        self.old_size_version.make_cmd = CodeSizeBuildInfo(
-            self.old_size_version, self.code_size_common.host_arch,
+        self.old_size_dist_info.make_cmd = CodeSizeBuildInfo(
+            self.old_size_dist_info, self.size_common_info.host_arch,
             self.logger).infer_make_command()
-        self.new_size_version.make_cmd = CodeSizeBuildInfo(
-            self.new_size_version, self.code_size_common.host_arch,
+        self.new_size_dist_info.make_cmd = CodeSizeBuildInfo(
+            self.new_size_dist_info, self.size_common_info.host_arch,
             self.logger).infer_make_command()
         # initialize size parser with corresponding measurement tool
         self.code_size_generator = self.__generate_size_parser()
 
+        self.result_options = result_options
+        self.csv_dir = os.path.abspath(self.result_options.record_dir)
+        os.makedirs(self.csv_dir, exist_ok=True)
+        self.comp_dir = os.path.abspath(self.result_options.comp_dir)
+        os.makedirs(self.comp_dir, exist_ok=True)
+
     def __generate_size_parser(self):
         """Generate a parser for the corresponding measurement tool."""
-        if re.match(r'size', self.code_size_common.measure_cmd.strip()):
+        if re.match(r'size', self.size_common_info.measure_cmd.strip()):
             return CodeSizeGeneratorWithSize(self.logger)
         else:
             self.logger.error("Unsupported measurement tool: `{}`."
-                              .format(self.code_size_common.measure_cmd
+                              .format(self.size_common_info.measure_cmd
                                       .strip().split(' ')[0]))
             sys.exit(1)
 
 
     def cal_code_size(
             self,
-            size_version: SimpleNamespace
+            size_dist_info: CodeSizeDistinctInfo
         ) -> typing.Dict[str, str]:
         """Calculate code size of library/*.o in a UTF-8 encoding"""
 
-        return CodeSizeCalculator(size_version.revision, size_version.make_cmd,
-                                  self.code_size_common.measure_cmd,
+        return CodeSizeCalculator(size_dist_info.git_rev,
+                                  size_dist_info.make_cmd,
+                                  self.size_common_info.measure_cmd,
                                   self.logger).cal_libraries_code_size()
 
     def gen_file_name(
             self,
-            old_size_version: SimpleNamespace,
-            new_size_version=None
+            old_size_dist_info: CodeSizeDistinctInfo,
+            new_size_dist_info=None
         ) -> str:
         """Generate a literal string as csv file name."""
-        if new_size_version:
+        if new_size_dist_info:
             return '{}-{}-{}-{}-{}-{}-{}.csv'\
-                   .format(old_size_version.revision, old_size_version.arch,
-                           old_size_version.config,
-                           new_size_version.revision, new_size_version.arch,
-                           new_size_version.config,
-                           self.code_size_common.measure_cmd.strip()\
+                   .format(old_size_dist_info.git_rev, old_size_dist_info.arch,
+                           old_size_dist_info.config,
+                           new_size_dist_info.git_rev, new_size_dist_info.arch,
+                           new_size_dist_info.config,
+                           self.size_common_info.measure_cmd.strip()\
                                .split(' ')[0])
         else:
             return '{}-{}-{}-{}.csv'\
-                   .format(old_size_version.revision, old_size_version.arch,
-                           old_size_version.config,
-                           self.code_size_common.measure_cmd.strip()\
+                   .format(old_size_dist_info.git_rev,
+                           old_size_dist_info.arch,
+                           old_size_dist_info.config,
+                           self.size_common_info.measure_cmd.strip()\
                                .split(' ')[0])
 
-    def gen_code_size_report(self, size_version: SimpleNamespace) -> None:
+    def gen_code_size_report(self, size_dist_info: CodeSizeDistinctInfo) -> None:
         """Generate code size record and write it into a file."""
 
         self.logger.info("Start to generate code size record for {}."
-                         .format(size_version.revision))
+                         .format(size_dist_info.git_rev))
         output_file = os.path.join(self.csv_dir,
-                                   self.gen_file_name(size_version))
+                                   self.gen_file_name(size_dist_info))
         # Check if the corresponding record exists
-        if size_version.revision != "current" and \
+        if size_dist_info.git_rev != "current" and \
            os.path.exists(output_file):
             self.logger.debug("Code size csv file for {} already exists."
-                              .format(size_version.revision))
+                              .format(size_dist_info.git_rev))
             self.code_size_generator.read_size_record(
-                size_version.revision, output_file)
+                size_dist_info.git_rev, output_file)
         else:
             self.code_size_generator.size_generator_write_record(
-                size_version.revision, self.cal_code_size(size_version),
+                size_dist_info.git_rev, self.cal_code_size(size_dist_info),
                 output_file)
 
     def gen_code_size_comparison(self) -> None:
-        """Generate results of code size changes between two revisions,
+        """Generate results of code size changes between two Git revisions,
         old and new.
 
-        - Measured code size results of these two revisions must be available.
+        - Measured code size result of these two Git revisions must be available.
         - The result is directed into either file / stdout depending on
-          the option, code_size_common.result_options.stdout. (Default: file)
+          the option, size_common_info.result_options.stdout. (Default: file)
         """
 
         self.logger.info("Start to generate comparision result between "\
                          "{} and {}."
-                         .format(self.old_size_version.revision,
-                                 self.new_size_version.revision))
+                         .format(self.old_size_dist_info.git_rev,
+                                 self.new_size_dist_info.git_rev))
         output_file = os.path.join(
-            self.result_dir,
-            self.gen_file_name(self.old_size_version, self.new_size_version))
+            self.comp_dir,
+            self.gen_file_name(self.old_size_dist_info, self.new_size_dist_info))
 
         self.code_size_generator.size_generator_write_comparison(
-            self.old_size_version.revision, self.new_size_version.revision,
-            output_file, self.code_size_common.result_options)
+            self.old_size_dist_info.git_rev,
+            self.new_size_dist_info.git_rev,
+            output_file, self.result_options)
 
     def get_comparision_results(self) -> None:
-        """Compare size of library/*.o between self.old_size_version and
-        self.old_size_version and generate the result file."""
+        """Compare size of library/*.o between self.old_size_dist_info and
+        self.old_size_dist_info and generate the result file."""
         build_tree.check_repo_path()
-        self.gen_code_size_report(self.old_size_version)
-        self.gen_code_size_report(self.new_size_version)
+        self.gen_code_size_report(self.old_size_dist_info)
+        self.gen_code_size_report(self.new_size_dist_info)
         self.gen_code_size_comparison()
 
 
@@ -674,18 +745,22 @@ def main():
         'required arguments to parse for running ' + os.path.basename(__file__))
     group_required.add_argument(
         '-o', '--old-rev', type=str, required=True,
-        help='old revision for comparison.')
+        help='old Git revision for comparison.')
 
     group_optional = parser.add_argument_group(
         'optional arguments',
         'optional arguments to parse for running ' + os.path.basename(__file__))
     group_optional.add_argument(
-        '-r', '--result-dir', type=str, default='comparison',
+        '--record_dir', type=str, default='code_size_records',
+        help='directory where code size record is stored. '
+             '(Default: code_size_records)')
+    group_optional.add_argument(
+        '-r', '--comp-dir', type=str, default='comparison',
         help='directory where comparison result is stored. '
              '(Default: comparison)')
     group_optional.add_argument(
         '-n', '--new-rev', type=str, default=None,
-        help='new revision as comparison base. '
+        help='new Git revision as comparison base. '
              '(Default is the current work directory, including uncommitted '
              'changes.)')
     group_optional.add_argument(
@@ -716,48 +791,36 @@ def main():
     logging_util.configure_logger(logger)
     logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
 
-    if os.path.isfile(comp_args.result_dir):
-        logger.error("{} is not a directory".format(comp_args.result_dir))
+    if os.path.isfile(comp_args.comp_dir):
+        logger.error("{} is not a directory".format(comp_args.comp_dir))
         parser.exit()
 
-    old_revision = CodeSizeCalculator.validate_revision(comp_args.old_rev)
+    old_revision = CodeSizeCalculator.validate_git_revision(comp_args.old_rev)
     if comp_args.new_rev is not None:
-        new_revision = CodeSizeCalculator.validate_revision(comp_args.new_rev)
+        new_revision = CodeSizeCalculator.validate_git_revision(
+            comp_args.new_rev)
     else:
         new_revision = "current"
 
-    old_size_version = SimpleNamespace(
-        version='old',
-        revision=old_revision,
-        config=comp_args.config,
-        arch=comp_args.arch,
-        make_cmd='',
-    )
-    new_size_version = SimpleNamespace(
-        version='new',
-        revision=new_revision,
-        config=comp_args.config,
-        arch=comp_args.arch,
-        make_cmd='',
-    )
-    code_size_common = SimpleNamespace(
-        result_options=SimpleNamespace(
-            result_dir=comp_args.result_dir,
-            with_markdown=comp_args.markdown,
-            stdout=comp_args.stdout,
-        ),
-        host_arch=detect_arch(),
-        measure_cmd='size -t',
-    )
+    old_size_dist_info = CodeSizeDistinctInfo(
+        'old', old_revision, comp_args.arch, comp_args.config, '')
+    new_size_dist_info = CodeSizeDistinctInfo(
+        'new', new_revision, comp_args.arch, comp_args.config, '')
+    size_common_info = CodeSizeCommonInfo(
+        detect_arch(), 'size -t')
+    result_options = CodeSizeResultInfo(
+        comp_args.record_dir, comp_args.comp_dir,
+        comp_args.markdown, comp_args.stdout)
 
     logger.info("Measure code size between {}:{}-{} and {}:{}-{} by `{}`."
-                .format(old_size_version.revision, old_size_version.config,
-                        old_size_version.arch,
-                        new_size_version.revision, old_size_version.config,
-                        new_size_version.arch,
-                        code_size_common.measure_cmd.strip().split(' ')[0]))
-    CodeSizeComparison(old_size_version, new_size_version,
-                       code_size_common, logger).get_comparision_results()
+                .format(old_size_dist_info.git_rev, old_size_dist_info.config,
+                        old_size_dist_info.arch,
+                        new_size_dist_info.git_rev, old_size_dist_info.config,
+                        new_size_dist_info.arch,
+                        size_common_info.measure_cmd.strip().split(' ')[0]))
+    CodeSizeComparison(old_size_dist_info, new_size_dist_info,
+                       size_common_info, result_options,
+                       logger).get_comparision_results()
 
 if __name__ == "__main__":
     main()

From 5605c6f58fce180d10d398c6ce62edee619ddb64 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 21 Jul 2023 16:09:00 +0800
Subject: [PATCH 097/264] code_size_compare: make CodeSizeBuildInfo more
 flexible

This commit changes how to infer make command. Although we haven't
supported to pass more options in command line, this is the
preparation work to support those features.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 149 ++++++++++++++++++++++++++++-------
 1 file changed, 119 insertions(+), 30 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 9b58d5093c..30251835cd 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -27,6 +27,7 @@ import argparse
 import logging
 import os
 import re
+import shutil
 import subprocess
 import sys
 import typing
@@ -45,8 +46,6 @@ class SupportedArch(Enum):
     X86 = 'x86'
 
 
-CONFIG_TFM_MEDIUM_MBEDCRYPTO_H = '../configs/tfm_mbedcrypto_config_profile_medium.h'
-CONFIG_TFM_MEDIUM_PSA_CRYPTO_H = '../configs/crypto_config_profile_medium.h'
 class SupportedConfig(Enum):
     """Supported configuration for code size measurement."""
     DEFAULT = 'default'
@@ -69,7 +68,8 @@ class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods
             git_rev: str,
             arch: str,
             config: str,
-            make_cmd: str,
+            compiler: str,
+            opt_level: str,
     ) -> None:
         """
         :param: version: which version to compare with for code size.
@@ -77,13 +77,18 @@ class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods
         :param: arch: architecture to measure code size on.
         :param: config: Configuration type to calculate code size.
                         (See SupportedConfig)
-        :param: make_cmd: make command to build library/*.o.
+        :param: compiler: compiler used to build library/*.o.
+        :param: opt_level: Options that control optimization. (E.g. -Os)
         """
         self.version = version
         self.git_rev = git_rev
         self.arch = arch
         self.config = config
-        self.make_cmd = make_cmd
+        self.compiler = compiler
+        self.opt_level = opt_level
+        # Note: Variables below are not initialized by class instantiation.
+        self.pre_make_cmd = [] #type: typing.List[str]
+        self.make_cmd = ''
 
 
 class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
@@ -140,6 +145,13 @@ def detect_arch() -> str:
         print("Unknown host architecture, cannot auto-detect arch.")
         sys.exit(1)
 
+TFM_MEDIUM_CONFIG_H = 'configs/tfm_mbedcrypto_config_profile_medium.h'
+TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/crypto_config_profile_medium.h'
+
+CONFIG_H = 'include/mbedtls/mbedtls_config.h'
+CRYPTO_CONFIG_H = 'include/psa/crypto_config.h'
+BACKUP_SUFFIX = '.code_size.bak'
+
 class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
     """Gather information used to measure code size.
 
@@ -167,34 +179,79 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
                 - size_dist_info.arch: architecture to measure code size on.
                 - size_dist_info.config: configuration type to measure
                                          code size with.
+                - size_dist_info.compiler: compiler used to build library/*.o.
+                - size_dist_info.opt_level: Options that control optimization.
+                                            (E.g. -Os)
         :param host_arch: host architecture.
         :param logger: logging module
         """
-        self.size_dist_info = size_dist_info
+        self.arch = size_dist_info.arch
+        self.config = size_dist_info.config
+        self.compiler = size_dist_info.compiler
+        self.opt_level = size_dist_info.opt_level
+
+        self.make_cmd = ['make', '-j', 'lib']
+
         self.host_arch = host_arch
         self.logger = logger
 
-    def infer_make_command(self) -> str:
-        """Infer make command based on architecture and configuration."""
+    def check_correctness(self) -> bool:
+        """Check whether we are using proper / supported combination
+        of information to build library/*.o."""
 
-        # make command by default
-        if self.size_dist_info.config == SupportedConfig.DEFAULT.value and \
-           self.size_dist_info.arch == self.host_arch:
-            return 'make -j lib CFLAGS=\'-Os \' '
-        # make command for TF-M
-        elif self.size_dist_info.arch == SupportedArch.ARMV8_M.value and \
-             self.size_dist_info.config == SupportedConfig.TFM_MEDIUM.value:
-            return \
-                 'make -j lib CC=armclang \
-                  CFLAGS=\'--target=arm-arm-none-eabi -mcpu=cortex-m33 -Os \
-                 -DMBEDTLS_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_MBEDCRYPTO_H + '\\\" \
-                 -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=\\\"' + CONFIG_TFM_MEDIUM_PSA_CRYPTO_H + '\\\" \''
-        # unsupported combinations
+        # default config
+        if self.config == SupportedConfig.DEFAULT.value and \
+            self.arch == self.host_arch:
+            return True
+        # TF-M
+        elif self.arch == SupportedArch.ARMV8_M.value and \
+             self.config == SupportedConfig.TFM_MEDIUM.value:
+            return True
+
+        return False
+
+    def infer_pre_make_command(self) -> typing.List[str]:
+        """Infer command to set up proper configuration before running make."""
+        pre_make_cmd = [] #type: typing.List[str]
+        if self.config == SupportedConfig.TFM_MEDIUM.value:
+            pre_make_cmd.append('cp -r {} {}'
+                                .format(TFM_MEDIUM_CONFIG_H, CONFIG_H))
+            pre_make_cmd.append('cp -r {} {}'
+                                .format(TFM_MEDIUM_CRYPTO_CONFIG_H,
+                                        CRYPTO_CONFIG_H))
+
+        return pre_make_cmd
+
+    def infer_make_cflags(self) -> str:
+        """Infer CFLAGS by instance attributes in CodeSizeDistinctInfo."""
+        cflags = [] #type: typing.List[str]
+
+        # set optimization level
+        cflags.append(self.opt_level)
+        # set compiler by config
+        if self.config == SupportedConfig.TFM_MEDIUM.value:
+            self.compiler = 'armclang'
+            cflags.append('-mcpu=cortex-m33')
+        # set target
+        if self.compiler == 'armclang':
+            cflags.append('--target=arm-arm-none-eabi')
+
+        return ' '.join(cflags)
+
+    def infer_make_command(self) -> str:
+        """Infer make command by CFLAGS and CC."""
+
+        if self.check_correctness():
+            # set CFLAGS=
+            self.make_cmd.append('CFLAGS=\'{}\''.format(self.infer_make_cflags()))
+            # set CC=
+            self.make_cmd.append('CC={}'.format(self.compiler))
+            return ' '.join(self.make_cmd)
         else:
             self.logger.error("Unsupported combination of architecture: {} " \
                               "and configuration: {}.\n"
-                              .format(self.size_dist_info.arch,
-                                      self.size_dist_info.config))
+                              .format(self.arch,
+                                      self.config))
             self.logger.info("Please use supported combination of " \
                              "architecture and configuration:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
@@ -213,15 +270,17 @@ class CodeSizeCalculator:
     Git revision and code size measurement tool.
     """
 
-    def __init__(
+    def __init__( #pylint: disable=too-many-arguments
             self,
             git_rev: str,
+            pre_make_cmd: typing.List[str],
             make_cmd: str,
             measure_cmd: str,
             logger: logging.Logger,
     ) -> None:
         """
         :param git_rev: Git revision. (E.g: commit)
+        :param pre_make_cmd: command to set up proper config before running make.
         :param make_cmd: command to build library/*.o.
         :param measure_cmd: command to measure code size for library/*.o.
         :param logger: logging module
@@ -231,6 +290,7 @@ class CodeSizeCalculator:
         self.make_clean = 'make clean'
 
         self.git_rev = git_rev
+        self.pre_make_cmd = pre_make_cmd
         self.make_cmd = make_cmd
         self.measure_cmd = measure_cmd
         self.logger = logger
@@ -246,7 +306,7 @@ class CodeSizeCalculator:
         """Create a separate worktree for Git revision.
         If Git revision is current, use current worktree instead."""
 
-        if self.git_rev == "current":
+        if self.git_rev == 'current':
             self.logger.debug("Using current work directory.")
             git_worktree_path = self.repo_path
         else:
@@ -262,6 +322,16 @@ class CodeSizeCalculator:
 
         return git_worktree_path
 
+    @staticmethod
+    def backup_config_files(restore: bool) -> None:
+        """Backup / Restore config files."""
+        if restore:
+            shutil.move(CONFIG_H + BACKUP_SUFFIX, CONFIG_H)
+            shutil.move(CRYPTO_CONFIG_H + BACKUP_SUFFIX, CRYPTO_CONFIG_H)
+        else:
+            shutil.copy(CONFIG_H, CONFIG_H + BACKUP_SUFFIX)
+            shutil.copy(CRYPTO_CONFIG_H, CRYPTO_CONFIG_H + BACKUP_SUFFIX)
+
     def _build_libraries(self, git_worktree_path: str) -> None:
         """Build library/*.o in the specified worktree."""
 
@@ -269,6 +339,14 @@ class CodeSizeCalculator:
                           .format(self.git_rev))
         my_environment = os.environ.copy()
         try:
+            if self.git_rev == 'current':
+                self.backup_config_files(restore=False)
+            for pre_cmd in self.pre_make_cmd:
+                subprocess.check_output(
+                    pre_cmd, env=my_environment, shell=True,
+                    cwd=git_worktree_path, stderr=subprocess.STDOUT,
+                    universal_newlines=True
+                )
             subprocess.check_output(
                 self.make_clean, env=my_environment, shell=True,
                 cwd=git_worktree_path, stderr=subprocess.STDOUT,
@@ -279,6 +357,8 @@ class CodeSizeCalculator:
                 cwd=git_worktree_path, stderr=subprocess.STDOUT,
                 universal_newlines=True
             )
+            if self.git_rev == 'current':
+                self.backup_config_files(restore=True)
         except subprocess.CalledProcessError as e:
             self._handle_called_process_error(e, git_worktree_path)
 
@@ -628,6 +708,13 @@ class CodeSizeComparison:
         self.old_size_dist_info = old_size_dist_info
         self.new_size_dist_info = new_size_dist_info
         self.size_common_info = size_common_info
+        # infer pre make command
+        self.old_size_dist_info.pre_make_cmd = CodeSizeBuildInfo(
+            self.old_size_dist_info, self.size_common_info.host_arch,
+            self.logger).infer_pre_make_command()
+        self.new_size_dist_info.pre_make_cmd = CodeSizeBuildInfo(
+            self.new_size_dist_info, self.size_common_info.host_arch,
+            self.logger).infer_pre_make_command()
         # infer make command
         self.old_size_dist_info.make_cmd = CodeSizeBuildInfo(
             self.old_size_dist_info, self.size_common_info.host_arch,
@@ -654,7 +741,6 @@ class CodeSizeComparison:
                                       .strip().split(' ')[0]))
             sys.exit(1)
 
-
     def cal_code_size(
             self,
             size_dist_info: CodeSizeDistinctInfo
@@ -662,6 +748,7 @@ class CodeSizeComparison:
         """Calculate code size of library/*.o in a UTF-8 encoding"""
 
         return CodeSizeCalculator(size_dist_info.git_rev,
+                                  size_dist_info.pre_make_cmd,
                                   size_dist_info.make_cmd,
                                   self.size_common_info.measure_cmd,
                                   self.logger).cal_libraries_code_size()
@@ -737,7 +824,6 @@ class CodeSizeComparison:
         self.gen_code_size_report(self.new_size_dist_info)
         self.gen_code_size_comparison()
 
-
 def main():
     parser = argparse.ArgumentParser(description=(__doc__))
     group_required = parser.add_argument_group(
@@ -800,14 +886,17 @@ def main():
         new_revision = CodeSizeCalculator.validate_git_revision(
             comp_args.new_rev)
     else:
-        new_revision = "current"
+        new_revision = 'current'
 
+    # version, git_rev, arch, config, compiler, opt_level
     old_size_dist_info = CodeSizeDistinctInfo(
-        'old', old_revision, comp_args.arch, comp_args.config, '')
+        'old', old_revision, comp_args.arch, comp_args.config, 'cc', '-Os')
     new_size_dist_info = CodeSizeDistinctInfo(
-        'new', new_revision, comp_args.arch, comp_args.config, '')
+        'new', new_revision, comp_args.arch, comp_args.config, 'cc', '-Os')
+    # host_arch, measure_cmd
     size_common_info = CodeSizeCommonInfo(
         detect_arch(), 'size -t')
+    # record_dir, comp_dir, with_markdown, stdout
     result_options = CodeSizeResultInfo(
         comp_args.record_dir, comp_args.comp_dir,
         comp_args.markdown, comp_args.stdout)

From 950590099dbe9b815987e0d30039edc249e54da7 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 24 Jul 2023 12:29:22 +0800
Subject: [PATCH 098/264] code_size_compare: simplify CodeSizeGeneratorWithSize

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 100 +++++++++++++----------------------
 1 file changed, 38 insertions(+), 62 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 30251835cd..4ac798a9f7 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -426,8 +426,8 @@ class CodeSizeGenerator:
     """ A generator based on size measurement tool for library/*.o.
 
     This is an abstract class. To use it, derive a class that implements
-    size_generator_write_record and size_generator_write_comparison methods,
-    then call both of them with proper arguments.
+    write_record and write_comparison methods, then call both of them with
+    proper arguments.
     """
     def __init__(self, logger: logging.Logger) -> None:
         """
@@ -435,11 +435,11 @@ class CodeSizeGenerator:
         """
         self.logger = logger
 
-    def size_generator_write_record(
+    def write_record(
             self,
             git_rev: str,
-            code_size_text: typing.Dict,
-            output_file: str
+            code_size_text: typing.Dict[str, str],
+            output: typing_util.Writable
     ) -> None:
         """Write size record into a file.
 
@@ -447,28 +447,26 @@ class CodeSizeGenerator:
         :param code_size_text:
             string output (utf-8) from measurement tool of code size.
                 - typing.Dict[mod: str]
-        :param output_file: file which the code size record is written to.
+        :param output: output stream which the code size record is written to.
+                       (Note: Normally write code size record into File)
         """
         raise NotImplementedError
 
-    def size_generator_write_comparison(
+    def write_comparison(
             self,
             old_rev: str,
             new_rev: str,
-            output_stream: str,
-            result_options: CodeSizeResultInfo
+            output: typing_util.Writable,
+            with_markdown=False
     ) -> None:
         """Write a comparision result into a stream between two Git revisions.
 
         :param old_rev: old Git revision to compared with.
         :param new_rev: new Git revision to compared with.
-        :param output_stream: stream which the code size record is written to.
-        :param result_options:
-            CodeSizeResultInfo containing options for comparison result.
-                - result_options.with_markdown:  write comparision result in a
-                                                 markdown table. (Default: False)
-                - result_options.stdout: direct comparison result into
-                                         sys.stdout. (Default: False)
+        :param output: output stream which the code size record is written to.
+                       (File / sys.stdout)
+        :param with_markdown:  write comparision result in a markdown table.
+                               (Default: False)
         """
         raise NotImplementedError
 
@@ -558,15 +556,19 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             for fname, size_entry in file_size.items():
                 yield mod, fname, size_entry
 
-    def _write_size_record(
+    def write_record(
             self,
             git_rev: str,
+            code_size_text: typing.Dict[str, str],
             output: typing_util.Writable
     ) -> None:
         """Write size information to a file.
 
         Writing Format: file_name text data bss total(dec)
         """
+        for mod, size_text in code_size_text.items():
+            self._set_size_record(git_rev, mod, size_text)
+
         format_string = "{:<30} {:>7} {:>7} {:>7} {:>7}\n"
         output.write(format_string.format("filename",
                                           "text", "data", "bss", "total"))
@@ -575,12 +577,12 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                                               size_entry.text, size_entry.data,
                                               size_entry.bss, size_entry.total))
 
-    def _write_comparison(
+    def write_comparison(
             self,
             old_rev: str,
             new_rev: str,
             output: typing_util.Writable,
-            with_markdown: bool
+            with_markdown=False
     ) -> None:
         """Write comparison result into a file.
 
@@ -640,44 +642,6 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                              .format(fname,
                                      str(text_vari[0]) + "," + str(data_vari[0])))
 
-    def size_generator_write_record(
-            self,
-            git_rev: str,
-            code_size_text: typing.Dict,
-            output_file: str
-    ) -> None:
-        """Write size record into a specified file based on Git revision and
-        output from `size` tool."""
-        self.logger.debug("Generating code size csv for {}.".format(git_rev))
-
-        for mod, size_text in code_size_text.items():
-            self._set_size_record(git_rev, mod, size_text)
-
-        output = open(output_file, "w")
-        self._write_size_record(git_rev, output)
-
-    def size_generator_write_comparison(
-            self,
-            old_rev: str,
-            new_rev: str,
-            output_stream: str,
-            result_options: CodeSizeResultInfo
-    ) -> None:
-        """Write a comparision result into a stream between two Git revisions.
-
-        By default, it's written into a file called output_stream.
-        Once result_options.stdout is set, it's written into sys.stdout instead.
-        """
-        self.logger.debug("Generating comparison results between {} and {}."
-                          .format(old_rev, new_rev))
-
-        if result_options.stdout:
-            output = sys.stdout
-        else:
-            output = open(output_stream, "w")
-        self._write_comparison(old_rev, new_rev, output,
-                               result_options.with_markdown)
-
 
 class CodeSizeComparison:
     """Compare code size between two Git revisions."""
@@ -790,9 +754,14 @@ class CodeSizeComparison:
             self.code_size_generator.read_size_record(
                 size_dist_info.git_rev, output_file)
         else:
-            self.code_size_generator.size_generator_write_record(
-                size_dist_info.git_rev, self.cal_code_size(size_dist_info),
-                output_file)
+            # measure code size
+            code_size_text = self.cal_code_size(size_dist_info)
+
+            self.logger.debug("Generating code size csv for {}."
+                              .format(size_dist_info.git_rev))
+            output = open(output_file, "w")
+            self.code_size_generator.write_record(
+                size_dist_info.git_rev, code_size_text, output)
 
     def gen_code_size_comparison(self) -> None:
         """Generate results of code size changes between two Git revisions,
@@ -811,10 +780,17 @@ class CodeSizeComparison:
             self.comp_dir,
             self.gen_file_name(self.old_size_dist_info, self.new_size_dist_info))
 
-        self.code_size_generator.size_generator_write_comparison(
+        self.logger.debug("Generating comparison results between {} and {}."
+                          .format(self.old_size_dist_info.git_rev,
+                                  self.new_size_dist_info.git_rev))
+        if self.result_options.stdout:
+            output = sys.stdout
+        else:
+            output = open(output_file, "w")
+        self.code_size_generator.write_comparison(
             self.old_size_dist_info.git_rev,
             self.new_size_dist_info.git_rev,
-            output_file, self.result_options)
+            output, self.result_options.with_markdown)
 
     def get_comparision_results(self) -> None:
         """Compare size of library/*.o between self.old_size_dist_info and

From a6cf692e2a6470a194103e4e2fbc480749a6a4c6 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 24 Jul 2023 15:20:42 +0800
Subject: [PATCH 099/264] code_size_compare: simplify how to generate file name
 of code size

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 65 ++++++++++++++++--------------------
 1 file changed, 28 insertions(+), 37 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 4ac798a9f7..a8c8c9641e 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -90,6 +90,11 @@ class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods
         self.pre_make_cmd = [] #type: typing.List[str]
         self.make_cmd = ''
 
+    def get_info_indication(self):
+        """Return a unique string to indicate Code Size Distinct Information."""
+        return '{}-{}-{}-{}'\
+               .format(self.git_rev, self.arch, self.config, self.compiler)
+
 
 class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
     """Data structure to store common information for code size comparison."""
@@ -105,6 +110,10 @@ class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
         self.host_arch = host_arch
         self.measure_cmd = measure_cmd
 
+    def get_info_indication(self):
+        """Return a unique string to indicate Code Size Common Information."""
+        return '{}'\
+               .format(self.measure_cmd.strip().split(' ')[0])
 
 class CodeSizeResultInfo: # pylint: disable=too-few-public-methods
     """Data structure to store result options for code size comparison."""
@@ -717,35 +726,16 @@ class CodeSizeComparison:
                                   self.size_common_info.measure_cmd,
                                   self.logger).cal_libraries_code_size()
 
-    def gen_file_name(
-            self,
-            old_size_dist_info: CodeSizeDistinctInfo,
-            new_size_dist_info=None
-        ) -> str:
-        """Generate a literal string as csv file name."""
-        if new_size_dist_info:
-            return '{}-{}-{}-{}-{}-{}-{}.csv'\
-                   .format(old_size_dist_info.git_rev, old_size_dist_info.arch,
-                           old_size_dist_info.config,
-                           new_size_dist_info.git_rev, new_size_dist_info.arch,
-                           new_size_dist_info.config,
-                           self.size_common_info.measure_cmd.strip()\
-                               .split(' ')[0])
-        else:
-            return '{}-{}-{}-{}.csv'\
-                   .format(old_size_dist_info.git_rev,
-                           old_size_dist_info.arch,
-                           old_size_dist_info.config,
-                           self.size_common_info.measure_cmd.strip()\
-                               .split(' ')[0])
-
     def gen_code_size_report(self, size_dist_info: CodeSizeDistinctInfo) -> None:
         """Generate code size record and write it into a file."""
 
         self.logger.info("Start to generate code size record for {}."
                          .format(size_dist_info.git_rev))
-        output_file = os.path.join(self.csv_dir,
-                                   self.gen_file_name(size_dist_info))
+        output_file = os.path.join(
+            self.csv_dir,
+            '{}-{}.csv'
+            .format(size_dist_info.get_info_indication(),
+                    self.size_common_info.get_info_indication()))
         # Check if the corresponding record exists
         if size_dist_info.git_rev != "current" and \
            os.path.exists(output_file):
@@ -776,17 +766,20 @@ class CodeSizeComparison:
                          "{} and {}."
                          .format(self.old_size_dist_info.git_rev,
                                  self.new_size_dist_info.git_rev))
-        output_file = os.path.join(
-            self.comp_dir,
-            self.gen_file_name(self.old_size_dist_info, self.new_size_dist_info))
+        if self.result_options.stdout:
+            output = sys.stdout
+        else:
+            output_file = os.path.join(
+                self.comp_dir,
+                '{}-{}-{}.csv'
+                .format(self.old_size_dist_info.get_info_indication(),
+                        self.new_size_dist_info.get_info_indication(),
+                        self.size_common_info.get_info_indication()))
+            output = open(output_file, "w")
 
         self.logger.debug("Generating comparison results between {} and {}."
                           .format(self.old_size_dist_info.git_rev,
                                   self.new_size_dist_info.git_rev))
-        if self.result_options.stdout:
-            output = sys.stdout
-        else:
-            output = open(output_file, "w")
         self.code_size_generator.write_comparison(
             self.old_size_dist_info.git_rev,
             self.new_size_dist_info.git_rev,
@@ -877,12 +870,10 @@ def main():
         comp_args.record_dir, comp_args.comp_dir,
         comp_args.markdown, comp_args.stdout)
 
-    logger.info("Measure code size between {}:{}-{} and {}:{}-{} by `{}`."
-                .format(old_size_dist_info.git_rev, old_size_dist_info.config,
-                        old_size_dist_info.arch,
-                        new_size_dist_info.git_rev, old_size_dist_info.config,
-                        new_size_dist_info.arch,
-                        size_common_info.measure_cmd.strip().split(' ')[0]))
+    logger.info("Measure code size between {} and {} by `{}`."
+                .format(old_size_dist_info.get_info_indication(),
+                        new_size_dist_info.get_info_indication(),
+                        size_common_info.get_info_indication()))
     CodeSizeComparison(old_size_dist_info, new_size_dist_info,
                        size_common_info, result_options,
                        logger).get_comparision_results()

From 69262fc087ca62255a6a78e61657460416e75f79 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 24 Jul 2023 16:36:40 +0800
Subject: [PATCH 100/264] code_size_compare: add extra indication if print to
 sys.stdout

If we output comparison result into sys.stdout, it will print an
extra line to show information we used for code size comparison in
detail. This would be helpful if we copy & paste code size changes
in Github comment.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index a8c8c9641e..b886a9e990 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -768,6 +768,10 @@ class CodeSizeComparison:
                                  self.new_size_dist_info.git_rev))
         if self.result_options.stdout:
             output = sys.stdout
+            print("Measure code size between `{}` and `{}` by `{}`."
+                  .format(self.old_size_dist_info.get_info_indication(),
+                          self.new_size_dist_info.get_info_indication(),
+                          self.size_common_info.get_info_indication()))
         else:
             output_file = os.path.join(
                 self.comp_dir,

From f2cd717952bc97a23dcfdfd85ba75aef43e3c6af Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 24 Jul 2023 16:56:46 +0800
Subject: [PATCH 101/264] code_size_compare: print 'None' if comparing size for
 a new file

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index b886a9e990..e79b379085 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -647,9 +647,11 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                             "{:.2%}".format(text_vari[3]) + ","
                             + "{:.2%}".format(data_vari[3])))
             else:
-                output.write("{:<30} {:<18}\n"
-                             .format(fname,
-                                     str(text_vari[0]) + "," + str(data_vari[0])))
+                output.write(
+                    format_string
+                    .format(fname,
+                            str(text_vari[0]) + "," + str(data_vari[0]),
+                            'None', 'None', 'None'))
 
 
 class CodeSizeComparison:

From 25bd33189927a2741124afb45fb719e3e87ecce3 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Tue, 25 Jul 2023 10:24:20 +0800
Subject: [PATCH 102/264] code_size_compare: round percentage to an integer
 value

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index e79b379085..88578feb4a 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -644,8 +644,8 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                             str(text_vari[0]) + "," + str(data_vari[0]),
                             str(text_vari[1]) + "," + str(data_vari[1]),
                             str(text_vari[2]) + "," + str(data_vari[2]),
-                            "{:.2%}".format(text_vari[3]) + ","
-                            + "{:.2%}".format(data_vari[3])))
+                            "{:.0%}".format(text_vari[3]) + ","
+                            + "{:.0%}".format(data_vari[3])))
             else:
                 output.write(
                     format_string

From e4a3636fac45317323c4132450368f824a945d27 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Tue, 25 Jul 2023 10:37:11 +0800
Subject: [PATCH 103/264] code_size_compare: add comments to make code more
 readable

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 88578feb4a..0c29c41faa 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -92,8 +92,9 @@ class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods
 
     def get_info_indication(self):
         """Return a unique string to indicate Code Size Distinct Information."""
-        return '{}-{}-{}-{}'\
-               .format(self.git_rev, self.arch, self.config, self.compiler)
+        return '{rev}-{arch}-{config}-{cc}'\
+               .format(rev=self.git_rev, arch=self.arch, config=self.config,
+                       cc=self.compiler)
 
 
 class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
@@ -112,8 +113,8 @@ class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
 
     def get_info_indication(self):
         """Return a unique string to indicate Code Size Common Information."""
-        return '{}'\
-               .format(self.measure_cmd.strip().split(' ')[0])
+        return '{measure_tool}'\
+               .format(measure_tool=self.measure_cmd.strip().split(' ')[0])
 
 class CodeSizeResultInfo: # pylint: disable=too-few-public-methods
     """Data structure to store result options for code size comparison."""
@@ -223,11 +224,11 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         """Infer command to set up proper configuration before running make."""
         pre_make_cmd = [] #type: typing.List[str]
         if self.config == SupportedConfig.TFM_MEDIUM.value:
-            pre_make_cmd.append('cp -r {} {}'
-                                .format(TFM_MEDIUM_CONFIG_H, CONFIG_H))
-            pre_make_cmd.append('cp -r {} {}'
-                                .format(TFM_MEDIUM_CRYPTO_CONFIG_H,
-                                        CRYPTO_CONFIG_H))
+            pre_make_cmd.append('cp -r {src} {dest}'
+                                .format(src=TFM_MEDIUM_CONFIG_H, dest=CONFIG_H))
+            pre_make_cmd.append('cp -r {src} {dest}'
+                                .format(src=TFM_MEDIUM_CRYPTO_CONFIG_H,
+                                        dest=CRYPTO_CONFIG_H))
 
         return pre_make_cmd
 
@@ -641,15 +642,20 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 output.write(
                     format_string
                     .format(fname,
+                            # current(text,data)
                             str(text_vari[0]) + "," + str(data_vari[0]),
+                            # old(text,data)
                             str(text_vari[1]) + "," + str(data_vari[1]),
+                            # change(text,data)
                             str(text_vari[2]) + "," + str(data_vari[2]),
+                            # change%(text,data)
                             "{:.0%}".format(text_vari[3]) + ","
                             + "{:.0%}".format(data_vari[3])))
             else:
                 output.write(
                     format_string
                     .format(fname,
+                            # current(text,data)
                             str(text_vari[0]) + "," + str(data_vari[0]),
                             'None', 'None', 'None'))
 

From e3268afb117bc4e66bce2107cf6058fc7e10b633 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Tue, 25 Jul 2023 17:33:55 +0100
Subject: [PATCH 104/264] Add PSA SHA3 tests for hash_verify and multipart

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data | 80 ++++++++++++++++++++
 1 file changed, 80 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 1133c398db..769df58e1d 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -310,6 +310,22 @@ PSA hash verify: RIPEMD160
 depends_on:PSA_WANT_ALG_RIPEMD160
 hash_verify:PSA_ALG_RIPEMD160:"bd":"5089265ee5d9af75d12dbf7ea2f27dbdee435b37"
 
+PSA hash verify: SHA3-224
+depends_on:PSA_WANT_ALG_SHA3_224
+hash_verify:PSA_ALG_SHA3_224:"bd":"79bd1a58a357d1a0ac15b43400bc396d17bdc6d3d90369f16f650b25"
+
+PSA hash verify: SHA3-256
+depends_on:PSA_WANT_ALG_SHA3_256
+hash_verify:PSA_ALG_SHA3_256:"bd":"b389fa0f45f21196cc2736e8de396497a2414be31e7a500a499918b8cf3257b2"
+
+PSA hash verify: SHA3-384
+depends_on:PSA_WANT_ALG_SHA3_384
+hash_verify:PSA_ALG_SHA3_384:"bd":"5a337b67965736040c5b1f2d4df7f9ca76cf01866c7d64ed8dd812b97995da9b14ef07f9c4d9190888e4b15c4df2203d"
+
+PSA hash verify: SHA3-512
+depends_on:PSA_WANT_ALG_SHA3_512
+hash_verify:PSA_ALG_SHA3_512:"bd":"72bacd82495cb72a44523cda462f0f02c9f33b6312e24e44f5c40deed2bbc37854b606cb2f62cce6a394b4157d8e6e89b22682380dc129dddd402693ffa98a6c"
+
 PSA hash multi part: SHA-1 Test Vector NIST CAVS #1
 depends_on:PSA_WANT_ALG_SHA_1
 hash_multi_part:PSA_ALG_SHA_1:"":"da39a3ee5e6b4b0d3255bfef95601890afd80709"
@@ -529,3 +545,67 @@ hash_multi_part:PSA_ALG_RIPEMD160:"4142434445464748494a4b4c4d4e4f505152535455565
 PSA hash multi part: RIPEMD160 Test vector from paper #8
 depends_on:PSA_WANT_ALG_RIPEMD160
 hash_multi_part:PSA_ALG_RIPEMD160:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
+
+PSA hash multi part: SHA3-224 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA3_224
+hash_multi_part:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7"
+
+PSA hash multi part: SHA3-256 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA3_256
+hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
+
+PSA hash multi part: SHA3-384 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA3_384
+hash_multi_part:PSA_ALG_SHA3_384:"":"0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004"
+
+PSA hash multi part: SHA3-512 Test Vector NIST ""
+depends_on:PSA_WANT_ALG_SHA3_512
+hash_multi_part:PSA_ALG_SHA3_512:"":"a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"
+
+PSA hash multi part: SHA3-224 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA3_224
+hash_multi_part:PSA_ALG_SHA3_224:"616263":"e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf"
+
+PSA hash multi part: SHA3-256 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA3_256
+hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
+
+PSA hash multi part: SHA3-384 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA3_384
+hash_multi_part:PSA_ALG_SHA3_384:"616263":"ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25"
+
+PSA hash multi part: SHA3-512 Test Vector NIST "abc"
+depends_on:PSA_WANT_ALG_SHA3_512
+hash_multi_part:PSA_ALG_SHA3_512:"616263":"b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0"
+
+PSA hash multi part: SHA3-224 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA3_224
+hash_multi_part:PSA_ALG_SHA3_224:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"8a24108b154ada21c9fd5574494479ba5c7e7ab76ef264ead0fcce33"
+
+PSA hash multi part: SHA3-256 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA3_256
+hash_multi_part:PSA_ALG_SHA3_256:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"41c0dba2a9d6240849100376a8235e2c82e1b9998a999e21db32dd97496d3376"
+
+PSA hash multi part: SHA3-384 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA3_384
+hash_multi_part:PSA_ALG_SHA3_384:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"991c665755eb3a4b6bbdfb75c78a492e8c56a22c5c4d7e429bfdbc32b9d4ad5aa04a1f076e62fea19eef51acd0657c22"
+
+PSA hash multi part: SHA3-512 Test Vector NIST 448 bits: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+depends_on:PSA_WANT_ALG_SHA3_512
+hash_multi_part:PSA_ALG_SHA3_512:"6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071":"04a371e84ecfb5b8b77cb48610fca8182dd457ce6f326a0fd3d7ec2f1e91636dee691fbe0c985302ba1b0d8dc78c086346b533b49c030d99a27daf1139d6e75e"
+
+PSA hash multi part: SHA3-224 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA3_224
+hash_multi_part:PSA_ALG_SHA3_224:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"543e6868e1666c1a643630df77367ae5a62a85070a51c14cbf665cbc"
+
+PSA hash multi part: SHA3-256 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA3_256
+hash_multi_part:PSA_ALG_SHA3_256:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"916f6061fe879741ca6469b43971dfdb28b1a32dc36cb3254e812be27aad1d18"
+
+PSA hash multi part: SHA3-384 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA3_384
+hash_multi_part:PSA_ALG_SHA3_384:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"79407d3b5916b59c3e30b09822974791c313fb9ecc849e406f23592d04f625dc8c709b98b43b3852b337216179aa7fc7"
+
+PSA hash multi part: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+depends_on:PSA_WANT_ALG_SHA3_512
+hash_multi_part:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"

From 2ba9df2c1b7873507d7316b37a793a6feaf64056 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 10:11:31 +0800
Subject: [PATCH 105/264] code_size_compare: direct error message by
 logger.error

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 0c29c41faa..53d4e3b6d9 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -262,16 +262,16 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
                               "and configuration: {}.\n"
                               .format(self.arch,
                                       self.config))
-            self.logger.info("Please use supported combination of " \
+            self.logger.error("Please use supported combination of " \
                              "architecture and configuration:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
-                self.logger.info(comb)
-            self.logger.info("")
-            self.logger.info("For your system, please use:")
+                self.logger.error(comb)
+            self.logger.error("")
+            self.logger.error("For your system, please use:")
             for comb in CodeSizeBuildInfo.SupportedArchConfig:
                 if "default" in comb and self.host_arch not in comb:
                     continue
-                self.logger.info(comb)
+                self.logger.error(comb)
             sys.exit(1)
 
 

From 533cde22c02fe31145d857c76889b999bdd70d06 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 10:17:17 +0800
Subject: [PATCH 106/264] code_size_compare: set log level as ERROR in option
 --stdout

If we use option --stdout, the logging level is set as
logging.ERROR. But --verbose is able to overwrite logging level as
logging.INFO if we want to display intermediate log in the process
of code size comparison.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 53d4e3b6d9..2bb8b0e2a6 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -856,7 +856,10 @@ def main():
 
     logger = logging.getLogger()
     logging_util.configure_logger(logger)
-    logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
+    if comp_args.stdout and not comp_args.verbose:
+        logger.setLevel(logging.ERROR)
+    else:
+        logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
 
     if os.path.isfile(comp_args.comp_dir):
         logger.error("{} is not a directory".format(comp_args.comp_dir))

From ea842e791bc3d5aea864365356f0c141444b6586 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 10:34:39 +0800
Subject: [PATCH 107/264] code_size_compare: print prompt message under correct
 condition

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 2bb8b0e2a6..55d116e8fa 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -776,10 +776,6 @@ class CodeSizeComparison:
                                  self.new_size_dist_info.git_rev))
         if self.result_options.stdout:
             output = sys.stdout
-            print("Measure code size between `{}` and `{}` by `{}`."
-                  .format(self.old_size_dist_info.get_info_indication(),
-                          self.new_size_dist_info.get_info_indication(),
-                          self.size_common_info.get_info_indication()))
         else:
             output_file = os.path.join(
                 self.comp_dir,
@@ -792,6 +788,12 @@ class CodeSizeComparison:
         self.logger.debug("Generating comparison results between {} and {}."
                           .format(self.old_size_dist_info.git_rev,
                                   self.new_size_dist_info.git_rev))
+        if self.result_options.with_markdown or self.result_options.stdout:
+            print("Measure code size between {} and {} by `{}`."
+                  .format(self.old_size_dist_info.get_info_indication(),
+                          self.new_size_dist_info.get_info_indication(),
+                          self.size_common_info.get_info_indication()),
+                  file=output)
         self.code_size_generator.write_comparison(
             self.old_size_dist_info.git_rev,
             self.new_size_dist_info.git_rev,

From bef1acd7b805c42f388bad3000efe9b1a616dc74 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 10:45:11 +0800
Subject: [PATCH 108/264] code_size_compare: left align file names in markdown
 table

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 55d116e8fa..4642906446 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -625,7 +625,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                              "change(text,data)", "change%(text,data)"))
         if with_markdown:
             output.write(format_string
-                         .format("----:", "----:", "----:", "----:", "----:"))
+                         .format(":----", "----:", "----:", "----:", "----:"))
 
         for mod, fname, size_entry in \
                 self._size_reader_helper(new_rev, output, with_markdown):

From 68265f41d7b805727fdf1126cd8789999dea4fca Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 14:44:52 +0800
Subject: [PATCH 109/264] code_size_compare: use `current` as default new Git
 revision

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 4642906446..d4285fd610 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -828,7 +828,7 @@ def main():
         help='directory where comparison result is stored. '
              '(Default: comparison)')
     group_optional.add_argument(
-        '-n', '--new-rev', type=str, default=None,
+        '-n', '--new-rev', type=str, default='current',
         help='new Git revision as comparison base. '
              '(Default is the current work directory, including uncommitted '
              'changes.)')
@@ -867,18 +867,17 @@ def main():
         logger.error("{} is not a directory".format(comp_args.comp_dir))
         parser.exit()
 
-    old_revision = CodeSizeCalculator.validate_git_revision(comp_args.old_rev)
-    if comp_args.new_rev is not None:
-        new_revision = CodeSizeCalculator.validate_git_revision(
+    comp_args.old_rev = CodeSizeCalculator.validate_git_revision(
+        comp_args.old_rev)
+    if comp_args.new_rev != 'current':
+        comp_args.new_rev = CodeSizeCalculator.validate_git_revision(
             comp_args.new_rev)
-    else:
-        new_revision = 'current'
 
     # version, git_rev, arch, config, compiler, opt_level
     old_size_dist_info = CodeSizeDistinctInfo(
-        'old', old_revision, comp_args.arch, comp_args.config, 'cc', '-Os')
+        'old', comp_args.old_rev, comp_args.arch, comp_args.config, 'cc', '-Os')
     new_size_dist_info = CodeSizeDistinctInfo(
-        'new', new_revision, comp_args.arch, comp_args.config, 'cc', '-Os')
+        'new', comp_args.new_rev, comp_args.arch, comp_args.config, 'cc', '-Os')
     # host_arch, measure_cmd
     size_common_info = CodeSizeCommonInfo(
         detect_arch(), 'size -t')

From 15b1358f220139f7705aed74c541e6c3fd8d5a2c Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 14:48:08 +0800
Subject: [PATCH 110/264] logging_util: rename argument

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/mbedtls_dev/logging_util.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py
index 962361a495..85a3f19ace 100644
--- a/scripts/mbedtls_dev/logging_util.py
+++ b/scripts/mbedtls_dev/logging_util.py
@@ -21,11 +21,11 @@ import sys
 
 def configure_logger(
         logger: logging.Logger,
-        logger_format="[%(levelname)s]: %(message)s"
+        log_format="[%(levelname)s]: %(message)s"
     ) -> None:
     """
     Configure the logging.Logger instance so that:
-        - Format is set to any logger_format.
+        - Format is set to any log_format.
             Default: "[%(levelname)s]: %(message)s"
         - loglevel >= WARNING are printed to stderr.
         - loglevel <  WARNING are printed to stdout.
@@ -39,7 +39,7 @@ def configure_logger(
         def filter(self, record: logging.LogRecord) -> bool:
             return record.levelno <= self.max_level
 
-    log_formatter = logging.Formatter(logger_format)
+    log_formatter = logging.Formatter(log_format)
 
     # set loglevel >= WARNING to be printed to stderr
     stderr_hdlr = logging.StreamHandler(sys.stderr)

From 6ef5049b9ffb9ce6688e7ca9deac22595e4b1b64 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 14:59:37 +0800
Subject: [PATCH 111/264] code_size_compare: simplify some code for python
 dictionary

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index d4285fd610..9b81b82f1d 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -92,9 +92,7 @@ class CodeSizeDistinctInfo: # pylint: disable=too-few-public-methods
 
     def get_info_indication(self):
         """Return a unique string to indicate Code Size Distinct Information."""
-        return '{rev}-{arch}-{config}-{cc}'\
-               .format(rev=self.git_rev, arch=self.arch, config=self.config,
-                       cc=self.compiler)
+        return '{git_rev}-{arch}-{config}-{compiler}'.format(**self.__dict__)
 
 
 class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
@@ -518,10 +516,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             # file_name: SizeEntry(text, data, bss, dec)
             size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry(
                 data[0], data[1], data[2], data[3])
-        if git_rev in self.code_size:
-            self.code_size[git_rev].update({mod: size_record})
-        else:
-            self.code_size[git_rev] = {mod: size_record}
+        self.code_size.setdefault(git_rev, {}).update({mod: size_record})
 
     def read_size_record(self, git_rev: str, fname: str) -> None:
         """Read size information from csv file and write it into code_size.

From a279ca9ff8dcfcfa6fa0317fdda9efe27f65f3d9 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 15:01:10 +0800
Subject: [PATCH 112/264] code_size_compare: remove unnecessary -r in cp
 command

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 9b81b82f1d..5fa6d8f787 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -222,9 +222,9 @@ class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods
         """Infer command to set up proper configuration before running make."""
         pre_make_cmd = [] #type: typing.List[str]
         if self.config == SupportedConfig.TFM_MEDIUM.value:
-            pre_make_cmd.append('cp -r {src} {dest}'
+            pre_make_cmd.append('cp {src} {dest}'
                                 .format(src=TFM_MEDIUM_CONFIG_H, dest=CONFIG_H))
-            pre_make_cmd.append('cp -r {src} {dest}'
+            pre_make_cmd.append('cp {src} {dest}'
                                 .format(src=TFM_MEDIUM_CRYPTO_CONFIG_H,
                                         dest=CRYPTO_CONFIG_H))
 

From 9e8b671b1c52d29227feb770c65730a01ca7e5e7 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 15:37:26 +0800
Subject: [PATCH 113/264] code_size_compare: check --record-dir properly

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 5fa6d8f787..89d8fe92ce 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -815,11 +815,11 @@ def main():
         'optional arguments',
         'optional arguments to parse for running ' + os.path.basename(__file__))
     group_optional.add_argument(
-        '--record_dir', type=str, default='code_size_records',
+        '--record-dir', type=str, default='code_size_records',
         help='directory where code size record is stored. '
              '(Default: code_size_records)')
     group_optional.add_argument(
-        '-r', '--comp-dir', type=str, default='comparison',
+        '--comp-dir', type=str, default='comparison',
         help='directory where comparison result is stored. '
              '(Default: comparison)')
     group_optional.add_argument(
@@ -858,9 +858,14 @@ def main():
     else:
         logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
 
+    if os.path.isfile(comp_args.record_dir):
+        logger.error("record directory: {} is not a directory"
+                     .format(comp_args.record_dir))
+        sys.exit(1)
     if os.path.isfile(comp_args.comp_dir):
-        logger.error("{} is not a directory".format(comp_args.comp_dir))
-        parser.exit()
+        logger.error("comparison directory: {} is not a directory"
+                     .format(comp_args.comp_dir))
+        sys.exit(1)
 
     comp_args.old_rev = CodeSizeCalculator.validate_git_revision(
         comp_args.old_rev)

From 6ae94a0a72b6345b07727ad0713c081352425719 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 17:12:57 +0800
Subject: [PATCH 114/264] code_size_compare: make sure _remove_worktree
 executed

Add try and finally to make sure we remove worktree as expected even
if we hit errors by accident.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 89d8fe92ce..cc43dc75d7 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -423,9 +423,11 @@ class CodeSizeCalculator:
         """
 
         git_worktree_path = self._create_git_worktree()
-        self._build_libraries(git_worktree_path)
-        res = self._gen_raw_code_size(git_worktree_path)
-        self._remove_worktree(git_worktree_path)
+        try:
+            self._build_libraries(git_worktree_path)
+            res = self._gen_raw_code_size(git_worktree_path)
+        finally:
+            self._remove_worktree(git_worktree_path)
 
         return res
 

From ca9a3cbc1de8961707f078cab9ec0138eaeed84f Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 26 Jul 2023 17:16:29 +0800
Subject: [PATCH 115/264] code_size_compare: detect architecture of x86_32
 properly

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index cc43dc75d7..3b988a6231 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -147,7 +147,7 @@ def detect_arch() -> str:
         return SupportedArch.AARCH32.value
     if '__x86_64__' in cc_output:
         return SupportedArch.X86_64.value
-    if '__x86__' in cc_output:
+    if '__i386__' in cc_output:
         return SupportedArch.X86.value
     else:
         print("Unknown host architecture, cannot auto-detect arch.")

From e0ac2ffbf043c7f100bc4daa72f9dee403f58643 Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Wed, 26 Jul 2023 11:45:51 +0100
Subject: [PATCH 116/264] Clarify in README.md that 'the project' is Mbed TLS

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cbdb2df3aa..449be1e978 100644
--- a/README.md
+++ b/README.md
@@ -313,7 +313,7 @@ Unless specifically indicated otherwise in a file, Mbed TLS files are provided u
 This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below:
 
 * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license.
-* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is also used by the project under the Apache 2.0 license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project.
+* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is also used by Mbed TLS under the Apache 2.0 license. We do not plan to regularly update these files, so they may not contain fixes and improvements present in the upstream project.
 
 Contributing
 ------------

From f884e603b952a511dcdf777e636da1074eed1340 Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Wed, 26 Jul 2023 11:44:45 +0100
Subject: [PATCH 117/264] Have a single source of truth for licensing
 information
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We had information in both README.md and CONTRIBUTING.md about Mbed TLS licensing,
but the information in CONTRIBUTING.md was missing that authors still need to
accept that their contributions may be distributed under both Apache 2.0 and
GPLv2-or-later.

Move all but the most high-level “Mbed TLS files are provided under the
Apache-2.0 license” statement to CONTRIBUTING.md, and tidy up the text a bit.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 CONTRIBUTING.md | 10 ++++++++--
 README.md       |  3 ++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 3a8c5c65bd..0510065b2b 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -84,8 +84,14 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out
 License and Copyright
 ---------------------
 
-All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. For licensing details, please see the [License section of the README](README.md#License).
+Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license.
+
+Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 or GPL-2.0-or-later licenses.
+
+All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible.
 
 The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors".
 
-When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and be subject to the same Apache 2.0 license. This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line.
+When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and be subject to either or both the Apache 2.0 and/or GPL-2.0-or-later licenses.
+
+This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line.
diff --git a/README.md b/README.md
index 449be1e978..a3fcd2e154 100644
--- a/README.md
+++ b/README.md
@@ -307,9 +307,10 @@ When using drivers, you will generally want to enable two compilation options (s
 License
 -------
 
-Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license. Contributors must accept that their contributions are made under both the Apache-2.0 AND [GPL-2.0-or-later](https://spdx.org/licenses/GPL-2.0-or-later.html) licenses. This enables LTS (Long Term Support) branches of the software to be provided under either the Apache-2.0 OR GPL-2.0-or-later licenses.
+Unless specifically indicated otherwise in a file, Mbed TLS files are provided under the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) license. See the [LICENSE](LICENSE) file for the full text of this license, and [the 'License and Copyright' section in the contributing guidelines](CONTRIBUTING.md#License-and-Copyright) for more information.
 
 ### Third-party code included in Mbed TLS
+
 This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, and in source files. The projects are listed below:
 
 * `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license.

From 2be22a00eb6e203514937c1cb3a1150fbc25d183 Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Wed, 26 Jul 2023 12:32:34 +0100
Subject: [PATCH 118/264] Update CONTRIBUTING.md

Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 CONTRIBUTING.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 0510065b2b..8454fb8ea5 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -92,6 +92,6 @@ All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2
 
 The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors".
 
-When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and be subject to either or both the Apache 2.0 and/or GPL-2.0-or-later licenses.
+When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and is submitted under both the Apache-2.0 AND GPL-2.0-or-later licenses.
 
 This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line.

From fe5adfe54708b146ddda295961c635bb5472f27f Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 26 Jul 2023 17:58:48 +0100
Subject: [PATCH 119/264] Add HMAC test-cases for SHA3

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data  | 19 ++++++++++
 .../test_suite_psa_crypto_hash.function       | 35 +++++++++++++++++++
 2 files changed, 54 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 769df58e1d..58bf0cf50b 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -609,3 +609,22 @@ hash_multi_part:PSA_ALG_SHA3_384:"6162636465666768626364656667686963646566676869
 PSA hash multi part: SHA3-512 Test Vector NIST 896 bits: "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
 depends_on:PSA_WANT_ALG_SHA3_512
 hash_multi_part:PSA_ALG_SHA3_512:"61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f696a6b6c6d6e6f706a6b6c6d6e6f70716b6c6d6e6f7071726c6d6e6f707172736d6e6f70717273746e6f707172737475":"afebb2ef542e6579c50cad06d2e578f9f8dd6881d7dc824d26360feebf18a4fa73e3261122948efcfd492e74e82e2189ed0fb440d187f382270cb455f21dd185"
+
+# HMAC test vectors generated in python with e.g.
+# import hmac; hmac.new(bytes([0xaa]*32), b'abc', 'SHA3-224').hexdigest()
+
+PSA HMAC SHA3-224
+depends_on:PSA_WANT_ALG_SHA3_224
+hmac:PSA_ALG_SHA3_224:"abc":"bf0905154ad610b6a3d6d0b9a1c692494e987337d956624a066d7a1f"
+
+PSA HMAC SHA3-256
+depends_on:PSA_WANT_ALG_SHA3_256
+hmac:PSA_ALG_SHA3_256:"abc":"a986419a162b6d4731a8e96e44a2c6e784d50137907b457c9fb77c62705dc4d9"
+
+PSA HMAC SHA3-384
+depends_on:PSA_WANT_ALG_SHA3_384
+hmac:PSA_ALG_SHA3_384:"abc":"87b864ee25f8bfebd516eddd7cdd400d3c368a09e4b1fabaee5636da8a9c876c3f802c366537663910f2e6c5a8426381"
+
+PSA HMAC SHA3-512
+depends_on:PSA_WANT_ALG_SHA3_512
+hmac:PSA_ALG_SHA3_512:"abc":"2cef45b6950e41a70bc85cb431b2161d47c9e2932187fa15d80e3b7af1da38aa8fe823a72efd7e536e5236a5b0798418d8c8f08b0de5fc262867bb3752b6482d"
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index f12541d686..75dde55308 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -1,6 +1,7 @@
 /* BEGIN_HEADER */
 
 #include <stdint.h>
+#include "psa/crypto.h"
 
 /* END_HEADER */
 
@@ -34,6 +35,40 @@ exit:
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void hmac(int alg_arg, char *input, data_t *expected_mac)
+{
+    psa_algorithm_t alg = PSA_ALG_HMAC(alg_arg);
+
+    mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
+    psa_key_type_t key_type = PSA_KEY_TYPE_HMAC;
+    const uint8_t key_data[] = { // 32 bytes of 0xaa
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+        0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa
+    };
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+    PSA_ASSERT(psa_crypto_init());
+
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+    psa_set_key_algorithm(&attributes, alg);
+    psa_set_key_type(&attributes, key_type);
+    PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), &key));
+
+    uint8_t mac[PSA_MAC_MAX_SIZE + 10] = { 0 };
+    size_t mac_length = 0;
+
+    PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, strlen(input), mac, sizeof(mac), &mac_length));
+
+    ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length);
+
+    PSA_ASSERT(psa_destroy_key(key));
+exit:
+    PSA_DONE();
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void hash_verify(int alg_arg, data_t *input, data_t *expected_hash)
 {

From faff45c917fee85ea3d624c07d2044f7c3c4fb27 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 26 Jul 2023 18:13:58 +0100
Subject: [PATCH 120/264] Add HMAC tests for other digest algorithms

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data | 24 ++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 58bf0cf50b..5f4313a15e 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -628,3 +628,27 @@ hmac:PSA_ALG_SHA3_384:"abc":"87b864ee25f8bfebd516eddd7cdd400d3c368a09e4b1fabaee5
 PSA HMAC SHA3-512
 depends_on:PSA_WANT_ALG_SHA3_512
 hmac:PSA_ALG_SHA3_512:"abc":"2cef45b6950e41a70bc85cb431b2161d47c9e2932187fa15d80e3b7af1da38aa8fe823a72efd7e536e5236a5b0798418d8c8f08b0de5fc262867bb3752b6482d"
+
+PSA HMAC SHA-1
+depends_on:PSA_WANT_ALG_SHA_1
+hmac:PSA_ALG_SHA_1:"abc":"0b3a7f96afea3e14a0835f7c9468a24649f85596"
+
+PSA HMAC SHA-224
+depends_on:PSA_WANT_ALG_SHA_224
+hmac:PSA_ALG_SHA_224:"abc":"249c405cef8bcd3ceeafdb9a933179739fb9b1d7f174df4667ec82f3"
+
+PSA HMAC SHA-256
+depends_on:PSA_WANT_ALG_SHA_256
+hmac:PSA_ALG_SHA_256:"abc":"b89a1b878289c739595104da55b6f7a8afec3e0757fc166080dc267c09c46841"
+
+PSA HMAC SHA-384
+depends_on:PSA_WANT_ALG_SHA_384
+hmac:PSA_ALG_SHA_384:"abc":"25a8b55c884bc38286305f76332631726498f5586280b88bc6179cd00c6878fb7d1bb3ee1643fcd2fb02b95823ff1af2"
+
+PSA HMAC SHA-512
+depends_on:PSA_WANT_ALG_SHA_512
+hmac:PSA_ALG_SHA_512:"abc":"d6e5eebb5cf27f5b686fefc416ee8c431bb10770216aa3c6ba13897ef3fc040b98abc53b95039f2c50622473f958af64a3cae1afbea8ffffa8d35ca24f31e222"
+
+PSA HMAC RIPEMD160
+depends_on:PSA_WANT_ALG_RIPEMD160
+hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2"

From 44fae4908d8fed4b07f73f33ebc1b88184b2dc7c Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 26 Jul 2023 18:45:19 +0100
Subject: [PATCH 121/264] Add PSA HMAC MD5 test

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 5f4313a15e..33ced8239d 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -652,3 +652,7 @@ hmac:PSA_ALG_SHA_512:"abc":"d6e5eebb5cf27f5b686fefc416ee8c431bb10770216aa3c6ba13
 PSA HMAC RIPEMD160
 depends_on:PSA_WANT_ALG_RIPEMD160
 hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2"
+
+PSA HMAC MD5
+depends_on:PSA_WANT_ALG_MD5
+hmac:PSA_ALG_MD5:"abc":"39677b12b80118927387aa4a65d16a5e"

From 6f09267646f0e8ec0dacdb81dbf701860f9efeb8 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 27 Jul 2023 10:15:13 +0800
Subject: [PATCH 122/264] code_size_compare: remove column of percentage for
 code size change

Percentage is not a useful number when looking at code size changes.
Since it depends on the base of the code size. It might give
misleading information by simply looking at the numbers.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 23 ++++++++---------------
 1 file changed, 8 insertions(+), 15 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 3b988a6231..48e129bcc9 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -594,7 +594,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         """Write comparison result into a file.
 
         Writing Format: file_name current(text,data) old(text,data)\
-                change(text,data) change_pct%(text,data)
+                change(text,data)
         """
 
         def cal_size_section_variation(mod, fname, size_entry, attr):
@@ -603,26 +603,22 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             if fname in self.code_size[old_rev][mod]:
                 old_size = int(self.code_size[old_rev][mod][fname].__dict__[attr])
                 change = new_size - old_size
-                if old_size != 0:
-                    change_pct = change / old_size
-                else:
-                    change_pct = 0
-                return [new_size, old_size, change, change_pct]
+                return [new_size, old_size, change]
             else:
                 return [new_size]
 
         if with_markdown:
-            format_string = "| {:<30} | {:<18} | {:<14} | {:<17} | {:<18} |\n"
+            format_string = "| {:<30} | {:<18} | {:<14} | {:<17} |\n"
         else:
-            format_string = "{:<30} {:<18} {:<14} {:<17} {:<18}\n"
+            format_string = "{:<30} {:<18} {:<14} {:<17}\n"
 
         output.write(format_string
                      .format("filename",
                              "current(text,data)", "old(text,data)",
-                             "change(text,data)", "change%(text,data)"))
+                             "change(text,data)"))
         if with_markdown:
             output.write(format_string
-                         .format(":----", "----:", "----:", "----:", "----:"))
+                         .format(":----", "----:", "----:", "----:"))
 
         for mod, fname, size_entry in \
                 self._size_reader_helper(new_rev, output, with_markdown):
@@ -644,17 +640,14 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                             # old(text,data)
                             str(text_vari[1]) + "," + str(data_vari[1]),
                             # change(text,data)
-                            str(text_vari[2]) + "," + str(data_vari[2]),
-                            # change%(text,data)
-                            "{:.0%}".format(text_vari[3]) + ","
-                            + "{:.0%}".format(data_vari[3])))
+                            str(text_vari[2]) + "," + str(data_vari[2])))
             else:
                 output.write(
                     format_string
                     .format(fname,
                             # current(text,data)
                             str(text_vari[0]) + "," + str(data_vari[0]),
-                            'None', 'None', 'None'))
+                            'None', 'None'))
 
 
 class CodeSizeComparison:

From 4dfc132bcbc8e1eb528ab94aaa27827071ff5cbd Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 27 Jul 2023 10:44:50 +0800
Subject: [PATCH 123/264] code_size_compare: change format for comparison
 result

The result format for code size comparison is:

filename new(text) new(data) change(text) change(data)
yyy.o    xxx       xxx       xx           xx

The numbers followed are in bytes.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 48e129bcc9..4a50c5b334 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -593,7 +593,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     ) -> None:
         """Write comparison result into a file.
 
-        Writing Format: file_name current(text,data) old(text,data)\
+        Writing Format: file_name new(text,data) old(text,data)\
                 change(text,data)
         """
 
@@ -608,17 +608,17 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 return [new_size]
 
         if with_markdown:
-            format_string = "| {:<30} | {:<18} | {:<14} | {:<17} |\n"
+            format_string = "| {:<30} | {:<9} | {:<9} | {:<12} | {:<12} |\n"
         else:
-            format_string = "{:<30} {:<18} {:<14} {:<17}\n"
+            format_string = "{:<30} {:<9} {:<9} {:<12} {:<12}\n"
 
         output.write(format_string
                      .format("filename",
-                             "current(text,data)", "old(text,data)",
-                             "change(text,data)"))
+                             "new(text)", "new(data)", "change(text)",
+                             "change(data)"))
         if with_markdown:
             output.write(format_string
-                         .format(":----", "----:", "----:", "----:"))
+                         .format(":----", "----:", "----:", "----:", "----:"))
 
         for mod, fname, size_entry in \
                 self._size_reader_helper(new_rev, output, with_markdown):
@@ -635,18 +635,17 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 output.write(
                     format_string
                     .format(fname,
-                            # current(text,data)
-                            str(text_vari[0]) + "," + str(data_vari[0]),
-                            # old(text,data)
-                            str(text_vari[1]) + "," + str(data_vari[1]),
-                            # change(text,data)
-                            str(text_vari[2]) + "," + str(data_vari[2])))
+                            # new(text), new(data)
+                            str(text_vari[0]), str(data_vari[0]),
+                            # change(text), change(data)
+                            str(text_vari[2]), str(data_vari[2])))
             else:
                 output.write(
                     format_string
                     .format(fname,
-                            # current(text,data)
-                            str(text_vari[0]) + "," + str(data_vari[0]),
+                            # new(text), new(data)
+                            str(text_vari[0]), str(data_vari[0]),
+                            # change(text), change(data)
                             'None', 'None'))
 
 

From 0c383858580d24888e57377f9946b97972fb5c43 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 12:54:09 +0100
Subject: [PATCH 124/264] Use psa_mac_compare in tests; add some HMAC
 edge-cases

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data     | 12 ++++++++++++
 tests/suites/test_suite_psa_crypto_hash.function |  7 +++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 33ced8239d..f957bf16d3 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -656,3 +656,15 @@ hmac:PSA_ALG_RIPEMD160:"abc":"114a5cf4637f57c044472e1a0b87cce9137190b2"
 PSA HMAC MD5
 depends_on:PSA_WANT_ALG_MD5
 hmac:PSA_ALG_MD5:"abc":"39677b12b80118927387aa4a65d16a5e"
+
+PSA HMAC input length 0
+depends_on:PSA_WANT_ALG_SHA_256
+hmac:PSA_ALG_SHA_256:"":"63210aee265762634fa3db8c1aa920dcd07d31ec297309580394a21412f83372"
+
+PSA HMAC input length 1
+depends_on:PSA_WANT_ALG_SHA_256
+hmac:PSA_ALG_SHA_256:"x":"f61c11d66441e3c0b9902a8491caa2da5a0d0d95ef0fc61d8a3b5ea5e0416f5c"
+
+PSA HMAC input length 2890
+depends_on:PSA_WANT_ALG_SHA_256
+hmac:PSA_ALG_SHA_256:"0123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999":"dd2e08786029097be5f634fda74a7e20e3e1638e71282892c4fd21d9a71ae418"
diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index 75dde55308..8ee459e435 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -51,7 +51,7 @@ void hmac(int alg_arg, char *input, data_t *expected_mac)
 
     PSA_ASSERT(psa_crypto_init());
 
-    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
+    psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE);
     psa_set_key_algorithm(&attributes, alg);
     psa_set_key_type(&attributes, key_type);
     PSA_ASSERT(psa_import_key(&attributes, key_data, sizeof(key_data), &key));
@@ -59,10 +59,13 @@ void hmac(int alg_arg, char *input, data_t *expected_mac)
     uint8_t mac[PSA_MAC_MAX_SIZE + 10] = { 0 };
     size_t mac_length = 0;
 
-    PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, strlen(input), mac, sizeof(mac), &mac_length));
+    size_t input_len = strlen(input);
+    PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), &mac_length));
 
     ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length);
 
+    PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len));
+
     PSA_ASSERT(psa_destroy_key(key));
 exit:
     PSA_DONE();

From d2c9f6d256990628f8179ad6e3006f38f6db166d Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 13:00:02 +0100
Subject: [PATCH 125/264] Strengthen psa_mac_verify testing

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.function | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index 8ee459e435..bd3012c4d1 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -62,10 +62,16 @@ void hmac(int alg_arg, char *input, data_t *expected_mac)
     size_t input_len = strlen(input);
     PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), &mac_length));
 
+    // manual comparison against expected MAC
     ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length);
 
+    // use psa_mac_verify to compare to expected MAC
     PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len));
 
+    // corrupt the MAC and check that psa_mac_verify fails
+    expected_mac->x[0] ^= 0x7f;
+    TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len), PSA_ERROR_INVALID_SIGNATURE);
+
     PSA_ASSERT(psa_destroy_key(key));
 exit:
     PSA_DONE();

From 5c603822011b726498f52e914109bd351c50b008 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 13:28:41 +0100
Subject: [PATCH 126/264] code style

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.function | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_hash.function b/tests/suites/test_suite_psa_crypto_hash.function
index bd3012c4d1..de009a3ad6 100644
--- a/tests/suites/test_suite_psa_crypto_hash.function
+++ b/tests/suites/test_suite_psa_crypto_hash.function
@@ -60,17 +60,20 @@ void hmac(int alg_arg, char *input, data_t *expected_mac)
     size_t mac_length = 0;
 
     size_t input_len = strlen(input);
-    PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac), &mac_length));
+    PSA_ASSERT(psa_mac_compute(key, alg, (uint8_t const *) input, input_len, mac, sizeof(mac),
+                               &mac_length));
 
     // manual comparison against expected MAC
     ASSERT_COMPARE(expected_mac->x, expected_mac->len, mac, mac_length);
 
     // use psa_mac_verify to compare to expected MAC
-    PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len));
+    PSA_ASSERT(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x,
+                              expected_mac->len));
 
     // corrupt the MAC and check that psa_mac_verify fails
     expected_mac->x[0] ^= 0x7f;
-    TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x, expected_mac->len), PSA_ERROR_INVALID_SIGNATURE);
+    TEST_EQUAL(psa_mac_verify(key, alg, (uint8_t const *) input, input_len, expected_mac->x,
+                              expected_mac->len), PSA_ERROR_INVALID_SIGNATURE);
 
     PSA_ASSERT(psa_destroy_key(key));
 exit:

From 2d626cc44fc32112d1e95160f6fd28d32ed8535a Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 14:43:55 +0100
Subject: [PATCH 127/264] Fix missing opening brace in comments

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/oid.h | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index f894205892..133e5d41b2 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -270,13 +270,13 @@
 
 #define MBEDTLS_OID_DIGEST_ALG_RIPEMD160        MBEDTLS_OID_TELETRUST "\x03\x02\x01" /**< id-ripemd160 OBJECT IDENTIFIER :: { iso(1) identified-organization(3) teletrust(36) algorithm(3) hashAlgorithm(2) ripemd160(1) } */
 
-#define MBEDTLS_OID_DIGEST_ALG_SHA3_224         MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_224         MBEDTLS_OID_NIST_ALG "\x02\x07" /**< id-sha3-224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-224(7) } */
 
-#define MBEDTLS_OID_DIGEST_ALG_SHA3_256         MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_256         MBEDTLS_OID_NIST_ALG "\x02\x08" /**< id-sha3-256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-256(8) } */
 
-#define MBEDTLS_OID_DIGEST_ALG_SHA3_384         MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_384         MBEDTLS_OID_NIST_ALG "\x02\x09" /**< id-sha3-384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-384(9) } */
 
-#define MBEDTLS_OID_DIGEST_ALG_SHA3_512         MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */
+#define MBEDTLS_OID_DIGEST_ALG_SHA3_512         MBEDTLS_OID_NIST_ALG "\x02\x0a" /**< id-sha3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) sha3-512(10) } */
 
 
 #define MBEDTLS_OID_HMAC_SHA1                   MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */

From a2cdc840de5aa0363d45ce9ebbba95cdda8ed7a9 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 14:44:13 +0100
Subject: [PATCH 128/264] Fix pre-existing missing closing #endif comment

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/oid.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/oid.c b/library/oid.c
index 9ea41cbae2..43fa0003d9 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -820,7 +820,7 @@ static const oid_md_hmac_t oid_md_hmac[] =
         OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA224,    "hmacSHA224",    "HMAC-SHA-224"),
         MBEDTLS_MD_SHA224,
     },
-#endif
+#endif /* MBEDTLS_MD_CAN_SHA224 */
 #if defined(MBEDTLS_MD_CAN_SHA256)
     {
         OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA256,    "hmacSHA256",    "HMAC-SHA-256"),

From 5cc67a3ee2fc2676d84b71dfc5bbaad6caec01eb Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 14:44:35 +0100
Subject: [PATCH 129/264] Add OIDs for HMAC-SHA3

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/oid.h |  8 ++++++++
 library/oid.c         | 24 ++++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index 133e5d41b2..3c9831be54 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -289,6 +289,14 @@
 
 #define MBEDTLS_OID_HMAC_SHA512                 MBEDTLS_OID_RSA_COMPANY "\x02\x0B" /**< id-hmacWithSHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 11 } */
 
+#define MBEDTLS_OID_HMAC_SHA3_224               MBEDTLS_OID_NIST_ALG "\x02\x0d" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-224(13) } */
+
+#define MBEDTLS_OID_HMAC_SHA3_256               MBEDTLS_OID_NIST_ALG "\x02\x0e" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-256(14) } */
+
+#define MBEDTLS_OID_HMAC_SHA3_384               MBEDTLS_OID_NIST_ALG "\x02\x0f" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-384(15) } */
+
+#define MBEDTLS_OID_HMAC_SHA3_512               MBEDTLS_OID_NIST_ALG "\x02\x10" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-512(16) } */
+
 /*
  * Encryption algorithms
  */
diff --git a/library/oid.c b/library/oid.c
index 43fa0003d9..e12f92485c 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -839,6 +839,30 @@ static const oid_md_hmac_t oid_md_hmac[] =
         MBEDTLS_MD_SHA512,
     },
 #endif /* MBEDTLS_MD_CAN_SHA512 */
+#if defined(MBEDTLS_MD_CAN_SHA3_224)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_224,    "hmacSHA3-224",    "HMAC-SHA3-224"),
+        MBEDTLS_MD_SHA3_224,
+    },
+#endif /* MBEDTLS_MD_CAN_SHA3_224 */
+#if defined(MBEDTLS_MD_CAN_SHA3_256)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_256,    "hmacSHA3-256",    "HMAC-SHA3-256"),
+        MBEDTLS_MD_SHA3_256,
+    },
+#endif /* MBEDTLS_MD_CAN_SHA3_256 */
+#if defined(MBEDTLS_MD_CAN_SHA3_384)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_384,    "hmacSHA3-384",    "HMAC-SHA3-384"),
+        MBEDTLS_MD_SHA3_384,
+    },
+#endif /* MBEDTLS_MD_CAN_SHA3_384 */
+#if defined(MBEDTLS_MD_CAN_SHA3_512)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_HMAC_SHA3_512,    "hmacSHA3-512",    "HMAC-SHA3-512"),
+        MBEDTLS_MD_SHA3_512,
+    },
+#endif /* MBEDTLS_MD_CAN_SHA3_512 */
     {
         NULL_OID_DESCRIPTOR,
         MBEDTLS_MD_NONE,

From f2e3eb8bd9f4c5bde788076e2cb6a42979295822 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 15:46:05 +0100
Subject: [PATCH 130/264] Add OID for HMAC-RIPEMD160

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 include/mbedtls/oid.h | 2 ++
 library/oid.c         | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index 3c9831be54..9545072296 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -297,6 +297,8 @@
 
 #define MBEDTLS_OID_HMAC_SHA3_512               MBEDTLS_OID_NIST_ALG "\x02\x10" /**< id-hmacWithSHA3-512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistAlgorithms(4) hashalgs(2) hmacWithSHA3-512(16) } */
 
+#define MBEDTLS_OID_HMAC_RIPEMD160              MBEDTLS_OID_INTERNET "\x05\x05\x08\x01\x04" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= {iso(1) iso-identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1) hmacRIPEMD160(4)} */
+
 /*
  * Encryption algorithms
  */
diff --git a/library/oid.c b/library/oid.c
index e12f92485c..608b6c8ca8 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -863,6 +863,12 @@ static const oid_md_hmac_t oid_md_hmac[] =
         MBEDTLS_MD_SHA3_512,
     },
 #endif /* MBEDTLS_MD_CAN_SHA3_512 */
+#if defined(MBEDTLS_MD_CAN_RIPEMD160)
+    {
+        OID_DESCRIPTOR(MBEDTLS_OID_HMAC_RIPEMD160,    "hmacRIPEMD160",    "HMAC-RIPEMD160"),
+        MBEDTLS_MD_RIPEMD160,
+    },
+#endif /* MBEDTLS_MD_CAN_RIPEMD160 */
     {
         NULL_OID_DESCRIPTOR,
         MBEDTLS_MD_NONE,

From a0f81e8ef853f4dfef1e6f776b722fbb073a5e82 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 27 Jul 2023 15:46:33 +0100
Subject: [PATCH 131/264] Add OID tests for HMAC-xxx

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_oid.data     | 40 ++++++++++++++++++++++++++++
 tests/suites/test_suite_oid.function | 23 ++++++++++++++++
 2 files changed, 63 insertions(+)

diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data
index cc23c5b665..f8f1d43aa1 100644
--- a/tests/suites/test_suite_oid.data
+++ b/tests/suites/test_suite_oid.data
@@ -201,3 +201,43 @@ oid_from_numeric_string:"2.4294967215":0:"8FFFFFFF7F"
 
 OID from numeric string - OID with overflowing subidentifier
 oid_from_numeric_string:"2.4294967216":MBEDTLS_ERR_ASN1_INVALID_DATA:""
+
+mbedtls_oid_get_md_hmac - RIPEMD160
+depends_on:MBEDTLS_MD_CAN_RIPEMD160
+mbedtls_oid_get_md_hmac:"2B06010505080104":MBEDTLS_MD_RIPEMD160
+
+mbedtls_oid_get_md_hmac - SHA1
+depends_on:MBEDTLS_MD_CAN_SHA1
+mbedtls_oid_get_md_hmac:"2A864886F70D0207":MBEDTLS_MD_SHA1
+
+mbedtls_oid_get_md_hmac - SHA224
+depends_on:MBEDTLS_MD_CAN_SHA224
+mbedtls_oid_get_md_hmac:"2A864886F70D0208":MBEDTLS_MD_SHA224
+
+mbedtls_oid_get_md_hmac - SHA256
+depends_on:MBEDTLS_MD_CAN_SHA256
+mbedtls_oid_get_md_hmac:"2A864886F70D0209":MBEDTLS_MD_SHA256
+
+mbedtls_oid_get_md_hmac - SHA384
+depends_on:MBEDTLS_MD_CAN_SHA384
+mbedtls_oid_get_md_hmac:"2A864886F70D020A":MBEDTLS_MD_SHA384
+
+mbedtls_oid_get_md_hmac - SHA512
+depends_on:MBEDTLS_MD_CAN_SHA512
+mbedtls_oid_get_md_hmac:"2A864886F70D020B":MBEDTLS_MD_SHA512
+
+mbedtls_oid_get_md_hmac - SHA3_224
+depends_on:MBEDTLS_MD_CAN_SHA3_224
+mbedtls_oid_get_md_hmac:"60864801650304020D":MBEDTLS_MD_SHA3_224
+
+mbedtls_oid_get_md_hmac - SHA3_256
+depends_on:MBEDTLS_MD_CAN_SHA3_256
+mbedtls_oid_get_md_hmac:"60864801650304020E":MBEDTLS_MD_SHA3_256
+
+mbedtls_oid_get_md_hmac - SHA3_384
+depends_on:MBEDTLS_MD_CAN_SHA3_384
+mbedtls_oid_get_md_hmac:"60864801650304020F":MBEDTLS_MD_SHA3_384
+
+mbedtls_oid_get_md_hmac - SHA3_512
+depends_on:MBEDTLS_MD_CAN_SHA3_512
+mbedtls_oid_get_md_hmac:"608648016503040210":MBEDTLS_MD_SHA3_512
diff --git a/tests/suites/test_suite_oid.function b/tests/suites/test_suite_oid.function
index 3adc6af0b5..337f843109 100644
--- a/tests/suites/test_suite_oid.function
+++ b/tests/suites/test_suite_oid.function
@@ -96,6 +96,29 @@ void oid_get_md_alg_id(data_t *oid, int exp_md_id)
 }
 /* END_CASE */
 
+/* BEGIN_CASE */
+void mbedtls_oid_get_md_hmac(data_t *oid, int exp_md_id)
+{
+    mbedtls_asn1_buf md_oid = { 0, 0, NULL };
+    int ret;
+    mbedtls_md_type_t md_id = 0;
+
+    md_oid.tag = MBEDTLS_ASN1_OID;
+    md_oid.p = oid->x;
+    md_oid.len = oid->len;
+
+    ret = mbedtls_oid_get_md_hmac(&md_oid, &md_id);
+
+    if (exp_md_id < 0) {
+        TEST_ASSERT(ret == MBEDTLS_ERR_OID_NOT_FOUND);
+        TEST_ASSERT(md_id == 0);
+    } else {
+        TEST_ASSERT(ret == 0);
+        TEST_ASSERT((mbedtls_md_type_t) exp_md_id == md_id);
+    }
+}
+/* END_CASE */
+
 /* BEGIN_CASE */
 void oid_get_numeric_string(data_t *oid, int error_ret, char *result_str)
 {

From ce38db1c0b28458c59b5629842e73774b2775beb Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:01:03 +0530
Subject: [PATCH 132/264] Change config_psa.h PBKDF2_CMAC dependencies

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/mbedtls/config_psa.h | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 9f6b9cafed..5762ee2f3d 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -519,12 +519,20 @@ extern "C" {
 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
 #define MBEDTLS_CMAC_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
+#endif /* PSA_WANT_ALG_CMAC */
+
 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
+#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
+#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
+#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
 #endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
-#endif /* PSA_WANT_ALG_CMAC */
+
 
 #if defined(PSA_WANT_ALG_CTR)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \

From 105f772fe84cfa180b3eb7cca244c50c16d8deae Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:03:06 +0530
Subject: [PATCH 133/264] Add PSA_HAVE_SOFT_PBKDF2

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/mbedtls/config_psa.h | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 5762ee2f3d..ce34386a21 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -273,6 +273,7 @@ extern "C" {
 #if defined(PSA_WANT_ALG_PBKDF2_HMAC)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_HMAC)
 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC 1
+#define PSA_HAVE_SOFT_PBKDF2_HMAC
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
 #define MBEDTLS_PSA_BUILTIN_ALG_HMAC 1
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
@@ -524,6 +525,7 @@ extern "C" {
 #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
 #define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
+#define PSA_HAVE_SOFT_PBKDF2_CMAC
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
@@ -533,6 +535,10 @@ extern "C" {
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
 #endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
 
+#if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
+    defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
+#define PSA_HAVE_SOFT_PBKDF2 1
+#endif /* PSA_HAVE_SOFT_PBKDF2_HMAC || PSA_HAVE_SOFT_PBKDF2_CMAC */
 
 #if defined(PSA_WANT_ALG_CTR)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CTR) || \

From 2addf35855a40c3ee9ec6499957d9f6695bef577 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:09:26 +0530
Subject: [PATCH 134/264] Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with
 PSA_HAVE_SOFT_PBKDF2

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_builtin_key_derivation.h |  6 +--
 library/psa_crypto.c                        | 47 ++++++---------------
 2 files changed, 15 insertions(+), 38 deletions(-)

diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h
index c598fa438e..8a2143a7ec 100644
--- a/include/psa/crypto_builtin_key_derivation.h
+++ b/include/psa/crypto_builtin_key_derivation.h
@@ -105,8 +105,7 @@ typedef struct psa_tls12_prf_key_derivation_s {
 } psa_tls12_prf_key_derivation_t;
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
         * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+#if defined(PSA_HAVE_SOFT_PBKDF2)
 typedef enum {
     PSA_PBKDF2_STATE_INIT,             /* no input provided */
     PSA_PBKDF2_STATE_INPUT_COST_SET,   /* input cost has been set */
@@ -126,7 +125,6 @@ typedef struct {
     uint8_t MBEDTLS_PRIVATE(bytes_used);
     uint32_t MBEDTLS_PRIVATE(block_number);
 } psa_pbkdf2_key_derivation_t;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
-        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_HAVE_SOFT_PBKDF2 */
 
 #endif /* PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 048ab58b33..c3c4d58798 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5080,8 +5080,7 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
     defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS) || \
     defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    defined(PSA_HAVE_SOFT_PBKDF2)
 #define AT_LEAST_ONE_BUILTIN_KDF
 #endif /* At least one builtin KDF */
 
@@ -5185,10 +5184,7 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
                                  sizeof(operation->ctx.tls12_ecjpake_to_pms.data));
     } else
 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
-        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+#if defined(PSA_HAVE_SOFT_PBKDF2)
         if (operation->ctx.pbkdf2.salt != NULL) {
             mbedtls_platform_zeroize(operation->ctx.pbkdf2.salt,
                                      operation->ctx.pbkdf2.salt_length);
@@ -5197,8 +5193,7 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
 
         status = PSA_SUCCESS;
     } else
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) ||
-        * defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128) */
+#endif /* defined(PSA_HAVE_SOFT_PBKDF2) */
     {
         status = PSA_ERROR_BAD_STATE;
     }
@@ -5525,8 +5520,7 @@ static psa_status_t psa_key_derivation_tls12_ecjpake_to_pms_read(
 }
 #endif
 
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+#if defined(PSA_HAVE_SOFT_PBKDF2)
 static psa_status_t psa_key_derivation_pbkdf2_generate_block(
     psa_pbkdf2_key_derivation_t *pbkdf2,
     psa_algorithm_t prf_alg,
@@ -5662,8 +5656,7 @@ static psa_status_t psa_key_derivation_pbkdf2_read(
 
     return PSA_SUCCESS;
 }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
-        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_HAVE_SOFT_PBKDF2 */
 
 psa_status_t psa_key_derivation_output_bytes(
     psa_key_derivation_operation_t *operation,
@@ -5718,15 +5711,11 @@ psa_status_t psa_key_derivation_output_bytes(
             &operation->ctx.tls12_ecjpake_to_pms, output, output_length);
     } else
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
-        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+#if defined(PSA_HAVE_SOFT_PBKDF2)
         status = psa_key_derivation_pbkdf2_read(&operation->ctx.pbkdf2, kdf_alg,
                                                 output, output_length);
     } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
-        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_HAVE_SOFT_PBKDF2 */
 
     {
         (void) kdf_alg;
@@ -6651,8 +6640,7 @@ static psa_status_t psa_tls12_ecjpake_to_pms_input(
 }
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
 
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+#if defined(PSA_HAVE_SOFT_PBKDF2)
 static psa_status_t psa_pbkdf2_set_input_cost(
     psa_pbkdf2_key_derivation_t *pbkdf2,
     psa_key_derivation_step_t step,
@@ -6802,8 +6790,7 @@ static psa_status_t psa_pbkdf2_input(psa_pbkdf2_key_derivation_t *pbkdf2,
             return PSA_ERROR_INVALID_ARGUMENT;
     }
 }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
-        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_HAVE_SOFT_PBKDF2 */
 
 /** Check whether the given key type is acceptable for the given
  * input step of a key derivation.
@@ -6900,15 +6887,11 @@ static psa_status_t psa_key_derivation_input_internal(
             &operation->ctx.tls12_ecjpake_to_pms, step, data, data_length);
     } else
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
-        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+#if defined(PSA_HAVE_SOFT_PBKDF2)
         status = psa_pbkdf2_input(&operation->ctx.pbkdf2, kdf_alg,
                                   step, data, data_length);
     } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
-        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_HAVE_SOFT_PBKDF2 */
     {
         /* This can't happen unless the operation object was not initialized */
         (void) data;
@@ -6932,15 +6915,11 @@ static psa_status_t psa_key_derivation_input_integer_internal(
     psa_status_t status;
     psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
 
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
-    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) ||
-        kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+#if defined(PSA_HAVE_SOFT_PBKDF2)
         status = psa_pbkdf2_set_input_cost(
             &operation->ctx.pbkdf2, step, value);
     } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC ||
-        * MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_HAVE_SOFT_PBKDF2 */
     {
         (void) step;
         (void) value;

From 9ab03c3d727e2026d45f0b2a4ea19501f910402e Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:14:05 +0530
Subject: [PATCH 135/264] Define PSA_ALG_IS_PBKDF2

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_values.h | 4 ++++
 library/psa_crypto.c        | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 580e3ae80d..50df3e3d04 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -2115,6 +2115,10 @@
  */
 #define PSA_ALG_PBKDF2_AES_CMAC_PRF_128         ((psa_algorithm_t) 0x08800200)
 
+#define PSA_ALG_IS_PBKDF2(kdf_alg)                                      \
+    (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) || \
+     (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128))
+
 #define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t) 0xfe00ffff)
 #define PSA_ALG_KEY_AGREEMENT_MASK              ((psa_algorithm_t) 0xffff0000)
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index c3c4d58798..2e3d451bae 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5185,6 +5185,7 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
     } else
 #endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS) */
 #if defined(PSA_HAVE_SOFT_PBKDF2)
+    if (PSA_ALG_IS_PBKDF2(kdf_alg)) {
         if (operation->ctx.pbkdf2.salt != NULL) {
             mbedtls_platform_zeroize(operation->ctx.pbkdf2.salt,
                                      operation->ctx.pbkdf2.salt_length);
@@ -5712,6 +5713,7 @@ psa_status_t psa_key_derivation_output_bytes(
     } else
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
 #if defined(PSA_HAVE_SOFT_PBKDF2)
+    if (PSA_ALG_IS_PBKDF2(kdf_alg)) {
         status = psa_key_derivation_pbkdf2_read(&operation->ctx.pbkdf2, kdf_alg,
                                                 output, output_length);
     } else
@@ -6888,6 +6890,7 @@ static psa_status_t psa_key_derivation_input_internal(
     } else
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
 #if defined(PSA_HAVE_SOFT_PBKDF2)
+    if (PSA_ALG_IS_PBKDF2(kdf_alg)) {
         status = psa_pbkdf2_input(&operation->ctx.pbkdf2, kdf_alg,
                                   step, data, data_length);
     } else
@@ -6916,6 +6919,7 @@ static psa_status_t psa_key_derivation_input_integer_internal(
     psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
 
 #if defined(PSA_HAVE_SOFT_PBKDF2)
+    if (PSA_ALG_IS_PBKDF2(kdf_alg)) {
         status = psa_pbkdf2_set_input_cost(
             &operation->ctx.pbkdf2, step, value);
     } else

From a12e2d53bd5032acdf25bef067c9da3cdb504eb6 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:18:30 +0530
Subject: [PATCH 136/264] Replace AES_CMAC_128_PRF_OUTPUT_SIZE with
 PSA_MAC_LENGTH()

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_sizes.h |  3 ---
 library/psa_crypto.c       | 16 +++++++++-------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index b884defe0c..8cc965b09f 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -276,9 +276,6 @@
  * This is a vendor-specific macro. This can be configured if necessary */
 #define PSA_VENDOR_PBKDF2_MAX_ITERATIONS 0xffffffff
 
-/* Output size of AES_CMAC_PRF_128 algorithm */
-#define PSA_AES_CMAC_PRF_128_OUTPUT_SIZE 16
-
 /** The maximum size of a block cipher. */
 #define PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE 16
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2e3d451bae..f8d295afbd 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5611,7 +5611,7 @@ static psa_status_t psa_key_derivation_pbkdf2_read(
         psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
     } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         prf_alg = PSA_ALG_CMAC;
-        prf_output_length = PSA_AES_CMAC_PRF_128_OUTPUT_SIZE;
+        prf_output_length = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC);
         psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
     } else {
         return PSA_ERROR_INVALID_ARGUMENT;
@@ -6177,7 +6177,7 @@ static psa_status_t psa_key_derivation_setup_kdf(
     if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
         hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256);
     } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
-        hash_size = PSA_AES_CMAC_PRF_128_OUTPUT_SIZE;
+        hash_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC);
     } else {
         if (hash_size == 0) {
             return PSA_ERROR_NOT_SUPPORTED;
@@ -6730,23 +6730,25 @@ static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
                                                  size_t *output_len)
 {
     psa_status_t status = PSA_SUCCESS;
-    if (input_len != PSA_AES_CMAC_PRF_128_OUTPUT_SIZE) {
+    if (input_len != PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC)) {
         psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
         uint8_t zeros[16] = { 0 };
         psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
         psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(sizeof(zeros)));
         psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
-        /* Passing PSA_AES_CMAC_PRF_128_OUTPUT_SIZE as mac_size as the driver
-         * function sets mac_output_length = mac_size on success. See #7801*/
+        /* Passing PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC) as
+         * mac_size as the driver function sets mac_output_length = mac_size */
         status = psa_driver_wrapper_mac_compute(&attributes,
                                                 zeros, sizeof(zeros),
                                                 PSA_ALG_CMAC, input, input_len,
                                                 output,
-                                                PSA_AES_CMAC_PRF_128_OUTPUT_SIZE,
+                                                PSA_MAC_LENGTH(PSA_KEY_TYPE_AES,
+                                                               128U,
+                                                               PSA_ALG_CMAC),
                                                 output_len);
     } else {
         memcpy(output, input, input_len);
-        *output_len = PSA_AES_CMAC_PRF_128_OUTPUT_SIZE;
+        *output_len = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC);
     }
     return status;
 }

From 0bca4c5fc45c7ca4f128505d6a9e8cc1b1a16292 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:20:14 +0530
Subject: [PATCH 137/264] Add ifdef for hmac and cmac specific functions

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f8d295afbd..3c4730eb41 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6707,6 +6707,7 @@ static psa_status_t psa_pbkdf2_set_salt(psa_pbkdf2_key_derivation_t *pbkdf2,
     return PSA_SUCCESS;
 }
 
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
 static psa_status_t psa_pbkdf2_hmac_set_password(psa_algorithm_t hash_alg,
                                                  const uint8_t *input,
                                                  size_t input_len,
@@ -6723,7 +6724,9 @@ static psa_status_t psa_pbkdf2_hmac_set_password(psa_algorithm_t hash_alg,
     }
     return status;
 }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
 
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
 static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
                                                  size_t input_len,
                                                  uint8_t *output,
@@ -6752,6 +6755,7 @@ static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
     }
     return status;
 }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
 
 static psa_status_t psa_pbkdf2_set_password(psa_pbkdf2_key_derivation_t *pbkdf2,
                                             psa_algorithm_t kdf_alg,

From 5f3345ae44342a782a3ee464ed6eeb05bc8644bd Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:21:38 +0530
Subject: [PATCH 138/264] Add issue link instead of issue number

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3c4730eb41..ec99e166b6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5572,7 +5572,7 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
     for (i = 1; i < pbkdf2->input_cost; i++) {
         /* We are passing prf_output_length as mac_size because the driver
          * function directly sets mac_output_length as mac_size upon success.
-         * See #7801 */
+         * See https://github.com/Mbed-TLS/mbedtls/issues/7801 */
         status = psa_driver_wrapper_mac_compute(attributes,
                                                 pbkdf2->password,
                                                 pbkdf2->password_length,
@@ -6740,7 +6740,8 @@ static psa_status_t psa_pbkdf2_cmac_set_password(const uint8_t *input,
         psa_set_key_bits(&attributes, PSA_BYTES_TO_BITS(sizeof(zeros)));
         psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
         /* Passing PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC) as
-         * mac_size as the driver function sets mac_output_length = mac_size */
+         * mac_size as the driver function sets mac_output_length = mac_size
+         * on success. See https://github.com/Mbed-TLS/mbedtls/issues/7801 */
         status = psa_driver_wrapper_mac_compute(&attributes,
                                                 zeros, sizeof(zeros),
                                                 PSA_ALG_CMAC, input, input_len,

From be55b7e45a45a737727f20d8755edda6e718ee5f Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 27 Jul 2023 21:22:26 +0530
Subject: [PATCH 139/264] Add test cases for 16 byte and empty password

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 0bbe6bcc14..12043484da 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -6438,6 +6438,14 @@ PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 6
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"28e288c6345bb5ecf7ca70274208a3ba0f1148b5868537d5e09d3ee6813b1f524d9ecbf864eb814a46cda50ad5ec4c0dc03578c6c5fb4a3f9880deb5cab537e4":"":0:1:0
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, empty direct password
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"db00f3996d041b415eb273362d8c8c83":"":0:0:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, 16 byte password
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"c4c112c6e1e3b8757640603dec78825f":"":0:1:0
+
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, salt in two step
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"5468726561643733356338376234":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:1:0

From f3e696dc1be31b80089a4e26b4d1af099179f25a Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Fri, 28 Jul 2023 13:30:50 +0530
Subject: [PATCH 140/264] Add ifdef for hmac and cmac set password

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 library/psa_crypto.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ec99e166b6..947c2e229c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6768,15 +6768,23 @@ static psa_status_t psa_pbkdf2_set_password(psa_pbkdf2_key_derivation_t *pbkdf2,
         return PSA_ERROR_BAD_STATE;
     }
 
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC)
     if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
         psa_algorithm_t hash_alg = PSA_ALG_PBKDF2_HMAC_GET_HASH(kdf_alg);
         status = psa_pbkdf2_hmac_set_password(hash_alg, data, data_length,
                                               pbkdf2->password,
                                               &pbkdf2->password_length);
-    } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
         status = psa_pbkdf2_cmac_set_password(data, data_length,
                                               pbkdf2->password,
                                               &pbkdf2->password_length);
+    } else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 */
+    {
+        return PSA_ERROR_INVALID_ARGUMENT;
     }
 
     pbkdf2->state = PSA_PBKDF2_STATE_PASSWORD_SET;

From c22affd9ec68311257f6d16bc1717f2bd671a30b Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Fri, 28 Jul 2023 13:31:58 +0530
Subject: [PATCH 141/264] Fix dependencies for pbkdf2 cmac

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/mbedtls/config_psa.h | 26 +++++++++++---------------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index ce34386a21..64e2261442 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -439,13 +439,21 @@ extern "C" {
 #define PSA_HAVE_SOFT_BLOCK_AEAD 1
 #endif
 
+#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
+#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
+#define PSA_HAVE_SOFT_PBKDF2_CMAC
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
+#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
+
 #if defined(PSA_WANT_KEY_TYPE_AES)
 #if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
 #define PSA_HAVE_SOFT_KEY_TYPE_AES 1
 #endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
 #if defined(PSA_HAVE_SOFT_KEY_TYPE_AES) || \
     defined(PSA_HAVE_SOFT_BLOCK_MODE) || \
-    defined(PSA_HAVE_SOFT_BLOCK_AEAD)
+    defined(PSA_HAVE_SOFT_BLOCK_AEAD) || \
+    defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
 #define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
 #define MBEDTLS_AES_C
 #endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
@@ -516,25 +524,13 @@ extern "C" {
 
 #if defined(PSA_WANT_ALG_CMAC)
 #if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) || \
-    defined(PSA_HAVE_SOFT_BLOCK_CIPHER)
+    defined(PSA_HAVE_SOFT_BLOCK_CIPHER) || \
+    defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
 #define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
 #define MBEDTLS_CMAC_C
 #endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
 #endif /* PSA_WANT_ALG_CMAC */
 
-#if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128)
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128)
-#define MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128 1
-#define PSA_HAVE_SOFT_PBKDF2_CMAC
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
-#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_AES */
-#if !defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
-#define MBEDTLS_PSA_BUILTIN_ALG_CMAC 1
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_CMAC */
-#endif /* !MBEDTLS_PSA_ACCEL_ALG_PBKDF2_AES_CMAC_PRF_128 */
-#endif /* PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128 */
-
 #if defined(PSA_HAVE_SOFT_PBKDF2_HMAC) || \
     defined(PSA_HAVE_SOFT_PBKDF2_CMAC)
 #define PSA_HAVE_SOFT_PBKDF2 1

From dcf360dd722ef93c1bd10b9216b83620a204055a Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Thu, 27 Jul 2023 15:28:20 +0800
Subject: [PATCH 142/264] code_size_compare: track removed object as well

It makes sense to display code size changes if a file has been
removed in our library. With this commit we track old objects as
well. If a file is not present in the new Git revision,
we display -old_size in the new_size column. The size change is
marked as `Removed` to indicate the file has been removed.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 199 ++++++++++++++++++++++-------------
 1 file changed, 123 insertions(+), 76 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 4a50c5b334..95d46b81c0 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -486,7 +486,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
     class SizeEntry: # pylint: disable=too-few-public-methods
         """Data Structure to only store information of code size."""
-        def __init__(self, text, data, bss, dec):
+        def __init__(self, text: int, data: int, bss: int, dec: int):
             self.text = text
             self.data = data
             self.bss = bss
@@ -496,16 +496,20 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         """ Variable code_size is used to store size info for any Git revisions.
         :param code_size:
             Data Format as following:
-                {git_rev: {module: {file_name: [text, data, bss, dec],
-                                    etc ...
-                                   },
-                           etc ...
-                          },
-                 etc ...
-                }
+            code_size = {
+                git_rev: {
+                    module: {
+                        file_name: SizeEntry,
+                        ...
+                    },
+                    ...
+                },
+                ...
+            }
         """
         super().__init__(logger)
         self.code_size = {} #type: typing.Dict[str, typing.Dict]
+        self.mod_total_suffix = '-' + 'TOTALS'
 
     def _set_size_record(self, git_rev: str, mod: str, size_text: str) -> None:
         """Store size information for target Git revision and high-level module.
@@ -515,9 +519,11 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         size_record = {}
         for line in size_text.splitlines()[1:]:
             data = line.split()
+            if re.match(r'\s*\(TOTALS\)', data[5]):
+                data[5] = mod + self.mod_total_suffix
             # file_name: SizeEntry(text, data, bss, dec)
             size_record[data[5]] = CodeSizeGeneratorWithSize.SizeEntry(
-                data[0], data[1], data[2], data[3])
+                int(data[0]), int(data[1]), int(data[2]), int(data[3]))
         self.code_size.setdefault(git_rev, {}).update({mod: size_record})
 
     def read_size_record(self, git_rev: str, fname: str) -> None:
@@ -538,10 +544,10 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 if mod:
                     # file_name: SizeEntry(text, data, bss, dec)
                     size_record[data[0]] = CodeSizeGeneratorWithSize.SizeEntry(
-                        data[1], data[2], data[3], data[4])
+                        int(data[1]), int(data[2]), int(data[3]), int(data[4]))
 
                 # check if we hit record for the end of a module
-                m = re.match(r'.?TOTALS', line)
+                m = re.match(r'\w+' + self.mod_total_suffix, line)
                 if m:
                     if git_rev in self.code_size:
                         self.code_size[git_rev].update({mod: size_record})
@@ -550,19 +556,6 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                     mod = ""
                     size_record = {}
 
-    def _size_reader_helper(
-            self,
-            git_rev: str,
-            output: typing_util.Writable,
-            with_markdown=False
-    ) -> typing.Iterator[tuple]:
-        """A helper function to peel code_size based on Git revision."""
-        for mod, file_size in self.code_size[git_rev].items():
-            if not with_markdown:
-                output.write("\n" + mod + "\n")
-            for fname, size_entry in file_size.items():
-                yield mod, fname, size_entry
-
     def write_record(
             self,
             git_rev: str,
@@ -571,7 +564,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     ) -> None:
         """Write size information to a file.
 
-        Writing Format: file_name text data bss total(dec)
+        Writing Format: filename text data bss total(dec)
         """
         for mod, size_text in code_size_text.items():
             self._set_size_record(git_rev, mod, size_text)
@@ -579,12 +572,16 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         format_string = "{:<30} {:>7} {:>7} {:>7} {:>7}\n"
         output.write(format_string.format("filename",
                                           "text", "data", "bss", "total"))
-        for _, fname, size_entry in self._size_reader_helper(git_rev, output):
-            output.write(format_string.format(fname,
-                                              size_entry.text, size_entry.data,
-                                              size_entry.bss, size_entry.total))
 
-    def write_comparison(
+        for mod, f_size in self.code_size[git_rev].items():
+            output.write("\n" + mod + "\n")
+            for fname, size_entry in f_size.items():
+                output.write(format_string
+                             .format(fname,
+                                     size_entry.text, size_entry.data,
+                                     size_entry.bss, size_entry.total))
+
+    def write_comparison( # pylint: disable=too-many-locals
             self,
             old_rev: str,
             new_rev: str,
@@ -593,60 +590,110 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
     ) -> None:
         """Write comparison result into a file.
 
-        Writing Format: file_name new(text,data) old(text,data)\
-                change(text,data)
+        Writing Format: filename new(text) new(data) change(text) change(data)
         """
-
-        def cal_size_section_variation(mod, fname, size_entry, attr):
-            new_size = int(size_entry.__dict__[attr])
-            # check if we have the file in old Git revision
-            if fname in self.code_size[old_rev][mod]:
-                old_size = int(self.code_size[old_rev][mod][fname].__dict__[attr])
-                change = new_size - old_size
-                return [new_size, old_size, change]
-            else:
-                return [new_size]
+        header_line = ["filename", "new(text)", "change(text)", "new(data)",
+                       "change(data)"]
 
         if with_markdown:
-            format_string = "| {:<30} | {:<9} | {:<9} | {:<12} | {:<12} |\n"
+            dash_line = [":----", "----:", "----:", "----:", "----:"]
+            line_format = "| {0:<30} | {1:<10} | {3:<10} | {2:<12} | {4:<12} |\n"
+            bold_text = lambda x: '**' + str(x) + '**'
         else:
-            format_string = "{:<30} {:<9} {:<9} {:<12} {:<12}\n"
+            line_format = "{0:<30} {1:<10} {3:<10} {2:<12} {4:<12}\n"
 
-        output.write(format_string
-                     .format("filename",
-                             "new(text)", "new(data)", "change(text)",
-                             "change(data)"))
-        if with_markdown:
-            output.write(format_string
-                         .format(":----", "----:", "----:", "----:", "----:"))
+        def cal_sect_change(
+                old_size: typing.Optional[CodeSizeGeneratorWithSize.SizeEntry],
+                new_size: typing.Optional[CodeSizeGeneratorWithSize.SizeEntry],
+                sect: str
+        ) -> typing.List:
+            """Inner helper function to calculate size change for a section.
 
-        for mod, fname, size_entry in \
-                self._size_reader_helper(new_rev, output, with_markdown):
-            text_vari = cal_size_section_variation(mod, fname,
-                                                   size_entry, 'text')
-            data_vari = cal_size_section_variation(mod, fname,
-                                                   size_entry, 'data')
+            Convention for special cases:
+                - If the object has been removed in new Git revision,
+                  the size is minus code size of old Git revision;
+                  the size change is marked as `Removed`,
+                - If the object only exists in new Git revision,
+                  the size is code size of new Git revision;
+                  the size change is marked as `None`,
 
-            if len(text_vari) != 1:
-                # skip the files that haven't changed in code size if we write
-                # comparison result in a markdown table.
-                if with_markdown and text_vari[2] == 0 and data_vari[2] == 0:
-                    continue
-                output.write(
-                    format_string
-                    .format(fname,
-                            # new(text), new(data)
-                            str(text_vari[0]), str(data_vari[0]),
-                            # change(text), change(data)
-                            str(text_vari[2]), str(data_vari[2])))
+            :param: old_size: code size for objects in old Git revision.
+            :param: new_size: code size for objects in new Git revision.
+            :param: sect: section to calculate from `size` tool. This could be
+                          any instance variable in SizeEntry.
+            :return: List of [section size of objects for new Git revision,
+                     section size change of objects between two Git revisions]
+            """
+            if old_size and new_size:
+                new_attr = new_size.__dict__[sect]
+                change_attr = new_size.__dict__[sect] - old_size.__dict__[sect]
+            elif old_size:
+                new_attr = - old_size.__dict__[sect]
+                change_attr = 'Removed'
+            elif new_size:
+                new_attr = new_size.__dict__[sect]
+                change_attr = 'None'
             else:
-                output.write(
-                    format_string
-                    .format(fname,
-                            # new(text), new(data)
-                            str(text_vari[0]), str(data_vari[0]),
-                            # change(text), change(data)
-                            'None', 'None'))
+                # Should never happen
+                new_attr = 'Error'
+                change_attr = 'Error'
+            return [new_attr, change_attr]
+
+        # sort dictionary by key
+        sort_by_k = lambda item: item[0].lower()
+        def get_results(
+                f_rev_size:
+                typing.Dict[str,
+                            typing.Dict[str,
+                                        CodeSizeGeneratorWithSize.SizeEntry]]
+            ) -> typing.List:
+            """Return List of results in the format of:
+            [filename, new(text), change(text), new(data), change(data)]
+            """
+            res = []
+            for fname, revs_size in sorted(f_rev_size.items(), key=sort_by_k):
+                old_size = revs_size.get(old_rev)
+                new_size = revs_size.get(new_rev)
+
+                text_sect = cal_sect_change(old_size, new_size, 'text')
+                data_sect = cal_sect_change(old_size, new_size, 'data')
+                # skip the files that haven't changed in code size
+                if text_sect[1] == 0 and data_sect[1] == 0:
+                    continue
+
+                res.append([fname, *text_sect, *data_sect])
+            return res
+
+        # write header
+        output.write(line_format.format(*header_line))
+        if with_markdown:
+            output.write(line_format.format(*dash_line))
+        for mod in MBEDTLS_STATIC_LIB:
+        # convert self.code_size to:
+        # {
+        #   file_name: {
+        #       old_rev: SizeEntry,
+        #       new_rev: SizeEntry
+        #   },
+        #   ...
+        # }
+            f_rev_size = {} #type: typing.Dict[str, typing.Dict]
+            for fname, size_entry in self.code_size[old_rev][mod].items():
+                f_rev_size.setdefault(fname, {}).update({old_rev: size_entry})
+            for fname, size_entry in self.code_size[new_rev][mod].items():
+                f_rev_size.setdefault(fname, {}).update({new_rev: size_entry})
+
+            mod_total_sz = f_rev_size.pop(mod + self.mod_total_suffix)
+            res = get_results(f_rev_size)
+            total_clm = get_results({mod + self.mod_total_suffix: mod_total_sz})
+            if with_markdown:
+                # bold row of mod-TOTALS in markdown table
+                total_clm = [[bold_text(j) for j in i] for i in total_clm]
+            res += total_clm
+
+            # write comparison result
+            for line in res:
+                output.write(line_format.format(*line))
 
 
 class CodeSizeComparison:

From b167320e2761319c103ef7d6afc3292a81d45117 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 28 Jul 2023 13:47:19 +0800
Subject: [PATCH 143/264] code_size_compare: use '.md' suffix if '--markdown'
 enabled

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 95d46b81c0..1bcc731949 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -815,10 +815,11 @@ class CodeSizeComparison:
         else:
             output_file = os.path.join(
                 self.comp_dir,
-                '{}-{}-{}.csv'
+                '{}-{}-{}.{}'
                 .format(self.old_size_dist_info.get_info_indication(),
                         self.new_size_dist_info.get_info_indication(),
-                        self.size_common_info.get_info_indication()))
+                        self.size_common_info.get_info_indication(),
+                        'md' if self.result_options.with_markdown else 'csv'))
             output = open(output_file, "w")
 
         self.logger.debug("Generating comparison results between {} and {}."

From ee07afa2051a1d7d8a20e46035b3cc8e4c94fc80 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Fri, 28 Jul 2023 16:34:05 +0800
Subject: [PATCH 144/264] code_size_compare: add option '--show-all'

When '--show-all' is enabled, all the objects will be displayed in
comparison result no matter if there is code size change or not.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 30 +++++++++++++++++++++---------
 1 file changed, 21 insertions(+), 9 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 1bcc731949..72c69e488b 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -116,12 +116,13 @@ class CodeSizeCommonInfo: # pylint: disable=too-few-public-methods
 
 class CodeSizeResultInfo: # pylint: disable=too-few-public-methods
     """Data structure to store result options for code size comparison."""
-    def __init__(
+    def __init__( #pylint: disable=too-many-arguments
             self,
             record_dir: str,
             comp_dir: str,
             with_markdown=False,
             stdout=False,
+            show_all=False,
     ) -> None:
         """
         :param record_dir: directory to store code size record.
@@ -130,11 +131,13 @@ class CodeSizeResultInfo: # pylint: disable=too-few-public-methods
                               (Default: False)
         :param stdout: direct comparison result into sys.stdout.
                        (Default False)
+        :param show_all: show all objects in comparison result. (Default False)
         """
         self.record_dir = record_dir
         self.comp_dir = comp_dir
         self.with_markdown = with_markdown
         self.stdout = stdout
+        self.show_all = show_all
 
 
 DETECT_ARCH_CMD = "cc -dM -E - < /dev/null"
@@ -462,12 +465,13 @@ class CodeSizeGenerator:
         """
         raise NotImplementedError
 
-    def write_comparison(
+    def write_comparison( #pylint: disable=too-many-arguments
             self,
             old_rev: str,
             new_rev: str,
             output: typing_util.Writable,
-            with_markdown=False
+            with_markdown=False,
+            show_all=False
     ) -> None:
         """Write a comparision result into a stream between two Git revisions.
 
@@ -477,6 +481,7 @@ class CodeSizeGenerator:
                        (File / sys.stdout)
         :param with_markdown:  write comparision result in a markdown table.
                                (Default: False)
+        :param show_all: show all objects in comparison result. (Default False)
         """
         raise NotImplementedError
 
@@ -581,13 +586,15 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                                      size_entry.text, size_entry.data,
                                      size_entry.bss, size_entry.total))
 
-    def write_comparison( # pylint: disable=too-many-locals
+    def write_comparison( #pylint: disable=too-many-arguments
             self,
             old_rev: str,
             new_rev: str,
             output: typing_util.Writable,
-            with_markdown=False
+            with_markdown=False,
+            show_all=False
     ) -> None:
+        # pylint: disable=too-many-locals
         """Write comparison result into a file.
 
         Writing Format: filename new(text) new(data) change(text) change(data)
@@ -658,7 +665,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 text_sect = cal_sect_change(old_size, new_size, 'text')
                 data_sect = cal_sect_change(old_size, new_size, 'data')
                 # skip the files that haven't changed in code size
-                if text_sect[1] == 0 and data_sect[1] == 0:
+                if not show_all and text_sect[1] == 0 and data_sect[1] == 0:
                     continue
 
                 res.append([fname, *text_sect, *data_sect])
@@ -834,7 +841,8 @@ class CodeSizeComparison:
         self.code_size_generator.write_comparison(
             self.old_size_dist_info.git_rev,
             self.new_size_dist_info.git_rev,
-            output, self.result_options.with_markdown)
+            output, self.result_options.with_markdown,
+            self.result_options.show_all)
 
     def get_comparision_results(self) -> None:
         """Compare size of library/*.o between self.old_size_dist_info and
@@ -887,6 +895,10 @@ def main():
         '--stdout', action='store_true', dest='stdout',
         help='Set this option to direct comparison result into sys.stdout. '
              '(Default: file)')
+    group_optional.add_argument(
+        '--show-all', action='store_true', dest='show_all',
+        help='Show all the objects in comparison result, including the ones '
+             'that haven\'t changed in code size. (Default: False)')
     group_optional.add_argument(
         '--verbose', action='store_true', dest='verbose',
         help='Show logs in detail for code size measurement. '
@@ -923,10 +935,10 @@ def main():
     # host_arch, measure_cmd
     size_common_info = CodeSizeCommonInfo(
         detect_arch(), 'size -t')
-    # record_dir, comp_dir, with_markdown, stdout
+    # record_dir, comp_dir, with_markdown, stdout, show_all
     result_options = CodeSizeResultInfo(
         comp_args.record_dir, comp_args.comp_dir,
-        comp_args.markdown, comp_args.stdout)
+        comp_args.markdown, comp_args.stdout, comp_args.show_all)
 
     logger.info("Measure code size between {} and {} by `{}`."
                 .format(old_size_dist_info.get_info_indication(),

From c2ad3ad62a10d7ed5eda8f8be074b0c2723b7f27 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 28 Jul 2023 16:44:18 +0100
Subject: [PATCH 145/264] Fix error in test vectors

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_psa_crypto_hash.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index f957bf16d3..0a5f8765f1 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -164,7 +164,7 @@ hash_finish:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3
 
 PSA hash finish: SHA3-256 Test Vector NIST ""
 depends_on:PSA_WANT_ALG_SHA3_256
-hash_finish:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
+hash_finish:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"
 
 PSA hash finish: SHA3-384 Test Vector NIST ""
 depends_on:PSA_WANT_ALG_SHA3_384
@@ -552,7 +552,7 @@ hash_multi_part:PSA_ALG_SHA3_224:"":"6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b0
 
 PSA hash multi part: SHA3-256 Test Vector NIST ""
 depends_on:PSA_WANT_ALG_SHA3_256
-hash_multi_part:PSA_ALG_SHA3_256:"616263":"3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532"
+hash_multi_part:PSA_ALG_SHA3_256:"":"a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a"
 
 PSA hash multi part: SHA3-384 Test Vector NIST ""
 depends_on:PSA_WANT_ALG_SHA3_384

From baf350c6bdbc93ba8475c4a4ce47634f32b49b1d Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Mon, 31 Jul 2023 20:22:33 +0530
Subject: [PATCH 146/264] Add PSA_HAVE_SOFT_PBKDF2 to
 crypto_driver_context_key_derivation

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_driver_contexts_key_derivation.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h
index 32de4f7654..3fb29ff7f2 100644
--- a/include/psa/crypto_driver_contexts_key_derivation.h
+++ b/include/psa/crypto_driver_contexts_key_derivation.h
@@ -55,8 +55,7 @@ typedef union {
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
     psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms);
 #endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_HMAC) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+#if defined(PSA_HAVE_SOFT_PBKDF2)
     psa_pbkdf2_key_derivation_t MBEDTLS_PRIVATE(pbkdf2);
 #endif
 } psa_driver_key_derivation_context_t;

From e2caf4161ba96e3e22276707f9e43cdf68caf621 Mon Sep 17 00:00:00 2001
From: Chien Wong <m@xv97.com>
Date: Tue, 1 Aug 2023 21:38:46 +0800
Subject: [PATCH 147/264] Fix a few unchecked value issue

Signed-off-by: Chien Wong <m@xv97.com>
---
 library/bignum.c          | 4 ++--
 library/ecdsa.c           | 4 ++--
 library/rsa_alt_helpers.c | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/bignum.c b/library/bignum.c
index d559c9e76f..7661dd3aea 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1706,7 +1706,7 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
      */
     const size_t x_index = 0;
     mbedtls_mpi_init(&W[x_index]);
-    mbedtls_mpi_copy(&W[x_index], X);
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[x_index], X));
 
     j = N->n + 1;
     /* All W[i] and X must have at least N->n limbs for the mpi_montmul()
@@ -1893,7 +1893,7 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
     /*
      * Load the result in the output variable.
      */
-    mbedtls_mpi_copy(X, &W[x_index]);
+    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(X, &W[x_index]));
 
 cleanup:
 
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 1faec16396..6e55f2205f 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -373,7 +373,7 @@ modn:
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
     if (rs_ctx != NULL && rs_ctx->sig != NULL) {
-        mbedtls_mpi_copy(r, pr);
+        MBEDTLS_MPI_CHK(mbedtls_mpi_copy(r, pr));
     }
 #endif
 
@@ -447,7 +447,7 @@ int mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp,
     MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(d, data, grp_len));
     MBEDTLS_MPI_CHK(derive_mpi(grp, &h, buf, blen));
     MBEDTLS_MPI_CHK(mbedtls_mpi_write_binary(&h, data + grp_len, grp_len));
-    mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len);
+    MBEDTLS_MPI_CHK(mbedtls_hmac_drbg_seed_buf(p_rng, md_info, data, 2 * grp_len));
 
 #if defined(MBEDTLS_ECP_RESTARTABLE)
     if (rs_ctx != NULL && rs_ctx->det != NULL) {
diff --git a/library/rsa_alt_helpers.c b/library/rsa_alt_helpers.c
index 3451469b98..5cc4636e49 100644
--- a/library/rsa_alt_helpers.c
+++ b/library/rsa_alt_helpers.c
@@ -126,7 +126,7 @@ int mbedtls_rsa_deduce_primes(mbedtls_mpi const *N,
     }
 
     for (; attempt < num_primes; ++attempt) {
-        mbedtls_mpi_lset(&K, primes[attempt]);
+        MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&K, primes[attempt]));
 
         /* Check if gcd(K,N) = 1 */
         MBEDTLS_MPI_CHK(mbedtls_mpi_gcd(P, &K, N));

From 0d4f4e5b01a1a57677c380b1223520f953eaaaf9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 31 Mar 2023 14:32:47 +0800
Subject: [PATCH 148/264] Add option to disable built-in aes implementation.

For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 5 +++++
 library/aesce.c                  | 2 ++
 library/aesce.h                  | 5 +++++
 library/aesni.c                  | 2 ++
 library/aesni.h                  | 4 ++++
 library/padlock.c                | 2 ++
 library/padlock.h                | 5 ++++-
 7 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 719bbed8fe..a086bfe5d9 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4006,4 +4006,9 @@
  */
 //#define MBEDTLS_ECP_WITH_MPI_UINT
 
+/*
+ * Platform independent implementation for crypto algorithms.
+ */
+//#define MBEDTLS_AES_HAS_NO_BUILTIN /* Uncomment to disable built-in platform independent code of AES */
+
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index ed3cca11d5..baa01dbd6b 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,6 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 /*
  * AES instruction support detection routine
  */
@@ -113,6 +114,7 @@ int mbedtls_aesce_has_support(void)
     return 1;
 #endif
 }
+#endif
 
 /* Single round of AESCE encryption */
 #define AESCE_ENCRYPT_ROUND                   \
diff --git a/library/aesce.h b/library/aesce.h
index b12bf76ba4..b166e15c17 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -47,7 +47,12 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 int mbedtls_aesce_has_support(void);
+#else
+#define /* no-check-names */ mbedtls_aesce_has_support() 1
+#endif
+
 
 /**
  * \brief          Internal AES-ECB block encryption and decryption
diff --git a/library/aesni.c b/library/aesni.c
index 9d1c0f135d..b6d1191794 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,6 +39,7 @@
 #include <immintrin.h>
 #endif
 
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 /*
  * AES-NI support detection routine
  */
@@ -68,6 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
+#endif /* !MBEDTLS_AES_HAS_NO_BUILTIN */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index 82947e4583..fa1f369edd 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -88,7 +88,11 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 int mbedtls_aesni_has_support(unsigned int what);
+#else
+#define /* no-check-names */ mbedtls_aesni_has_support(what) 1
+#endif
 
 /**
  * \brief          Internal AES-NI AES-ECB block encryption and decryption
diff --git a/library/padlock.c b/library/padlock.c
index f42c40ff93..111b28cf86 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,6 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 /*
  * PadLock detection routine
  */
@@ -62,6 +63,7 @@ int mbedtls_padlock_has_support(int feature)
 
     return flags & feature;
 }
+#endif
 
 /*
  * PadLock AES-ECB block en(de)cryption
diff --git a/library/padlock.h b/library/padlock.h
index b5f0d7d7a3..10c1c69946 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -41,7 +41,6 @@
 /* Some versions of ASan result in errors about not enough registers */
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
-
 #ifndef MBEDTLS_HAVE_X86
 #define MBEDTLS_HAVE_X86
 #endif
@@ -69,7 +68,11 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
+#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
 int mbedtls_padlock_has_support(int feature);
+#else
+#define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
+#endif
 
 /**
  * \brief          Internal PadLock AES-ECB block en(de)cryption

From d767cc4106f3a88f25fb6ada9010816e262e1e02 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 31 Mar 2023 15:03:55 +0800
Subject: [PATCH 149/264] Add accelerator only tests.

The cases with runtime detection have been
covered by `full` configuration

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml          | 25 +++++++++++++++++++++++++
 tests/scripts/all.sh | 37 +++++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)

diff --git a/.travis.yml b/.travis.yml
index bf5ccd96e6..7ed130aa97 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -129,6 +129,31 @@ jobs:
         - tests/scripts/travis-log-failure.sh
         - tests/context-info.sh
 
+    - name: Arm64 accelerators tests on arm64 host
+      os: linux
+      dist: focal
+      arch: arm64
+      addons:
+        apt:
+          packages:
+          - gcc
+      script:
+        # Do a manual build+test sequence rather than using all.sh.
+        #
+        # This is arm64 host only test for no runtime detection case. Internal
+        # and Open CI do not include Arm64 host, and they check if components
+        # are be tested. As result, it will always fail on `pre-test-check` in
+        # them.
+        - scripts/config.py unset MBEDTLS_AESNI_C
+        - scripts/config.py unset MBEDTLS_PADLOCK_C
+        - scripts/config.py set MBEDTLS_AESCE_C
+        - scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+        - make generated_files
+        - make
+        - programs/test/selftest
+        - tests/scripts/travis-log-failure.sh
+        - tests/context-info.sh
+
 after_failure:
 - tests/scripts/travis-log-failure.sh
 
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 97c01f3034..8dd6b8cec0 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4941,6 +4941,43 @@ component_check_test_helpers () {
     python3 -m unittest tests/scripts/translate_ciphers.py 2>&1
 }
 
+component_test_aes_builtin_only () {
+    msg "Test: AES builtin only"
+    scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AESCE_C
+    scripts/config.py unset MBEDTLS_AES_HAS_NO_BUILTIN
+    msg "build: make, AES built-in only" # ~10s
+    make
+
+    msg "selftest: AES built-in only" # ~10s
+    programs/test/selftest
+}
+
+component_test_aes_aesni_only () {
+    msg "Test: AESNI only"
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AESCE_C
+    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    msg "build:  AESNI only" # ~10s
+    make
+
+    msg "selftest:  AESNI only" # ~10s
+    programs/test/selftest
+}
+
+component_test_aes_padlock_only () {
+    msg "Test: AES, VIA padlock only"
+    scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AESCE_C
+    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    msg "build: AES, VIA padlock only" # ~10s
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+}
+
 ################################################################
 #### Termination
 ################################################################

From 2f26a599101613881767778164f21e4d6b79bfd9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 31 Mar 2023 15:06:33 +0800
Subject: [PATCH 150/264] Add std output information for AESCE in gcm

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/gcm.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/library/gcm.c b/library/gcm.c
index a05e4c30fc..d49725c69c 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -884,6 +884,13 @@ int mbedtls_gcm_self_test(int verbose)
             mbedtls_printf("  GCM note: using AESNI.\n");
         } else
 #endif
+
+#if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
+        if (mbedtls_aesce_has_support()) {
+            mbedtls_printf("  GCM note: using AESCE.\n");
+        } else
+#endif
+
         mbedtls_printf("  GCM note: built-in implementation.\n");
 #endif /* MBEDTLS_GCM_ALT */
     }

From 315fd30201d8866e15e28c9fb5f2b0cf22c47cd5 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 11:19:54 +0800
Subject: [PATCH 151/264] Rename plain c disable option

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml                      | 2 +-
 include/mbedtls/mbedtls_config.h | 2 +-
 library/aesce.c                  | 2 +-
 library/aesce.h                  | 2 +-
 library/aesni.c                  | 4 ++--
 library/aesni.h                  | 2 +-
 library/padlock.c                | 2 +-
 library/padlock.h                | 2 +-
 tests/scripts/all.sh             | 6 +++---
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 7ed130aa97..04647be63c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -147,7 +147,7 @@ jobs:
         - scripts/config.py unset MBEDTLS_AESNI_C
         - scripts/config.py unset MBEDTLS_PADLOCK_C
         - scripts/config.py set MBEDTLS_AESCE_C
-        - scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+        - scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
         - make generated_files
         - make
         - programs/test/selftest
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a086bfe5d9..d5753ca2f0 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4009,6 +4009,6 @@
 /*
  * Platform independent implementation for crypto algorithms.
  */
-//#define MBEDTLS_AES_HAS_NO_BUILTIN /* Uncomment to disable built-in platform independent code of AES */
+//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable built-in platform independent code of AES */
 
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index baa01dbd6b..982cad6931 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 /*
  * AES instruction support detection routine
  */
diff --git a/library/aesce.h b/library/aesce.h
index b166e15c17..1b2edad415 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -47,7 +47,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 int mbedtls_aesce_has_support(void);
 #else
 #define /* no-check-names */ mbedtls_aesce_has_support() 1
diff --git a/library/aesni.c b/library/aesni.c
index b6d1191794..766b6713c4 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 /*
  * AES-NI support detection routine
  */
@@ -69,7 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
-#endif /* !MBEDTLS_AES_HAS_NO_BUILTIN */
+#endif /* !MBEDTLS_AES_HAS_NO_PLAIN_C */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index fa1f369edd..341350a1ee 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -88,7 +88,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define /* no-check-names */ mbedtls_aesni_has_support(what) 1
diff --git a/library/padlock.c b/library/padlock.c
index 111b28cf86..eeb6368fa7 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 /*
  * PadLock detection routine
  */
diff --git a/library/padlock.h b/library/padlock.h
index 10c1c69946..7ec960d7a9 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -68,7 +68,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_BUILTIN)
+#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
 int mbedtls_padlock_has_support(int feature);
 #else
 #define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 8dd6b8cec0..20ced44d41 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4946,7 +4946,7 @@ component_test_aes_builtin_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_HAS_NO_BUILTIN
+    scripts/config.py unset MBEDTLS_AES_HAS_NO_PLAIN_C
     msg "build: make, AES built-in only" # ~10s
     make
 
@@ -4959,7 +4959,7 @@ component_test_aes_aesni_only () {
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
     msg "build:  AESNI only" # ~10s
     make
 
@@ -4972,7 +4972,7 @@ component_test_aes_padlock_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_BUILTIN
+    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 

From 4d030f3acd1ea6062ee144c1912ab38bdca36265 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 11:25:18 +0800
Subject: [PATCH 152/264] Add check for no aes implementation provided

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesce.h   | 3 +++
 library/aesni.h   | 3 +++
 library/padlock.h | 4 ++++
 3 files changed, 10 insertions(+)

diff --git a/library/aesce.h b/library/aesce.h
index 1b2edad415..a67fc0d9c7 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,6 +33,9 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
+#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#endif
 #endif
 #endif
 
diff --git a/library/aesni.h b/library/aesni.h
index 341350a1ee..1c960703f2 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,6 +39,9 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
+#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#endif
 #endif
 
 #if defined(MBEDTLS_AESNI_C)
diff --git a/library/padlock.h b/library/padlock.h
index 7ec960d7a9..4158386855 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,6 +47,10 @@
 
 #include <stdint.h>
 
+#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#endif
+
 #define MBEDTLS_PADLOCK_RNG 0x000C
 #define MBEDTLS_PADLOCK_ACE 0x00C0
 #define MBEDTLS_PADLOCK_PHE 0x0C00

From 1b3ab36b5596cb90b328907f3b2d659e2aaa49eb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 11:27:00 +0800
Subject: [PATCH 153/264] Update comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index d5753ca2f0..894ee7897b 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4008,7 +4008,8 @@
 
 /*
  * Platform independent implementation for crypto algorithms.
+ * Disable plain c implementation for AES.
  */
-//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable built-in platform independent code of AES */
+//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable plain c implementation of AES */
 
 /** \} name SECTION: Module configuration options */

From 3fcf2b505341cc7204513c9dde5faffe18c4a1d9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 18 Apr 2023 15:57:16 +0800
Subject: [PATCH 154/264] Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml                      | 2 +-
 include/mbedtls/mbedtls_config.h | 2 +-
 library/aesce.c                  | 2 +-
 library/aesce.h                  | 4 ++--
 library/aesni.c                  | 4 ++--
 library/aesni.h                  | 4 ++--
 library/padlock.c                | 2 +-
 library/padlock.h                | 4 ++--
 tests/scripts/all.sh             | 6 +++---
 9 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 04647be63c..10d67ee2e1 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -147,7 +147,7 @@ jobs:
         - scripts/config.py unset MBEDTLS_AESNI_C
         - scripts/config.py unset MBEDTLS_PADLOCK_C
         - scripts/config.py set MBEDTLS_AESCE_C
-        - scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
+        - scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
         - make generated_files
         - make
         - programs/test/selftest
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 894ee7897b..a1b564f283 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4010,6 +4010,6 @@
  * Platform independent implementation for crypto algorithms.
  * Disable plain c implementation for AES.
  */
-//#define MBEDTLS_AES_HAS_NO_PLAIN_C /* Uncomment to disable plain c implementation of AES */
+//#define MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO /* Uncomment to disable plain c implementation of AES */
 
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index 982cad6931..4b7e048194 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 /*
  * AES instruction support detection routine
  */
diff --git a/library/aesce.h b/library/aesce.h
index a67fc0d9c7..900eac7133 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,7 +33,7 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 #error "MBEDTLS_AESCE_C defined, but not all prerequisites"
 #endif
 #endif
@@ -50,7 +50,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 int mbedtls_aesce_has_support(void);
 #else
 #define /* no-check-names */ mbedtls_aesce_has_support() 1
diff --git a/library/aesni.c b/library/aesni.c
index 766b6713c4..31321c43d9 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 /*
  * AES-NI support detection routine
  */
@@ -69,7 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
-#endif /* !MBEDTLS_AES_HAS_NO_PLAIN_C */
+#endif /* !MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index 1c960703f2..1302a11f7c 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,7 +39,7 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 #error "MBEDTLS_AESCE_C defined, but not all prerequisites"
 #endif
 #endif
@@ -91,7 +91,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define /* no-check-names */ mbedtls_aesni_has_support(what) 1
diff --git a/library/padlock.c b/library/padlock.c
index eeb6368fa7..82b84bfb97 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 /*
  * PadLock detection routine
  */
diff --git a/library/padlock.h b/library/padlock.h
index 4158386855..7356d01c44 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,7 +47,7 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 #error "MBEDTLS_AESCE_C defined, but not all prerequisites"
 #endif
 
@@ -72,7 +72,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_HAS_NO_PLAIN_C)
+#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
 int mbedtls_padlock_has_support(int feature);
 #else
 #define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 20ced44d41..3ded9d6045 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4946,7 +4946,7 @@ component_test_aes_builtin_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_HAS_NO_PLAIN_C
+    scripts/config.py unset MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
     msg "build: make, AES built-in only" # ~10s
     make
 
@@ -4959,7 +4959,7 @@ component_test_aes_aesni_only () {
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
+    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
     msg "build:  AESNI only" # ~10s
     make
 
@@ -4972,7 +4972,7 @@ component_test_aes_padlock_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_HAS_NO_PLAIN_C
+    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 

From 8840a8c5740671f6ce3b8b6996cec23be9e95217 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Apr 2023 10:18:50 +0800
Subject: [PATCH 155/264] fix wrong checks

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesce.h   | 4 ++--
 library/aesni.h   | 4 ++--
 library/padlock.h | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/library/aesce.h b/library/aesce.h
index 900eac7133..0af8f61ef1 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,8 +33,8 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
-#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
 #endif
diff --git a/library/aesni.h b/library/aesni.h
index 1302a11f7c..dddbf99b83 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,8 +39,8 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
-#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
 
diff --git a/library/padlock.h b/library/padlock.h
index 7356d01c44..3b20d4298c 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,8 +47,8 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
-#error "MBEDTLS_AESCE_C defined, but not all prerequisites"
+#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 
 #define MBEDTLS_PADLOCK_RNG 0x000C

From 3660623e59ee8ac9f0d4ec4bdd0f891424f074a5 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Apr 2023 10:44:29 +0800
Subject: [PATCH 156/264] Rename plain c option and update comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml                      |  2 +-
 include/mbedtls/mbedtls_config.h | 10 ++++++++--
 library/aesce.c                  |  2 +-
 library/aesce.h                  |  4 ++--
 library/aesni.c                  |  4 ++--
 library/aesni.h                  |  4 ++--
 library/padlock.c                |  2 +-
 library/padlock.h                |  4 ++--
 tests/scripts/all.sh             |  8 ++++----
 9 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 10d67ee2e1..26e6c578dd 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -147,7 +147,7 @@ jobs:
         - scripts/config.py unset MBEDTLS_AESNI_C
         - scripts/config.py unset MBEDTLS_PADLOCK_C
         - scripts/config.py set MBEDTLS_AESCE_C
-        - scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+        - scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
         - make generated_files
         - make
         - programs/test/selftest
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index a1b564f283..5474060a7e 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4008,8 +4008,14 @@
 
 /*
  * Platform independent implementation for crypto algorithms.
- * Disable plain c implementation for AES.
+ * Disable plain C implementation for AES.
+ *
+ * If the plain C implementation is enabled, and an implementation using a
+ * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
+ * detection will be used to select between them.
+ *
+ * If only one implementation is present, runtime detection will not be used.
  */
-//#define MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO /* Uncomment to disable plain c implementation of AES */
+//#define MBEDTLS_AES_USE_HARDWARE_ONLY
 
 /** \} name SECTION: Module configuration options */
diff --git a/library/aesce.c b/library/aesce.c
index 4b7e048194..8aa07894fe 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <sys/auxv.h>
 #endif
 
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES instruction support detection routine
  */
diff --git a/library/aesce.h b/library/aesce.h
index 0af8f61ef1..7e9c12a3ca 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,7 +33,7 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
@@ -50,7 +50,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesce_has_support(void);
 #else
 #define /* no-check-names */ mbedtls_aesce_has_support() 1
diff --git a/library/aesni.c b/library/aesni.c
index 31321c43d9..cc3a3b3f38 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES-NI support detection routine
  */
@@ -69,7 +69,7 @@ int mbedtls_aesni_has_support(unsigned int what)
 
     return (c & what) != 0;
 }
-#endif /* !MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO */
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 
 #if MBEDTLS_AESNI_HAVE_CODE == 2
 
diff --git a/library/aesni.h b/library/aesni.h
index dddbf99b83..c17b61355b 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,7 +39,7 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 #endif
@@ -91,7 +91,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define /* no-check-names */ mbedtls_aesni_has_support(what) 1
diff --git a/library/padlock.c b/library/padlock.c
index 82b84bfb97..001172200e 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,7 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * PadLock detection routine
  */
diff --git a/library/padlock.h b/library/padlock.h
index 3b20d4298c..ad407f2ea3 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -47,7 +47,7 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_C defined, but not all prerequisites"
 #endif
 
@@ -72,7 +72,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_padlock_has_support(int feature);
 #else
 #define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 3ded9d6045..c2704a97f3 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4941,12 +4941,12 @@ component_check_test_helpers () {
     python3 -m unittest tests/scripts/translate_ciphers.py 2>&1
 }
 
-component_test_aes_builtin_only () {
+component_test_aes_donot_use_hardware () {
     msg "Test: AES builtin only"
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build: make, AES built-in only" # ~10s
     make
 
@@ -4959,7 +4959,7 @@ component_test_aes_aesni_only () {
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build:  AESNI only" # ~10s
     make
 
@@ -4972,7 +4972,7 @@ component_test_aes_padlock_only () {
     scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_DONT_USE_SOFTWARE_CRYPTO
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 

From d76ded046c60aaabbc66661c6cbd9292cddc416d Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Apr 2023 11:07:40 +0800
Subject: [PATCH 157/264] fix various issues

- unnecessary command
- extra blank and empty line

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml          | 1 -
 library/padlock.h    | 1 +
 tests/scripts/all.sh | 5 ++---
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 26e6c578dd..75f4c64647 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -151,7 +151,6 @@ jobs:
         - make generated_files
         - make
         - programs/test/selftest
-        - tests/scripts/travis-log-failure.sh
         - tests/context-info.sh
 
 after_failure:
diff --git a/library/padlock.h b/library/padlock.h
index ad407f2ea3..4de462ca02 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -41,6 +41,7 @@
 /* Some versions of ASan result in errors about not enough registers */
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
+
 #ifndef MBEDTLS_HAVE_X86
 #define MBEDTLS_HAVE_X86
 #endif
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c2704a97f3..c34fe990c2 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4960,10 +4960,10 @@ component_test_aes_aesni_only () {
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AESCE_C
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build:  AESNI only" # ~10s
+    msg "build: AESNI only" # ~10s
     make
 
-    msg "selftest:  AESNI only" # ~10s
+    msg "selftest: AESNI only" # ~10s
     programs/test/selftest
 }
 
@@ -4975,7 +4975,6 @@ component_test_aes_padlock_only () {
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "build: AES, VIA padlock only" # ~10s
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
-
 }
 
 ################################################################

From 4dfbb2e7476d93f0f20cedc1a180be6cc51166d2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Sun, 23 Apr 2023 14:30:34 +0800
Subject: [PATCH 158/264] add changelog entry

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 ChangeLog.d/add-aes-hardware-only-option.txt

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
new file mode 100644
index 0000000000..69db58eced
--- /dev/null
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -0,0 +1,6 @@
+Features
+   * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When using
+     CPU-accelerated AES (e.g., Arm Crypto Extensions), this option disables
+     the plain C implementation and the run-time detection for the CPU feature,
+     which reduces code size and avoid the vulnerability of the plain C
+     implementation.

From 02b1519ab6f7ab297161a2212dd2d6cf95d1a71e Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Sun, 23 Apr 2023 14:43:19 +0800
Subject: [PATCH 159/264] move accelerator checks to `aes.c`

Origin position is always validate due to conflict
between the guards in `aes.c` and module undef check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c     | 27 +++++++++++++++++++++++++++
 library/aesce.h   |  3 ---
 library/aesni.h   |  3 ---
 library/padlock.h |  4 ----
 4 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 6d718f4617..d6ecdcca50 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -33,6 +33,33 @@
 #include "mbedtls/platform.h"
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+    defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
+#define MBEDTLS_HAVE_ARM64
+#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#endif
+#endif
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+    (defined(__amd64__) || defined(__x86_64__))   &&  \
+    !defined(MBEDTLS_HAVE_X86_64)
+#define MBEDTLS_HAVE_X86_64
+#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#endif
+#endif
+
+#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
+    !defined(MBEDTLS_HAVE_ASAN)
+#define MBEDTLS_HAVE_X86
+
+#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#endif
+#endif
+
 #if defined(MBEDTLS_PADLOCK_C)
 #include "padlock.h"
 #endif
diff --git a/library/aesce.h b/library/aesce.h
index 7e9c12a3ca..fbf5456497 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -33,9 +33,6 @@
 #if !defined(MBEDTLS_HAVE_ARM64)
 #if defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_ARM64
-#if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
-#endif
 #endif
 #endif
 
diff --git a/library/aesni.h b/library/aesni.h
index c17b61355b..6b5afb9b5c 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -39,9 +39,6 @@
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
-#if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
-#endif
 #endif
 
 #if defined(MBEDTLS_AESNI_C)
diff --git a/library/padlock.h b/library/padlock.h
index 4de462ca02..c031f4bb54 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -48,10 +48,6 @@
 
 #include <stdint.h>
 
-#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
-#endif
-
 #define MBEDTLS_PADLOCK_RNG 0x000C
 #define MBEDTLS_PADLOCK_ACE 0x00C0
 #define MBEDTLS_PADLOCK_PHE 0x0C00

From 9e3e3dd45bb761424c7370fdb7c1e0f6d72e7499 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 24 Apr 2023 17:19:38 +0800
Subject: [PATCH 160/264] Fix code-style  too-long line fail

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
index 69db58eced..2461479e6b 100644
--- a/ChangeLog.d/add-aes-hardware-only-option.txt
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -1,6 +1,6 @@
 Features
-   * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When using
-     CPU-accelerated AES (e.g., Arm Crypto Extensions), this option disables
-     the plain C implementation and the run-time detection for the CPU feature,
-     which reduces code size and avoid the vulnerability of the plain C
-     implementation.
+   * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When
+     using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
+     disables the plain C implementation and the run-time detection for the
+     CPU feature, which reduces code size and avoid the vulnerability of the
+     plain C implementation.

From e77c4d95a737b80bf239b2ef8fa95a51b9c033e7 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 24 Apr 2023 17:26:44 +0800
Subject: [PATCH 161/264] Mention the crash risk without runtime detection

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 5474060a7e..6fcd025613 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,6 +4015,7 @@
  * detection will be used to select between them.
  *
  * If only one implementation is present, runtime detection will not be used.
+ * This configuration will crash if running on the CPU without needed features.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 

From 69436818205d4c39eb63d06c9d1e66e557a94f2f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 25 Apr 2023 11:08:30 +0800
Subject: [PATCH 162/264] Improve error message and documents

- fix grammar error
- Add more information for AES_USE_HARDWARE_ONLY
- Improve error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 ChangeLog.d/add-aes-hardware-only-option.txt | 2 +-
 include/mbedtls/mbedtls_config.h             | 4 +++-
 library/aes.c                                | 6 +++---
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/ChangeLog.d/add-aes-hardware-only-option.txt b/ChangeLog.d/add-aes-hardware-only-option.txt
index 2461479e6b..a185aff2a2 100644
--- a/ChangeLog.d/add-aes-hardware-only-option.txt
+++ b/ChangeLog.d/add-aes-hardware-only-option.txt
@@ -2,5 +2,5 @@ Features
    * New configuration option MBEDTLS_AES_USE_HARDWARE_ONLY introduced. When
      using CPU-accelerated AES (e.g., Arm Crypto Extensions), this option
      disables the plain C implementation and the run-time detection for the
-     CPU feature, which reduces code size and avoid the vulnerability of the
+     CPU feature, which reduces code size and avoids the vulnerability of the
      plain C implementation.
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 6fcd025613..46d3dc28ca 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,7 +4015,9 @@
  * detection will be used to select between them.
  *
  * If only one implementation is present, runtime detection will not be used.
- * This configuration will crash if running on the CPU without needed features.
+ * This configuration will crash at runtime if running on a CPU without the
+ * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C,
+ * MBEDTLS_AESNI_C and/or MBEDTLS_PADLOCK_C is enabled & present in the build.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 
diff --git a/library/aes.c b/library/aes.c
index d6ecdcca50..00ba40c36b 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -38,7 +38,7 @@
     defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
 #define MBEDTLS_HAVE_ARM64
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
@@ -47,7 +47,7 @@
     !defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_HAVE_X86_64
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
@@ -56,7 +56,7 @@
 #define MBEDTLS_HAVE_X86
 
 #if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_C defined, but not all prerequisites"
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 

From 1414029ff0a0dba76186fb0be9270faafcb0d9cd Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 1 Aug 2023 12:57:52 +0800
Subject: [PATCH 163/264] improve document about hardware only

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 46d3dc28ca..3dcaa4614b 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4007,10 +4007,9 @@
 //#define MBEDTLS_ECP_WITH_MPI_UINT
 
 /*
- * Platform independent implementation for crypto algorithms.
  * Disable plain C implementation for AES.
  *
- * If the plain C implementation is enabled, and an implementation using a
+ * When the plain C implementation is enabled, and an implementation using a
  * special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
  * detection will be used to select between them.
  *

From 6eff0b2258d53dd6661c6569560ec7abea6774b3 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Wed, 2 Aug 2023 17:22:49 +0530
Subject: [PATCH 164/264] Remove test vector

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 39 ++++++++++++-------------
 1 file changed, 18 insertions(+), 21 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 12043484da..302a9aa48a 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -6401,23 +6401,20 @@ PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, 20+1 (over capacity)
 depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1
 derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"0c60c80f961f0e71f3a9b524af6012062fe037a6":"00":0:1:0
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 16+0
-depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:1:0
-
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 15+1
-depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e3":"3c":0:1:0
-
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, 0+16
-depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"":"8b27beed7e7a4dd6c53138c879a8e33c":0:1:0
-
 #The following test vectors were generated by a python script. Details can be found in the commit message.
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1
+#The input cost, salt and password are the same as PBKDF2-HMAC test vectors
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1, 20+0
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:0
 
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1, 10+10
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e2777":"7606a315876ec71227de":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 1, 0+20
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"":"1b72f6419173a06e27777606a315876ec71227de":0:1:0
+
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test Vector 2
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"02":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"160597e28021fb3dd9cf088b007b688360fed438":"":0:1:0
@@ -6446,21 +6443,21 @@ PSA key derivation: PBKDF2-AES-CMAC-PRF-128, 16 byte password
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"1000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f726470617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"c4c112c6e1e3b8757640603dec78825f":"":0:1:0
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, salt in two step
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, salt in two step
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"5468726561643733356338376234":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:1:0
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"7361":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"6c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:0
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, password as key, derive key
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as key, derive key
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":""::0:1:1
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:1:1
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, password as bytes
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as bytes
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:0:0
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:0:0
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, OpenThread vector, password as bytes, derive key
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as bytes, derive key
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"4000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"54687265616437333563383762344f70656e54687265616444656d6f":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"4a30314e4d45":PSA_SUCCESS:0:"":PSA_SUCCESS:"":16:"8b27beed7e7a4dd6c53138c879a8e33c":"":0:0:1
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"":"":0:0:1
 
 PSA key derivation: ECJPAKE to PMS, no input
 depends_on:PSA_WANT_ALG_SHA_256

From 69dd441eb5878446ce877ea4a4b70dac505a726f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 2 Aug 2023 17:42:00 +0800
Subject: [PATCH 165/264] Remove test_aes_*

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 35 -----------------------------------
 1 file changed, 35 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c34fe990c2..dee03e9504 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4941,41 +4941,6 @@ component_check_test_helpers () {
     python3 -m unittest tests/scripts/translate_ciphers.py 2>&1
 }
 
-component_test_aes_donot_use_hardware () {
-    msg "Test: AES builtin only"
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build: make, AES built-in only" # ~10s
-    make
-
-    msg "selftest: AES built-in only" # ~10s
-    programs/test/selftest
-}
-
-component_test_aes_aesni_only () {
-    msg "Test: AESNI only"
-    scripts/config.py set MBEDTLS_AESNI_C
-    scripts/config.py unset MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build: AESNI only" # ~10s
-    make
-
-    msg "selftest: AESNI only" # ~10s
-    programs/test/selftest
-}
-
-component_test_aes_padlock_only () {
-    msg "Test: AES, VIA padlock only"
-    scripts/config.py unset MBEDTLS_AESNI_C
-    scripts/config.py set MBEDTLS_PADLOCK_C
-    scripts/config.py unset MBEDTLS_AESCE_C
-    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "build: AES, VIA padlock only" # ~10s
-    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
-}
 
 ################################################################
 #### Termination

From 1221a31cc475081ba7e517107431b8069d8330bc Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 16:09:07 +0800
Subject: [PATCH 166/264] Run aes tests only for test_aesni

That can reduce time of selftest

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index dee03e9504..012e2a8e1f 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3869,14 +3869,14 @@ component_test_aesni () { # ~ 60s
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
     # check that we built intrinsics - this should be used by default when supported by the compiler
-    ./programs/test/selftest | grep "AESNI code" | grep -q "intrinsics"
+    ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics"
 
     # test the asm implementation
     msg "AES tests, test assembly"
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes'
     # check that we built assembly - this should be built if the compiler does not support intrinsics
-    ./programs/test/selftest | grep "AESNI code" | grep -q "assembly"
+    ./programs/test/selftest aes | grep "AESNI code" | grep -q "assembly"
 
     # test the plain C implementation
     scripts/config.py unset MBEDTLS_AESNI_C
@@ -3884,7 +3884,7 @@ component_test_aesni () { # ~ 60s
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
-    ./programs/test/selftest | not grep -q "AESNI code"
+    ./programs/test/selftest aes | not grep -q "AESNI code"
 }
 
 component_test_aes_only_128_bit_keys () {

From 17a9d2e412d74bb39b60d8cc08cfeb46d980ebcb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 16:14:18 +0800
Subject: [PATCH 167/264] Add MBEDTLS_AES_USE_HADWARE_ONLY for test_aesni

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 012e2a8e1f..a3b720af27 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3862,6 +3862,7 @@ component_test_aesni () { # ~ 60s
 
     msg "build: default config with different AES implementations"
     scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     scripts/config.py set MBEDTLS_HAVE_ASM
 
     # test the intrinsics implementation
@@ -3880,6 +3881,7 @@ component_test_aesni () { # ~ 60s
 
     # test the plain C implementation
     scripts/config.py unset MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "AES tests, plain C"
     make clean
     make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'

From 8a599c03fa63a37490137df66867c17c9d4c102f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:01:02 +0800
Subject: [PATCH 168/264] Add aesni only test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index a3b720af27..c232225039 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3887,6 +3887,15 @@ component_test_aesni () { # ~ 60s
     make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
     ./programs/test/selftest aes | not grep -q "AESNI code"
+
+    # test the intrinsics implementation
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    msg "AES tests, test AESNI only"
+    make clean
+    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
+    # check that we built intrinsics - this should be used by default when supported by the compiler
+    ./programs/test/selftest aes | grep "AES note: using AESNI"
 }
 
 component_test_aes_only_128_bit_keys () {

From 193cbc03fe3c2683395fa080c84de0d8a19a3dae Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:06:29 +0800
Subject: [PATCH 169/264] Add aesce build  test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index c232225039..cbd431cff4 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3898,6 +3898,39 @@ component_test_aesni () { # ~ 60s
     ./programs/test/selftest aes | grep "AES note: using AESNI"
 }
 
+
+# For timebeing, no aarch64 gcc available in CI and no arm64 CI node.
+component_build_aes_aesce_armcc () {
+    msg "Build: AESCE test on arm64 platform without plain C."
+    scripts/config.py baremetal
+
+    # armc[56] don't support SHA-512 intrinsics
+    scripts/config.py unset MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
+
+    # Stop armclang warning about feature detection for A64_CRYPTO.
+    # With this enabled, the library does build correctly under armclang,
+    # but in baremetal builds (as tested here), feature detection is
+    # unavailable, and the user is notified via a #warning. So enabling
+    # this feature would prevent us from building with -Werror on
+    # armclang. Tracked in #7198.
+    scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
+    scripts/config.py set MBEDTLS_HAVE_ASM
+
+    msg "AESCE, build with default configuration."
+    scripts/config.py set MBEDTLS_AESCE_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+    armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
+
+    msg "AESCE, build AESCE only"
+    scripts/config.py set MBEDTLS_AESCE_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
+}
+
+support_build_aes_aesce_armcc () {
+    support_build_armcc
+}
+
 component_test_aes_only_128_bit_keys () {
     msg "build: default config + AES_ONLY_128_BIT_KEY_LENGTH"
     scripts/config.py set MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH

From c935aa617b5ea999f9c381a056ec623754c068b9 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:08:27 +0800
Subject: [PATCH 170/264] Add via padlock build test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index cbd431cff4..d67b484b11 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3927,6 +3927,22 @@ component_build_aes_aesce_armcc () {
     armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto"
 }
 
+# For timebeing, no VIA Padlock platform available.
+component_build_aes_via_padlock () {
+
+    msg "AES:VIA PadLock, build with default configuration."
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+    make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+
+}
+
+support_build_aes_via_padlock_only () {
+    ( [ "$MBEDTLS_TEST_PLATFORM" == "Linux-x86_64" ] || \
+        [ "$MBEDTLS_TEST_PLATFORM" == "Linux-amd64" ] ) && \
+    [ "`dpkg --print-foreign-architectures`" == "i386" ]
+}
+
 support_build_aes_aesce_armcc () {
     support_build_armcc
 }

From 2700ef6bb0f5a237e2e446d4e5680ecd0ad14a38 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 3 Aug 2023 17:13:52 +0800
Subject: [PATCH 171/264] Add aesce test string filter

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 .travis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 75f4c64647..3a608f54e4 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -150,7 +150,7 @@ jobs:
         - scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
         - make generated_files
         - make
-        - programs/test/selftest
+        - programs/test/selftest aes | grep "using AESCE"
         - tests/context-info.sh
 
 after_failure:

From 29c91ba42d05e45fa91d154d1c246c7d3779412b Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 11:02:04 +0800
Subject: [PATCH 172/264] fix unreachable code warnings

It is detected by clang with bellow patch
```
diff --git a/library/Makefile b/library/Makefile
index fdab4f4ba0..967f9e2e65 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -306,8 +306,8 @@ libmbedcrypto.dll: $(OBJS_CRYPTO)

 .c.o:
        echo "  CC    $<"
-       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $<
-
+       $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $(@:%.o=%.i) -E $<
+       $(CC) $(LOCAL_CFLAGS) -Wunreachable-code -Werror -Wno-unused-command-line-argument $(CFLAGS) -o $@ -c $(@:%.o=%.i)
 .PHONY: generated_files
 GENERATED_FILES = \
        error.c version_features.c \
```

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 00ba40c36b..8afa7a65d3 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -622,7 +622,9 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     unsigned int i;
+#endif
     uint32_t *RK;
 
     switch (keybits) {
@@ -656,6 +658,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     for (i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
     }
@@ -722,6 +725,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 
     return 0;
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 }
 #endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */
 
@@ -732,10 +736,14 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
-    int i, j, ret;
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+    int i, j;
+    uint32_t *SK;
+#endif
+    int ret;
     mbedtls_aes_context cty;
     uint32_t *RK;
-    uint32_t *SK;
+
 
     mbedtls_aes_init(&cty);
 
@@ -767,6 +775,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     SK = cty.buf + cty.rk_offset + cty.nr * 4;
 
     *RK++ = *SK++;
@@ -787,7 +796,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
     *RK++ = *SK++;
     *RK++ = *SK++;
     *RK++ = *SK++;
-
+#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */
 exit:
     mbedtls_aes_free(&cty);
 
@@ -1095,11 +1104,14 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     if (mode == MBEDTLS_AES_ENCRYPT) {
         return mbedtls_internal_aes_encrypt(ctx, input, output);
     } else {
         return mbedtls_internal_aes_decrypt(ctx, input, output);
     }
+#endif
+
 }
 
 #if defined(MBEDTLS_CIPHER_MODE_CBC)
@@ -1899,7 +1911,11 @@ int mbedtls_aes_self_test(int verbose)
             mbedtls_printf("  AES note: using AESCE.\n");
         } else
 #endif
-        mbedtls_printf("  AES note: built-in implementation.\n");
+        {
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+            mbedtls_printf("  AES note: built-in implementation.\n");
+#endif
+        }
 #endif /* MBEDTLS_AES_ALT */
     }
 

From b241db3e2630b80b8a1d17522b4fda9d2a643b88 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 16:28:22 +0800
Subject: [PATCH 173/264] remove padlock only mode

padlock depends on pure c implementation

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/padlock.c | 6 ++++--
 library/padlock.h | 4 ----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/library/padlock.c b/library/padlock.c
index 001172200e..38d110e0b3 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,7 +33,10 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
+#endif
+
 /*
  * PadLock detection routine
  */
@@ -63,7 +66,6 @@ int mbedtls_padlock_has_support(int feature)
 
     return flags & feature;
 }
-#endif
 
 /*
  * PadLock AES-ECB block en(de)cryption
diff --git a/library/padlock.h b/library/padlock.h
index c031f4bb54..b5f0d7d7a3 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -69,11 +69,7 @@ extern "C" {
  *
  * \return         non-zero if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_padlock_has_support(int feature);
-#else
-#define /* no-check-names */ mbedtls_padlock_has_support(feature) 1
-#endif
 
 /**
  * \brief          Internal PadLock AES-ECB block en(de)cryption

From fce351def82c1ed5b3135a887e3ada7f75f3fdc3 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 17:13:36 +0800
Subject: [PATCH 174/264] improve platform relative check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 8afa7a65d3..4929235ec0 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -34,27 +34,23 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+#if defined(MBEDTLS_HAVE_ASM) && \
     defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
-#define MBEDTLS_HAVE_ARM64
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
+#if defined(MBEDTLS_HAVE_ASM) && \
     (defined(__amd64__) || defined(__x86_64__))   &&  \
     !defined(MBEDTLS_HAVE_X86_64)
-#define MBEDTLS_HAVE_X86_64
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
+#if defined(MBEDTLS_HAVE_ASM) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
-#define MBEDTLS_HAVE_X86
-
 #if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From 9c0b7d13bf71bea4ca8637c3b815f813f6b8cd85 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 4 Aug 2023 17:25:59 +0800
Subject: [PATCH 175/264] Remove unnecessary name check tag

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesce.h | 2 +-
 library/aesni.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/aesce.h b/library/aesce.h
index fbf5456497..9b8b0bcd67 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -50,7 +50,7 @@ extern "C" {
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesce_has_support(void);
 #else
-#define /* no-check-names */ mbedtls_aesce_has_support() 1
+#define mbedtls_aesce_has_support() 1
 #endif
 
 
diff --git a/library/aesni.h b/library/aesni.h
index 6b5afb9b5c..f461ae2887 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -91,7 +91,7 @@ extern "C" {
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
-#define /* no-check-names */ mbedtls_aesni_has_support(what) 1
+#define mbedtls_aesni_has_support(what) 1
 #endif
 
 /**

From 7802f65a285eace5ada98a71e616dfd349e172ad Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 7 Aug 2023 10:38:50 +0800
Subject: [PATCH 176/264] Add negative test for aesni only

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index d67b484b11..9cc2ab181f 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3896,6 +3896,7 @@ component_test_aesni () { # ~ 60s
     make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
     # check that we built intrinsics - this should be used by default when supported by the compiler
     ./programs/test/selftest aes | grep "AES note: using AESNI"
+    ./programs/test/selftest aes | grep -v "AES note: built-in implementation."
 }
 
 

From 5fcdd6a28a26a6d565178b055b2cfd3fa86673e7 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Mon, 7 Aug 2023 15:32:58 +0800
Subject: [PATCH 177/264] remove unnecessary definition

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 4929235ec0..7c5c80621c 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -34,16 +34,14 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_HAVE_ASM) && \
-    defined(__aarch64__) && !defined(MBEDTLS_HAVE_ARM64)
+#if defined(MBEDTLS_HAVE_ASM) && defined(__aarch64__)
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
 #if defined(MBEDTLS_HAVE_ASM) && \
-    (defined(__amd64__) || defined(__x86_64__))   &&  \
-    !defined(MBEDTLS_HAVE_X86_64)
+    (defined(__amd64__) || defined(__x86_64__))
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From c4508c07f6e1894478b1db0923d86cc64a770516 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 8 Aug 2023 12:57:06 +0800
Subject: [PATCH 178/264] improve error message and config check for padlock

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 7c5c80621c..668f1d1e34 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -49,8 +49,8 @@
 
 #if defined(MBEDTLS_HAVE_ASM) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
-#if !defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY not supported yet for i386."
 #endif
 #endif
 

From a7de78d050aa62197e105d963af926a1b82a64bb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 8 Aug 2023 12:57:35 +0800
Subject: [PATCH 179/264] improve test

- `grep '^flags' /proc/cpuino` does not work in my local machine inside script.
- `make test programs/sleftest ` causes `strings | grep ` fail.

For timebeing, I did not figure out the root cause.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9cc2ab181f..8464599e49 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3849,7 +3849,7 @@ support_test_aesni() {
     # We can only grep /proc/cpuinfo on Linux, so this also checks for Linux
     (gcc -v 2>&1 | grep Target | grep -q x86_64) &&
         [[ "$HOSTTYPE" == "x86_64" && "$OSTYPE" == "linux-gnu" ]] &&
-        (grep '^flags' /proc/cpuinfo | grep -qw aes)
+        (lscpu | grep -qw aes)
 }
 
 component_test_aesni () { # ~ 60s
@@ -3868,14 +3868,14 @@ component_test_aesni () { # ~ 60s
     # test the intrinsics implementation
     msg "AES tests, test intrinsics"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
     # check that we built intrinsics - this should be used by default when supported by the compiler
     ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics"
 
     # test the asm implementation
     msg "AES tests, test assembly"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes'
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mno-pclmul -mno-sse2 -mno-aes'
     # check that we built assembly - this should be built if the compiler does not support intrinsics
     ./programs/test/selftest aes | grep "AESNI code" | grep -q "assembly"
 
@@ -3884,19 +3884,23 @@ component_test_aesni () { # ~ 60s
     scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "AES tests, plain C"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-O2 -Werror'
+    make CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
     ./programs/test/selftest aes | not grep -q "AESNI code"
+    strings ./programs/test/selftest | not grep -q "AES note: using AESNI"
+    strings ./programs/test/selftest | grep -q "AES note: built-in implementation."
 
     # test the intrinsics implementation
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
     msg "AES tests, test AESNI only"
     make clean
-    make test programs/test/selftest CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
-    # check that we built intrinsics - this should be used by default when supported by the compiler
-    ./programs/test/selftest aes | grep "AES note: using AESNI"
-    ./programs/test/selftest aes | grep -v "AES note: built-in implementation."
+    make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
+    strings ./programs/test/selftest | grep -q "AES note: using AESNI"
+    strings ./programs/test/selftest | not grep -q "AES note: built-in implementation."
+    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
+    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+
 }
 
 

From 76a51b99b6996106b4fd4d28390d69ba2d8f3bcc Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 8 Aug 2023 16:03:55 +0800
Subject: [PATCH 180/264] replace strings command with grep

`strings | grep` will fail some time.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 8464599e49..508f0b05a4 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3887,8 +3887,8 @@ component_test_aesni () { # ~ 60s
     make CC=gcc CFLAGS='-O2 -Werror'
     # check that there is no AESNI code present
     ./programs/test/selftest aes | not grep -q "AESNI code"
-    strings ./programs/test/selftest | not grep -q "AES note: using AESNI"
-    strings ./programs/test/selftest | grep -q "AES note: built-in implementation."
+    not grep -q "AES note: using AESNI" ./programs/test/selftest
+    grep -q "AES note: built-in implementation." ./programs/test/selftest
 
     # test the intrinsics implementation
     scripts/config.py set MBEDTLS_AESNI_C
@@ -3896,10 +3896,11 @@ component_test_aesni () { # ~ 60s
     msg "AES tests, test AESNI only"
     make clean
     make CC=gcc CFLAGS='-Werror -Wall -Wextra -mpclmul -msse2 -maes'
-    strings ./programs/test/selftest | grep -q "AES note: using AESNI"
-    strings ./programs/test/selftest | not grep -q "AES note: built-in implementation."
     ./programs/test/selftest aes | grep -q "AES note: using AESNI"
     ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    not grep -q "AES note: built-in implementation." ./programs/test/selftest
+
 
 }
 

From ba42b076f96f75deec965fc646ef068bc5cca670 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 10 Aug 2023 12:53:26 +0800
Subject: [PATCH 181/264] Remove asm check for aarch64 aesce

we implement it with aesce intrinsic. No asm needed.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index 668f1d1e34..bf7d6cb4c7 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -34,7 +34,7 @@
 #include "mbedtls/platform_util.h"
 #include "mbedtls/error.h"
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__aarch64__)
+#if defined(__aarch64__)
 #if !defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From 13696bb07ba5a5de04ceef2857ad1f95bded8de4 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 10 Aug 2023 13:36:32 +0800
Subject: [PATCH 182/264] improve check config option for i386

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/check_config.h | 4 ----
 library/aes.c                  | 7 +++++--
 library/padlock.c              | 4 ----
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7a87971070..e4fbb17d7e 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -412,10 +412,6 @@
 #error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
-#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
-#endif
-
 #if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
 #error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
 #endif
diff --git a/library/aes.c b/library/aes.c
index bf7d6cb4c7..52e361a283 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -47,11 +47,14 @@
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && defined(__i386__) && \
-    !defined(MBEDTLS_HAVE_ASAN)
+#if defined(__i386__)
 #if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY not supported yet for i386."
 #endif
+
+#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
+#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
+#endif
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C)
diff --git a/library/padlock.c b/library/padlock.c
index 38d110e0b3..f42c40ff93 100644
--- a/library/padlock.c
+++ b/library/padlock.c
@@ -33,10 +33,6 @@
 
 #if defined(MBEDTLS_HAVE_X86)
 
-#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
-#endif
-
 /*
  * PadLock detection routine
  */

From 8189f3294589f246f9810683242018c8f5c9caca Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 10 Aug 2023 13:53:41 +0800
Subject: [PATCH 183/264] improve aesni check for x86_64

`MBEDTLS_AESNI_C` does not depends on `MBEDTLS_HAVE_ASM`
when intrinsic is available.

And compiler relative checks only work on x86_64, it should
be only checked on x86_64.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c   |  3 +--
 library/aesni.h | 12 +++++++-----
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 52e361a283..4cb9ce1c14 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -40,8 +40,7 @@
 #endif
 #endif
 
-#if defined(MBEDTLS_HAVE_ASM) && \
-    (defined(__amd64__) || defined(__x86_64__))
+#if defined(__amd64__) || defined(__x86_64__)
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
diff --git a/library/aesni.h b/library/aesni.h
index f461ae2887..da97023cbe 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -35,13 +35,13 @@
 /* Can we do AESNI with inline assembly?
  * (Only implemented with gas syntax, only for 64-bit.)
  */
-#if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
-    (defined(__amd64__) || defined(__x86_64__))   &&  \
-    !defined(MBEDTLS_HAVE_X86_64)
+#if !defined(MBEDTLS_HAVE_X86_64) && \
+    (defined(__amd64__) || defined(__x86_64__) || \
+    defined(_M_X64) || defined(_M_AMD64))
 #define MBEDTLS_HAVE_X86_64
 #endif
 
-#if defined(MBEDTLS_AESNI_C)
+#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
 
 /* Can we do AESNI with intrinsics?
  * (Only implemented with certain compilers, only for certain targets.)
@@ -67,8 +67,10 @@
  * In the long run, we will likely remove the assembly implementation. */
 #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
-#elif defined(MBEDTLS_HAVE_X86_64)
+#elif defined(MBEDTLS_HAVE_ASM)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
+#else
+#error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"
 #endif
 
 #if defined(MBEDTLS_AESNI_HAVE_CODE)

From b2bc1712a5578ef8f4a644b5a1f35c41fa5c9f2c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 8 Feb 2019 17:27:11 +0100
Subject: [PATCH 184/264] Reduce the size of the small primes table used by
 primality testing

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/bignum.c | 62 ++++++++++++++++++++++++------------------------
 1 file changed, 31 insertions(+), 31 deletions(-)

diff --git a/library/bignum.c b/library/bignum.c
index d559c9e76f..f84b2e7cef 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -2171,29 +2171,29 @@ cleanup:
 
 #if defined(MBEDTLS_GENPRIME)
 
-static const int small_prime[] =
-{
-    3,    5,    7,   11,   13,   17,   19,   23,
-    29,   31,   37,   41,   43,   47,   53,   59,
-    61,   67,   71,   73,   79,   83,   89,   97,
-    101,  103,  107,  109,  113,  127,  131,  137,
-    139,  149,  151,  157,  163,  167,  173,  179,
-    181,  191,  193,  197,  199,  211,  223,  227,
-    229,  233,  239,  241,  251,  257,  263,  269,
-    271,  277,  281,  283,  293,  307,  311,  313,
-    317,  331,  337,  347,  349,  353,  359,  367,
-    373,  379,  383,  389,  397,  401,  409,  419,
-    421,  431,  433,  439,  443,  449,  457,  461,
-    463,  467,  479,  487,  491,  499,  503,  509,
-    521,  523,  541,  547,  557,  563,  569,  571,
-    577,  587,  593,  599,  601,  607,  613,  617,
-    619,  631,  641,  643,  647,  653,  659,  661,
-    673,  677,  683,  691,  701,  709,  719,  727,
-    733,  739,  743,  751,  757,  761,  769,  773,
-    787,  797,  809,  811,  821,  823,  827,  829,
-    839,  853,  857,  859,  863,  877,  881,  883,
-    887,  907,  911,  919,  929,  937,  941,  947,
-    953,  967,  971,  977,  983,  991,  997, -103
+/* Gaps between primes, starting at 3. https://oeis.org/A001223 */
+static const unsigned char small_prime_gaps[] = {
+    2, 2, 4, 2, 4, 2, 4, 6,
+    2, 6, 4, 2, 4, 6, 6, 2,
+    6, 4, 2, 6, 4, 6, 8, 4,
+    2, 4, 2, 4, 14, 4, 6, 2,
+    10, 2, 6, 6, 4, 6, 6, 2,
+    10, 2, 4, 2, 12, 12, 4, 2,
+    4, 6, 2, 10, 6, 6, 6, 2,
+    6, 4, 2, 10, 14, 4, 2, 4,
+    14, 6, 10, 2, 4, 6, 8, 6,
+    6, 4, 6, 8, 4, 8, 10, 2,
+    10, 2, 6, 4, 6, 8, 4, 2,
+    4, 12, 8, 4, 8, 4, 6, 12,
+    2, 18, 6, 10, 6, 6, 2, 6,
+    10, 6, 6, 2, 6, 6, 4, 2,
+    12, 10, 2, 4, 6, 6, 2, 12,
+    4, 6, 8, 10, 8, 10, 8, 6,
+    6, 4, 8, 6, 4, 8, 4, 14,
+    10, 12, 2, 10, 2, 4, 2, 10,
+    14, 4, 2, 4, 14, 4, 2, 4,
+    20, 4, 8, 10, 8, 4, 6, 6,
+    14, 4, 6, 6, 8, 6, /*reaches 997*/
 };
 
 /*
@@ -2210,20 +2210,20 @@ static int mpi_check_small_factors(const mbedtls_mpi *X)
     int ret = 0;
     size_t i;
     mbedtls_mpi_uint r;
+    unsigned p = 3; /* The first odd prime */
 
     if ((X->p[0] & 1) == 0) {
         return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
     }
 
-    for (i = 0; small_prime[i] > 0; i++) {
-        if (mbedtls_mpi_cmp_int(X, small_prime[i]) <= 0) {
-            return 1;
-        }
-
-        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, small_prime[i]));
-
+    for (i = 0; i < sizeof(small_prime_gaps); p += small_prime_gaps[i], i++) {
+        MBEDTLS_MPI_CHK(mbedtls_mpi_mod_int(&r, X, p));
         if (r == 0) {
-            return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+            if (mbedtls_mpi_cmp_int(X, p) == 0) {
+                return 1;
+            } else {
+                return MBEDTLS_ERR_MPI_NOT_ACCEPTABLE;
+            }
         }
     }
 

From e6cb45e68ef8eefc8d57cbda2927ba18de7d00d8 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 10 Aug 2023 15:59:28 +0200
Subject: [PATCH 185/264] mbedtls_mpi_exp_mod: remove spurious copy of the
 output variable

Clear some confusion between `X` as the output variable and "X" as a name
given to the accumulator. Previous iterations of the code used the variable
`X` as the accumulator, but now that the accumulator is `W[x_index]`, some
of the comments didn't make sense.

Remove the copy of the initial value of `X` into `W[x_index]`, which was
meaningless: the initial value of an output variable should not, and did
not, matter. `W[x_index]` is later overridden unconditionally to take the
value `RR`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/bignum.c | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/library/bignum.c b/library/bignum.c
index f2a8641500..798d75824a 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1680,8 +1680,9 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
      * and squarings. Firstly, when multiplying by an element of the window
      * W[i], we do a constant-trace table lookup to obfuscate i. This leaves
      * squarings as having a different memory access patterns from other
-     * multiplications. So secondly, we put the accumulator X in the table as
-     * well, and also do a constant-trace table lookup to multiply by X.
+     * multiplications. So secondly, we put the accumulator in the table as
+     * well, and also do a constant-trace table lookup to multiply by the
+     * accumulator which is W[x_index].
      *
      * This way, all multiplications take the form of a lookup-and-multiply.
      * The number of lookup-and-multiply operations inside each iteration of
@@ -1694,19 +1695,16 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
      * observe both memory accesses and branches. However, branch prediction
      * exploitation typically requires many traces of execution over the same
      * data, which is defeated by randomized blinding.
-     *
-     * To achieve this, we make a copy of X and we use the table entry in each
-     * calculation from this point on.
      */
     const size_t x_index = 0;
     mbedtls_mpi_init(&W[x_index]);
-    mbedtls_mpi_copy(&W[x_index], X);
 
     j = N->n + 1;
-    /* All W[i] and X must have at least N->n limbs for the mpi_montmul()
-     * and mpi_montred() calls later. Here we ensure that W[1] and X are
-     * large enough, and later we'll grow other W[i] to the same length.
-     * They must not be shrunk midway through this function!
+    /* All W[i] including the accumulator must have at least N->n limbs for
+     * the mpi_montmul() and mpi_montred() calls later. Here we ensure that
+     * W[1] and the accumulator W[x_index] are large enough. later we'll grow
+     * other W[i] to the same length. They must not be shrunk midway through
+     * this function!
      */
     MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[x_index], j));
     MBEDTLS_MPI_CHK(mbedtls_mpi_grow(&W[1],  j));

From 240bb11171886b4ae36484c45a69c9623809758f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 11 Aug 2023 10:45:35 +0800
Subject: [PATCH 186/264] Add gnu check for aseni assembly code

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aesni.h b/library/aesni.h
index da97023cbe..dc6444270a 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -67,7 +67,7 @@
  * In the long run, we will likely remove the assembly implementation. */
 #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
-#elif defined(MBEDTLS_HAVE_ASM)
+#elif defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
 #else
 #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"

From c9ed5dee695272fb4f0a4aa141526d24998b68e8 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sat, 13 May 2023 12:47:02 +0100
Subject: [PATCH 187/264] Add aarch64 const-time asm

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h     | 44 ++++++++++++++++++++++++++++++++
 library/constant_time_internal.h |  2 ++
 2 files changed, 46 insertions(+)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 0c3cde99d1..a5284cb7a6 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -120,6 +120,19 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
      * Otherwise, we define a plain C fallback which (in May 2023) does not get optimised into
      * conditional instructions or branches by trunk clang, gcc, or MSVC v19.
      */
+#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
+    mbedtls_ct_uint_t s;
+    asm volatile ("neg %x[s], %x[x]                     \n\t"
+                  "orr %x[x], %x[s], %x[x]              \n\t"
+                  "asr %x[x], %x[x], 63"
+                  :
+                  [s] "=&r" (s),
+                  [x] "+&r" (x)
+                  :
+                  :
+                  );
+    return (mbedtls_ct_condition_t) x;
+#else
     const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x);
 #if defined(_MSC_VER)
     /* MSVC has a warning about unary minus on unsigned, but this is
@@ -132,19 +145,49 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif
+#endif
 }
 
 static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
                                               mbedtls_ct_uint_t if1,
                                               mbedtls_ct_uint_t if0)
 {
+#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
+    asm volatile ("and %x[if1], %x[if1], %x[condition]       \n\t"
+                  "mvn %x[condition], %x[condition]          \n\t"
+                  "and %x[condition], %x[condition], %x[if0] \n\t"
+                  "orr %x[condition], %x[if1], %x[condition]"
+                  :
+                  [condition] "+&r" (condition),
+                  [if1] "+&r" (if1)
+                  :
+                  [if0] "r" (if0)
+                  :
+                  );
+    return (mbedtls_ct_uint_t) condition;
+#else
     mbedtls_ct_condition_t not_cond =
         (mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition));
     return (mbedtls_ct_uint_t) ((condition & if1) | (not_cond & if0));
+#endif
 }
 
 static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
 {
+#if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
+    uint64_t s1, s2;
+    asm volatile ("eor     %x[s1], %x[y], %x[x]          \n\t"
+                  "sub     %x[s2], %x[x], %x[y]          \n\t"
+                  "bic     %x[s2], %x[s2], %[s1]         \n\t"
+                  "and     %x[s1], %x[s1], %x[y]         \n\t"
+                  "orr     %x[s1], %x[s2], %x[s1]        \n\t"
+                  "asr     %x[x], %x[s1], 63"
+                  : [s1] "=&r" (s1), [s2] "=&r" (s2), [x] "+r" (x)
+                  : [y] "r" (y)
+                  :
+                  );
+    return (mbedtls_ct_condition_t) x;
+#else
     /* Ensure that the compiler cannot optimise the following operations over x and y,
      * even if it knows the value of x and y.
      */
@@ -173,6 +216,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe
 
     // Convert to a condition (i.e., all bits set iff non-zero)
     return mbedtls_ct_bool(ret);
+#endif
 }
 
 static inline mbedtls_ct_condition_t mbedtls_ct_uint_ne(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h
index dabf720aa4..44b74aec63 100644
--- a/library/constant_time_internal.h
+++ b/library/constant_time_internal.h
@@ -85,12 +85,14 @@ typedef ptrdiff_t mbedtls_ct_int_t;
 typedef uint64_t  mbedtls_ct_condition_t;
 typedef uint64_t  mbedtls_ct_uint_t;
 typedef int64_t   mbedtls_ct_int_t;
+#define MBEDTLS_CT_SIZE_64
 #define MBEDTLS_CT_TRUE  ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(UINT64_MAX))
 #else
 /* Pointer size <= 32-bit, and no 64-bit MPIs */
 typedef uint32_t  mbedtls_ct_condition_t;
 typedef uint32_t  mbedtls_ct_uint_t;
 typedef int32_t   mbedtls_ct_int_t;
+#define MBEDTLS_CT_SIZE_32
 #define MBEDTLS_CT_TRUE  ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(UINT32_MAX))
 #endif
 #define MBEDTLS_CT_FALSE ((mbedtls_ct_condition_t) mbedtls_ct_compiler_opaque(0))

From ef2527901e3b410764e4dde15bb14f04568f69ce Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Sat, 13 May 2023 12:48:02 +0100
Subject: [PATCH 188/264] Add aarch32 const-time asm

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 44 ++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index a5284cb7a6..3c82bd53fa 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -132,6 +132,18 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
                   :
                   );
     return (mbedtls_ct_condition_t) x;
+#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
+    uint32_t s;
+    asm volatile ("neg %[s], %[x]                       \n\t"
+                  "orr %[x], %[x], %[s]                 \n\t"
+                  "asr %[x], %[x], #31"
+                  :
+                  [s] "=&l" (s),
+                  [x] "+&l" (x)
+                  :
+                  :
+                  );
+    return (mbedtls_ct_condition_t) x;
 #else
     const mbedtls_ct_uint_t xo = mbedtls_ct_compiler_opaque(x);
 #if defined(_MSC_VER)
@@ -165,6 +177,19 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
                   :
                   );
     return (mbedtls_ct_uint_t) condition;
+#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
+    asm volatile ("and %[if1], %[if1], %[condition]          \n\t"
+                  "mvn %[condition], %[condition]            \n\t"
+                  "and %[condition], %[condition], %[if0]    \n\t"
+                  "orr %[condition], %[if1], %[condition]"
+                  :
+                  [condition] "+&l" (condition),
+                  [if1] "+&l" (if1)
+                  :
+                  [if0] "l" (if0)
+                  :
+                  );
+    return (mbedtls_ct_uint_t) condition;
 #else
     mbedtls_ct_condition_t not_cond =
         (mbedtls_ct_condition_t) (~mbedtls_ct_compiler_opaque(condition));
@@ -187,6 +212,25 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe
                   :
                   );
     return (mbedtls_ct_condition_t) x;
+#elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
+    uint32_t s1;
+    asm volatile (
+#if defined(__thumb__) && !defined(__thumb2__)
+        "mov     %[s1], %[x]                \n\t"
+        "eor     %[s1], %[s1], %[y]         \n\t"
+#else
+        "eor     %[s1], %[x], %[y]          \n\t"
+#endif
+        "sub     %[x], %[x], %[y]           \n\t"
+        "bic     %[x], %[x], %[s1]          \n\t"
+        "and     %[y], %[s1], %[y]          \n\t"
+        "orr     %[x], %[x], %[y]           \n\t"
+        "asr     %[x], %[x], #31"
+        : [s1] "=&l" (s1), [x] "+&l" (x),  [y] "+&l" (y)
+        :
+        :
+        );
+    return (mbedtls_ct_condition_t) x;
 #else
     /* Ensure that the compiler cannot optimise the following operations over x and y,
      * even if it knows the value of x and y.

From 822c9c7d4edc88bc703adbaeb01017075f9ec7dc Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 12 Jun 2023 15:38:49 +0100
Subject: [PATCH 189/264] Fix unified asm syntax issue

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 61 +++++++++++++++++++++++++++---------
 1 file changed, 46 insertions(+), 15 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 3c82bd53fa..35b0ee8442 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -134,14 +134,39 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
     return (mbedtls_ct_condition_t) x;
 #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
     uint32_t s;
-    asm volatile ("neg %[s], %[x]                       \n\t"
-                  "orr %[x], %[x], %[s]                 \n\t"
-                  "asr %[x], %[x], #31"
+    /*
+     * Selecting unified syntax is needed for gcc, and harmless on clang.
+     *
+     * This is needed because on Thumb 1, condition flags are always set, so
+     * e.g. "negs" is supported but "neg" is not (on Thumb 2, both exist).
+     *
+     * Under Thumb 1 unified syntax, only the "negs" form is accepted, and
+     * under divided syntax, only the "neg" form is accepted. clang only
+     * supports unified syntax.
+     *
+     * On Thumb 2 and Arm, both compilers are happy with the "s" suffix,
+     * although we don't actually care about setting the flags.
+     *
+     * For gcc, restore divided syntax afterwards - otherwise old versions of gcc
+     * seem to apply unified syntax globally, which breaks other asm code.
+     */
+#if !defined(__clang__)
+#define RESTORE_ASM_SYNTAX  ".syntax divided             \n\t"
+#else
+#define RESTORE_ASM_SYNTAX
+#endif
+
+    asm volatile (".syntax unified                       \n\t"
+                  "negs %[s], %[x]                       \n\t"
+                  "orrs %[x], %[x], %[s]                 \n\t"
+                  "asrs %[x], %[x], #31                  \n\t"
+                  RESTORE_ASM_SYNTAX
                   :
                   [s] "=&l" (s),
                   [x] "+&l" (x)
                   :
                   :
+                  "cc" /* clobbers flag bits */
                   );
     return (mbedtls_ct_condition_t) x;
 #else
@@ -178,16 +203,19 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
                   );
     return (mbedtls_ct_uint_t) condition;
 #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
-    asm volatile ("and %[if1], %[if1], %[condition]          \n\t"
-                  "mvn %[condition], %[condition]            \n\t"
-                  "and %[condition], %[condition], %[if0]    \n\t"
-                  "orr %[condition], %[if1], %[condition]"
+    asm volatile (".syntax unified                           \n\t"
+                  "ands %[if1], %[if1], %[condition]         \n\t"
+                  "mvns %[condition], %[condition]           \n\t"
+                  "ands %[condition], %[condition], %[if0]   \n\t"
+                  "orrs %[condition], %[if1], %[condition]   \n\t"
+                  RESTORE_ASM_SYNTAX
                   :
                   [condition] "+&l" (condition),
                   [if1] "+&l" (if1)
                   :
                   [if0] "l" (if0)
                   :
+                  "cc"
                   );
     return (mbedtls_ct_uint_t) condition;
 #else
@@ -215,20 +243,23 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe
 #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
     uint32_t s1;
     asm volatile (
+        ".syntax unified                    \n\t"
 #if defined(__thumb__) && !defined(__thumb2__)
-        "mov     %[s1], %[x]                \n\t"
-        "eor     %[s1], %[s1], %[y]         \n\t"
+        "movs     %[s1], %[x]               \n\t"
+        "eors     %[s1], %[s1], %[y]        \n\t"
 #else
-        "eor     %[s1], %[x], %[y]          \n\t"
+        "eors     %[s1], %[x], %[y]         \n\t"
 #endif
-        "sub     %[x], %[x], %[y]           \n\t"
-        "bic     %[x], %[x], %[s1]          \n\t"
-        "and     %[y], %[s1], %[y]          \n\t"
-        "orr     %[x], %[x], %[y]           \n\t"
-        "asr     %[x], %[x], #31"
+        "subs    %[x], %[x], %[y]           \n\t"
+        "bics    %[x], %[x], %[s1]          \n\t"
+        "ands    %[y], %[s1], %[y]          \n\t"
+        "orrs    %[x], %[x], %[y]           \n\t"
+        "asrs    %[x], %[x], #31            \n\t"
+        RESTORE_ASM_SYNTAX
         : [s1] "=&l" (s1), [x] "+&l" (x),  [y] "+&l" (y)
         :
         :
+        "cc"
         );
     return (mbedtls_ct_condition_t) x;
 #else

From 246210e3c4782e8ec392fbc3fbbf6ce3276e131d Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 31 Jul 2023 18:07:44 +0100
Subject: [PATCH 190/264] Test CT asm under valgrind

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 10 ++++++++--
 tests/scripts/all.sh         | 20 ++++++++++++++++++++
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 35b0ee8442..111b9af5a0 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -48,8 +48,14 @@
     #pragma GCC diagnostic ignored "-Wredundant-decls"
 #endif
 
-/* Disable asm under Memsan because it confuses Memsan and generates false errors */
-#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
+/* Disable asm under Memsan because it confuses Memsan and generates false errors.
+ *
+ * We also disable under Valgrind by default, because it's more useful
+ * for Valgrind to test the plain C implementation. MBEDTLS_TEST_CONSTANT_FLOW_ASM //no-check-names
+ * may be set to permit building asm under Valgrind.
+ */
+#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) || \
+    (defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) && !defined(MBEDTLS_TEST_CONSTANT_FLOW_ASM)) //no-check-names
 #define MBEDTLS_CT_NO_ASM
 #elif defined(__has_feature)
 #if __has_feature(memory_sanitizer)
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 2afc18166f..300ca1a8c1 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1892,6 +1892,16 @@ skip_suites_without_constant_flow () {
     export SKIP_TEST_SUITES
 }
 
+skip_all_except_given_suite () {
+    # Skip all but the given test suite
+    SKIP_TEST_SUITES=$(
+        ls -1 tests/suites/test_suite_*.function |
+        grep -v $1.function |
+         sed 's/tests.suites.test_suite_//; s/\.function$//' |
+        tr '\n' ,)
+    export SKIP_TEST_SUITES
+}
+
 component_test_memsan_constant_flow () {
     # This tests both (1) accesses to undefined memory, and (2) branches or
     # memory access depending on secret values. To distinguish between those:
@@ -1951,6 +1961,16 @@ component_test_valgrind_constant_flow () {
     # details are left in Testing/<date>/DynamicAnalysis.xml
     msg "test: some suites (full minus MBEDTLS_USE_PSA_CRYPTO, valgrind + constant flow)"
     make memcheck
+
+    # Test asm path in constant time module - by default, it will test the plain C
+    # path under Valgrind or Memsan. Running only the constant_time tests is fast (<1s)
+    msg "test: valgrind asm constant_time"
+    scripts/config.py --force set MBEDTLS_TEST_CONSTANT_FLOW_ASM
+    skip_all_except_given_suite test_suite_constant_time
+    cmake -D CMAKE_BUILD_TYPE:String=Release .
+    make clean
+    make
+    make memcheck
 }
 
 component_test_valgrind_constant_flow_psa () {

From 42391b4378e5855735e97ea9541cf93ba107e3f2 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 19 May 2023 10:33:21 +0100
Subject: [PATCH 191/264] Perf improvement in memcpy_if

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/library/constant_time.c b/library/constant_time.c
index 86cc066b03..6c7ef56782 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -152,8 +152,13 @@ void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
                           const unsigned char *src2,
                           size_t len)
 {
+#if defined(MBEDTLS_CT_SIZE_64)
+    const uint64_t mask     = (uint64_t) condition;
+    const uint64_t not_mask = (uint64_t) ~mbedtls_ct_compiler_opaque(condition);
+#else
     const uint32_t mask     = (uint32_t) condition;
     const uint32_t not_mask = (uint32_t) ~mbedtls_ct_compiler_opaque(condition);
+#endif
 
     /* If src2 is NULL, setup src2 so that we read from the destination address.
      *
@@ -167,11 +172,19 @@ void mbedtls_ct_memcpy_if(mbedtls_ct_condition_t condition,
     /* dest[i] = c1 == c2 ? src[i] : dest[i] */
     size_t i = 0;
 #if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
+#if defined(MBEDTLS_CT_SIZE_64)
+    for (; (i + 8) <= len; i += 8) {
+        uint64_t a = mbedtls_get_unaligned_uint64(src1 + i) & mask;
+        uint64_t b = mbedtls_get_unaligned_uint64(src2 + i) & not_mask;
+        mbedtls_put_unaligned_uint64(dest + i, a | b);
+    }
+#else
     for (; (i + 4) <= len; i += 4) {
         uint32_t a = mbedtls_get_unaligned_uint32(src1 + i) & mask;
         uint32_t b = mbedtls_get_unaligned_uint32(src2 + i) & not_mask;
         mbedtls_put_unaligned_uint32(dest + i, a | b);
     }
+#endif /* defined(MBEDTLS_CT_SIZE_64) */
 #endif /* MBEDTLS_EFFICIENT_UNALIGNED_ACCESS */
     for (; i < len; i++) {
         dest[i] = (src1[i] & mask) | (src2[i] & not_mask);

From 2e3858f5eb001cdc4d42980103e4af732c8742ed Mon Sep 17 00:00:00 2001
From: Chien Wong <m@xv97.com>
Date: Fri, 11 Aug 2023 18:16:06 +0800
Subject: [PATCH 192/264] Undo a change

Signed-off-by: Chien Wong <m@xv97.com>
---
 library/bignum.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/bignum.c b/library/bignum.c
index 7661dd3aea..9c686ad275 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1706,7 +1706,7 @@ int mbedtls_mpi_exp_mod(mbedtls_mpi *X, const mbedtls_mpi *A,
      */
     const size_t x_index = 0;
     mbedtls_mpi_init(&W[x_index]);
-    MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&W[x_index], X));
+    mbedtls_mpi_copy(&W[x_index], X);
 
     j = N->n + 1;
     /* All W[i] and X must have at least N->n limbs for the mpi_montmul()

From a4c477becd0d0e7c8b1c0454335290884399f9e2 Mon Sep 17 00:00:00 2001
From: Chien Wong <m@xv97.com>
Date: Fri, 11 Aug 2023 18:19:15 +0800
Subject: [PATCH 193/264] Add changelog entry

Signed-off-by: Chien Wong <m@xv97.com>
---
 ChangeLog.d/fix-a-few-unchecked-return.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/fix-a-few-unchecked-return.txt

diff --git a/ChangeLog.d/fix-a-few-unchecked-return.txt b/ChangeLog.d/fix-a-few-unchecked-return.txt
new file mode 100644
index 0000000000..aadde36315
--- /dev/null
+++ b/ChangeLog.d/fix-a-few-unchecked-return.txt
@@ -0,0 +1,3 @@
+Bugfix
+   * Fix some cases where mbedtls_mpi_mod_exp, RSA key construction or ECDSA
+     signature can silently return an incorrect result in low memory conditions.

From 2a12fc20f2d28727ee0cc6b29fa1cf8dd8192ebd Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Fri, 11 Aug 2023 17:45:20 +0100
Subject: [PATCH 194/264] Fix logical dead code found by Coverity

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 library/psa_crypto_pake.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto_pake.c b/library/psa_crypto_pake.c
index caba5a115f..8de8569ce4 100644
--- a/library/psa_crypto_pake.c
+++ b/library/psa_crypto_pake.c
@@ -178,12 +178,12 @@ psa_status_t mbedtls_psa_pake_setup(mbedtls_psa_pake_operation_t *operation,
         return status;
     }
 
-    psa_crypto_driver_pake_get_user_len(inputs, &user_len);
+    status = psa_crypto_driver_pake_get_user_len(inputs, &user_len);
     if (status != PSA_SUCCESS) {
         return status;
     }
 
-    psa_crypto_driver_pake_get_peer_len(inputs, &peer_len);
+    status = psa_crypto_driver_pake_get_peer_len(inputs, &peer_len);
     if (status != PSA_SUCCESS) {
         return status;
     }

From 1998aac349a36f4a810e1f07f271eab55e80c7b4 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 14 Aug 2023 10:33:37 +0800
Subject: [PATCH 195/264] logging_util: support to tweak loglevel directed to
 stderr/stdout

Previously we set loglevel >= WARNING printed to stderr and
loglevel < WARNING printed to stdout. To be more flexible, we
replace this `WARNING` value with an argument: split_level and leave
`WARNING` as default split_level if not set.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py        |  7 ++-----
 scripts/mbedtls_dev/logging_util.py | 16 +++++++++-------
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 72c69e488b..672b80366f 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -906,11 +906,8 @@ def main():
     comp_args = parser.parse_args()
 
     logger = logging.getLogger()
-    logging_util.configure_logger(logger)
-    if comp_args.stdout and not comp_args.verbose:
-        logger.setLevel(logging.ERROR)
-    else:
-        logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
+    logging_util.configure_logger(logger, split_level=logging.NOTSET)
+    logger.setLevel(logging.DEBUG if comp_args.verbose else logging.INFO)
 
     if os.path.isfile(comp_args.record_dir):
         logger.error("record directory: {} is not a directory"
diff --git a/scripts/mbedtls_dev/logging_util.py b/scripts/mbedtls_dev/logging_util.py
index 85a3f19ace..db1ebfe5cf 100644
--- a/scripts/mbedtls_dev/logging_util.py
+++ b/scripts/mbedtls_dev/logging_util.py
@@ -21,14 +21,16 @@ import sys
 
 def configure_logger(
         logger: logging.Logger,
-        log_format="[%(levelname)s]: %(message)s"
+        log_format="[%(levelname)s]: %(message)s",
+        split_level=logging.WARNING
     ) -> None:
     """
     Configure the logging.Logger instance so that:
         - Format is set to any log_format.
             Default: "[%(levelname)s]: %(message)s"
-        - loglevel >= WARNING are printed to stderr.
-        - loglevel <  WARNING are printed to stdout.
+        - loglevel >= split_level are printed to stderr.
+        - loglevel <  split_level are printed to stdout.
+            Default: logging.WARNING
     """
     class MaxLevelFilter(logging.Filter):
         # pylint: disable=too-few-public-methods
@@ -41,14 +43,14 @@ def configure_logger(
 
     log_formatter = logging.Formatter(log_format)
 
-    # set loglevel >= WARNING to be printed to stderr
+    # set loglevel >= split_level to be printed to stderr
     stderr_hdlr = logging.StreamHandler(sys.stderr)
-    stderr_hdlr.setLevel(logging.WARNING)
+    stderr_hdlr.setLevel(split_level)
     stderr_hdlr.setFormatter(log_formatter)
 
-    # set loglevel <= INFO to be printed to stdout
+    # set loglevel < split_level to be printed to stdout
     stdout_hdlr = logging.StreamHandler(sys.stdout)
-    stdout_hdlr.addFilter(MaxLevelFilter(logging.INFO))
+    stdout_hdlr.addFilter(MaxLevelFilter(split_level - 1))
     stdout_hdlr.setFormatter(log_formatter)
 
     logger.addHandler(stderr_hdlr)

From 9a6ee71f6fe3c6c7283f3f3ac0be1116fc24449b Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 14 Aug 2023 11:30:24 +0800
Subject: [PATCH 196/264] code_size_compare: right-align numbers in the
 comparison result

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 672b80366f..d1e8a1b71b 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -604,10 +604,10 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
 
         if with_markdown:
             dash_line = [":----", "----:", "----:", "----:", "----:"]
-            line_format = "| {0:<30} | {1:<10} | {3:<10} | {2:<12} | {4:<12} |\n"
+            line_format = "| {0:<30} | {1:>10} | {3:>10} | {2:>12} | {4:>12} |\n"
             bold_text = lambda x: '**' + str(x) + '**'
         else:
-            line_format = "{0:<30} {1:<10} {3:<10} {2:<12} {4:<12}\n"
+            line_format = "{0:<30} {1:>10} {3:>10} {2:>12} {4:>12}\n"
 
         def cal_sect_change(
                 old_size: typing.Optional[CodeSizeGeneratorWithSize.SizeEntry],

From 0de1183e4cdc71c5f7a8524fbe669eee01853b2c Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 14 Aug 2023 11:54:47 +0800
Subject: [PATCH 197/264] code_size_compare: add `+` in front of positive
 values

In comparison result, to indicate it's a delta value, we add `+` in
front of positive values. For unchanged attributes, it's still
shown as `0'.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index d1e8a1b71b..841eb47d53 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -633,7 +633,8 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             """
             if old_size and new_size:
                 new_attr = new_size.__dict__[sect]
-                change_attr = new_size.__dict__[sect] - old_size.__dict__[sect]
+                delta = new_size.__dict__[sect] - old_size.__dict__[sect]
+                change_attr = '{0:{1}}'.format(delta, '+' if delta else '')
             elif old_size:
                 new_attr = - old_size.__dict__[sect]
                 change_attr = 'Removed'
@@ -665,7 +666,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 text_sect = cal_sect_change(old_size, new_size, 'text')
                 data_sect = cal_sect_change(old_size, new_size, 'data')
                 # skip the files that haven't changed in code size
-                if not show_all and text_sect[1] == 0 and data_sect[1] == 0:
+                if not show_all and text_sect[1] == '0' and data_sect[1] == '0':
                     continue
 
                 res.append([fname, *text_sect, *data_sect])

From 8a25e6fdb2b3b34811a4fd3b77faf0dbe4408936 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Mon, 14 Aug 2023 14:38:36 +0800
Subject: [PATCH 198/264] code_size_compare: add old text and data section in
 CSV output

To keep a concise markdown table, we don't list text and data
section from old Git revision. However, it should be ideal to keep
those two sections in CSV output. Therefore, we list comparison
result for CSV output in following format:

 filename new(text) new(data) old(text) old(data) change(text) change(data)

Additionally, if a file only exits in new Git revision not in old
Git revision, it's marked as `NotCreated` as we haven't created this
file yet from perspective of old Git revision.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 34 +++++++++++++++++++++++-----------
 1 file changed, 23 insertions(+), 11 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 841eb47d53..52e0345c33 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -597,17 +597,23 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
         # pylint: disable=too-many-locals
         """Write comparison result into a file.
 
-        Writing Format: filename new(text) new(data) change(text) change(data)
+        Writing Format:
+            Markdown Output:
+                filename new(text) new(data) change(text) change(data)
+            CSV Output:
+                filename new(text) new(data) old(text) old(data) change(text) change(data)
         """
-        header_line = ["filename", "new(text)", "change(text)", "new(data)",
-                       "change(data)"]
-
+        header_line = ["filename", "new(text)", "old(text)", "change(text)",
+                       "new(data)", "old(data)", "change(data)"]
         if with_markdown:
-            dash_line = [":----", "----:", "----:", "----:", "----:"]
-            line_format = "| {0:<30} | {1:>10} | {3:>10} | {2:>12} | {4:>12} |\n"
+            dash_line = [":----", "----:", "----:", "----:",
+                         "----:", "----:", "----:"]
+            # | filename | new(text) | new(data) | change(text) | change(data) |
+            line_format = "| {0:<30} | {1:>9} | {4:>9} | {3:>12} | {6:>12} |\n"
             bold_text = lambda x: '**' + str(x) + '**'
         else:
-            line_format = "{0:<30} {1:>10} {3:>10} {2:>12} {4:>12}\n"
+            # filename new(text) new(data) old(text) old(data) change(text) change(data)
+            line_format = "{0:<30} {1:>9} {4:>9} {2:>10} {5:>10} {3:>12} {6:>12}\n"
 
         def cal_sect_change(
                 old_size: typing.Optional[CodeSizeGeneratorWithSize.SizeEntry],
@@ -629,23 +635,28 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
             :param: sect: section to calculate from `size` tool. This could be
                           any instance variable in SizeEntry.
             :return: List of [section size of objects for new Git revision,
+                     section size of objects for old Git revision,
                      section size change of objects between two Git revisions]
             """
             if old_size and new_size:
                 new_attr = new_size.__dict__[sect]
-                delta = new_size.__dict__[sect] - old_size.__dict__[sect]
+                old_attr = old_size.__dict__[sect]
+                delta = new_attr - old_attr
                 change_attr = '{0:{1}}'.format(delta, '+' if delta else '')
             elif old_size:
                 new_attr = - old_size.__dict__[sect]
+                old_attr = old_size.__dict__[sect]
                 change_attr = 'Removed'
             elif new_size:
                 new_attr = new_size.__dict__[sect]
+                old_attr = 'NotCreated'
                 change_attr = 'None'
             else:
                 # Should never happen
                 new_attr = 'Error'
+                old_attr = 'Error'
                 change_attr = 'Error'
-            return [new_attr, change_attr]
+            return [new_attr, old_attr, change_attr]
 
         # sort dictionary by key
         sort_by_k = lambda item: item[0].lower()
@@ -656,7 +667,8 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                                         CodeSizeGeneratorWithSize.SizeEntry]]
             ) -> typing.List:
             """Return List of results in the format of:
-            [filename, new(text), change(text), new(data), change(data)]
+            [filename, new(text), old(text), change(text),
+             new(data), old(data), change(data)]
             """
             res = []
             for fname, revs_size in sorted(f_rev_size.items(), key=sort_by_k):
@@ -666,7 +678,7 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 text_sect = cal_sect_change(old_size, new_size, 'text')
                 data_sect = cal_sect_change(old_size, new_size, 'data')
                 # skip the files that haven't changed in code size
-                if not show_all and text_sect[1] == '0' and data_sect[1] == '0':
+                if not show_all and text_sect[-1] == '0' and data_sect[-1] == '0':
                     continue
 
                 res.append([fname, *text_sect, *data_sect])

From 07bdcc2b0dd181823702cc8f842a0b47c4cf3324 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Fri, 11 Aug 2023 14:59:03 +0100
Subject: [PATCH 199/264] Add allow list for non-executed test cases
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The allow list explicits which test cases are allowed to not be
executed when testing. This may be, for example, because a feature
is yet to be developed but the test for that feature is already in
our code base.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index c6891bb432..fde07159ed 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -73,15 +73,18 @@ def execute_reference_driver_tests(ref_component, driver_component, outcome_file
         Results.log("Error: failed to run reference/driver components")
         sys.exit(ret_val)
 
-def analyze_coverage(results, outcomes):
+def analyze_coverage(results, outcomes, allow_list):
     """Check that all available test cases are executed at least once."""
     available = check_test_cases.collect_available_test_cases()
     for key in available:
         hits = outcomes[key].hits() if key in outcomes else 0
-        if hits == 0:
+        if hits == 0 and key not in allow_list:
             # Make this a warning, not an error, as long as we haven't
             # fixed this branch to have full coverage of test cases.
             results.warning('Test case not executed: {}', key)
+        elif hits != 0 and key in allow_list:
+            # Test Case should be removed from the allow list.
+            results.warning('Allow listed test case was executed: {}', key)
 
 def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
                                 ignored_suites, ignored_test=None):
@@ -122,10 +125,10 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
             result = False
     return result
 
-def analyze_outcomes(outcomes):
+def analyze_outcomes(outcomes, allow_list):
     """Run all analyses on the given outcome collection."""
     results = Results()
-    analyze_coverage(results, outcomes)
+    analyze_coverage(results, outcomes, allow_list)
     return results
 
 def read_outcome_file(outcome_file):
@@ -151,10 +154,9 @@ by a semicolon.
 
 def do_analyze_coverage(outcome_file, args):
     """Perform coverage analysis."""
-    del args # unused
     outcomes = read_outcome_file(outcome_file)
     Results.log("\n*** Analyze coverage ***\n")
-    results = analyze_outcomes(outcomes)
+    results = analyze_outcomes(outcomes, args['allow_list'])
     return results.error_count == 0
 
 def do_analyze_driver_vs_reference(outcome_file, args):
@@ -175,7 +177,9 @@ def do_analyze_driver_vs_reference(outcome_file, args):
 TASKS = {
     'analyze_coverage':                 {
         'test_function': do_analyze_coverage,
-        'args': {}
+        'args': {
+            'allow_list': [],
+        }
         },
     # There are 2 options to use analyze_driver_vs_reference_xxx locally:
     # 1. Run tests and then analysis:

From b401e113ff3421d2f2c7bba5368bf0eb37920dff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Fri, 11 Aug 2023 15:22:04 +0100
Subject: [PATCH 200/264] Add a flag for requiring full coverage in coverage
 tests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Introduce the --require-full-coverage in analyze_outcomes.py so that
when analyze_outcomes.py --require-full-coverage is called, those
tests that are not executed and are not in the allowed list issue an
error instead of a warning.

Note that it is useful to run analyze_outcomes.py on incomplete test
results, so this error mode needs to remain optional in the long
term.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index fde07159ed..24f4da7739 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -73,15 +73,16 @@ def execute_reference_driver_tests(ref_component, driver_component, outcome_file
         Results.log("Error: failed to run reference/driver components")
         sys.exit(ret_val)
 
-def analyze_coverage(results, outcomes, allow_list):
+def analyze_coverage(results, outcomes, allow_list, full_coverage):
     """Check that all available test cases are executed at least once."""
     available = check_test_cases.collect_available_test_cases()
     for key in available:
         hits = outcomes[key].hits() if key in outcomes else 0
         if hits == 0 and key not in allow_list:
-            # Make this a warning, not an error, as long as we haven't
-            # fixed this branch to have full coverage of test cases.
-            results.warning('Test case not executed: {}', key)
+            if full_coverage:
+                results.error('Test case not executed: {}', key)
+            else:
+                results.warning('Test case not executed: {}', key)
         elif hits != 0 and key in allow_list:
             # Test Case should be removed from the allow list.
             results.warning('Allow listed test case was executed: {}', key)
@@ -125,10 +126,11 @@ def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
             result = False
     return result
 
-def analyze_outcomes(outcomes, allow_list):
+def analyze_outcomes(outcomes, args):
     """Run all analyses on the given outcome collection."""
     results = Results()
-    analyze_coverage(results, outcomes, allow_list)
+    analyze_coverage(results, outcomes, args['allow_list'],
+                     args['full_coverage'])
     return results
 
 def read_outcome_file(outcome_file):
@@ -156,7 +158,7 @@ def do_analyze_coverage(outcome_file, args):
     """Perform coverage analysis."""
     outcomes = read_outcome_file(outcome_file)
     Results.log("\n*** Analyze coverage ***\n")
-    results = analyze_outcomes(outcomes, args['allow_list'])
+    results = analyze_outcomes(outcomes, args)
     return results.error_count == 0
 
 def do_analyze_driver_vs_reference(outcome_file, args):
@@ -179,6 +181,7 @@ TASKS = {
         'test_function': do_analyze_coverage,
         'args': {
             'allow_list': [],
+            'full_coverage': False,
         }
         },
     # There are 2 options to use analyze_driver_vs_reference_xxx locally:
@@ -430,6 +433,11 @@ def main():
                                  'comma/space-separated list of tasks. ')
         parser.add_argument('--list', action='store_true',
                             help='List all available tasks and exit.')
+        parser.add_argument('--require-full-coverage', action='store_true',
+                            dest='full_coverage', help="Require all available "
+                            "test cases to be executed and issue an error "
+                            "otherwise. This flag is ignored if 'task' is "
+                            "neither 'all' nor 'analyze_coverage'")
         options = parser.parse_args()
 
         if options.list:
@@ -449,6 +457,9 @@ def main():
                     Results.log('Error: invalid task: {}'.format(task))
                     sys.exit(1)
 
+        TASKS['analyze_coverage']['args']['full_coverage'] = \
+            options.full_coverage
+
         for task in TASKS:
             if task in tasks:
                 if not TASKS[task]['test_function'](options.outcomes, TASKS[task]['args']):

From 358c6c644a49d5b86a3f24d3e69edbfb10e4c11d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Mon, 14 Aug 2023 15:43:46 +0100
Subject: [PATCH 201/264] Add EdDSA and XTS to the allow list
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

As specified in
https://github.com/Mbed-TLS/mbedtls/issues/5390#issuecomment-1669585707
EdDSA and XTS tests are legitimately never executed, so add them to
the allow list.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index 24f4da7739..e5abae7388 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -180,7 +180,11 @@ TASKS = {
     'analyze_coverage':                 {
         'test_function': do_analyze_coverage,
         'args': {
-            'allow_list': [],
+            'allow_list': [
+                'test_suite_psa_crypto_metadata;Asymmetric signature: '
+                'pure EdDSA',
+                'test_suite_psa_crypto_metadata;Cipher: XTS'
+                ],
             'full_coverage': False,
         }
         },

From 6c104b9b3b4378b3bdf62a31fd6a94186191de56 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Wed, 16 Aug 2023 11:47:24 +0530
Subject: [PATCH 202/264] Modify derive output test cases and add actual output

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.data | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 302a9aa48a..950a706e54 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -6391,7 +6391,7 @@ derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST
 
 PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #1, password as bytes, derive key
 depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256
-derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"":"":0:0:1
+derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"706173737764":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"55ac046e56e3089fec1691c22544b605f94185216dde0465e68b9d57c20dacbc49ca9cccf179b645991664b39d77ef317c71b845b1e30bd509112041d3a19783":"":0:0:1
 
 PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #1, salt before cost
 depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1
@@ -6457,7 +6457,7 @@ derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01"
 
 PSA key derivation: PBKDF2-AES-CMAC-PRF-128, Test vector 1, password as bytes, derive key
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
-derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"":"":0:0:1
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"1b72f6419173a06e27777606a315876ec71227de":"":0:0:1
 
 PSA key derivation: ECJPAKE to PMS, no input
 depends_on:PSA_WANT_ALG_SHA_256

From 9928ca1875cfbf998fa0e97f182892c047c3bad0 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Wed, 16 Aug 2023 11:48:27 +0530
Subject: [PATCH 203/264] Code styling

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 include/psa/crypto_values.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 50df3e3d04..241b7c80d1 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -2117,7 +2117,7 @@
 
 #define PSA_ALG_IS_PBKDF2(kdf_alg)                                      \
     (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg) || \
-     (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128))
+     ((kdf_alg) == PSA_ALG_PBKDF2_AES_CMAC_PRF_128))
 
 #define PSA_ALG_KEY_DERIVATION_MASK             ((psa_algorithm_t) 0xfe00ffff)
 #define PSA_ALG_KEY_AGREEMENT_MASK              ((psa_algorithm_t) 0xffff0000)

From e62ff095690ff0f45764f9e19c7973567f59f64f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 14:15:00 +0800
Subject: [PATCH 204/264] Restore aesni for i386

intrinsic code can be work on i386 also

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c   |  9 +++++----
 library/aesni.h | 11 +++++++++--
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 4cb9ce1c14..ebacc671a4 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -40,15 +40,16 @@
 #endif
 #endif
 
-#if defined(__amd64__) || defined(__x86_64__)
+#if defined(__amd64__) || defined(__x86_64__) || \
+    defined(_M_X64) || defined(_M_AMD64)
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 #endif
 
-#if defined(__i386__)
-#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-#error "MBEDTLS_AES_USE_HARDWARE_ONLY not supported yet for i386."
+#if defined(__i386__) || defined(_M_IX86)
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_AESNI_C)
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
diff --git a/library/aesni.h b/library/aesni.h
index dc6444270a..1cf01ec9e8 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -41,7 +41,13 @@
 #define MBEDTLS_HAVE_X86_64
 #endif
 
-#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
+#if !defined(MBEDTLS_HAVE_X86) && \
+    (defined(__i386__) || defined(_M_IX86))
+#define MBEDTLS_HAVE_X86
+#endif
+
+#if defined(MBEDTLS_AESNI_C) && \
+    (defined(MBEDTLS_HAVE_X86_64) || defined(MBEDTLS_HAVE_X86))
 
 /* Can we do AESNI with intrinsics?
  * (Only implemented with certain compilers, only for certain targets.)
@@ -67,7 +73,8 @@
  * In the long run, we will likely remove the assembly implementation. */
 #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS)
 #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics
-#elif defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__)
+#elif defined(MBEDTLS_HAVE_ASM) && \
+    defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
 #else
 #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"

From bc775c48c92bc524384dc0e31f39022073aa70af Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 16 Aug 2023 15:59:55 +0800
Subject: [PATCH 205/264] code_size_compare: handle deleted files and new files
 properly

'Removed' and 'NotCreated' should be displayed in new and old column
respectively. The value of delta is reflected on change column. This
commit handles the corner cases properly.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 scripts/code_size_compare.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index 52e0345c33..53d859edfa 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -644,13 +644,15 @@ class CodeSizeGeneratorWithSize(CodeSizeGenerator):
                 delta = new_attr - old_attr
                 change_attr = '{0:{1}}'.format(delta, '+' if delta else '')
             elif old_size:
-                new_attr = - old_size.__dict__[sect]
+                new_attr = 'Removed'
                 old_attr = old_size.__dict__[sect]
-                change_attr = 'Removed'
+                delta = - old_attr
+                change_attr = '{0:{1}}'.format(delta, '+' if delta else '')
             elif new_size:
                 new_attr = new_size.__dict__[sect]
                 old_attr = 'NotCreated'
-                change_attr = 'None'
+                delta = new_attr
+                change_attr = '{0:{1}}'.format(delta, '+' if delta else '')
             else:
                 # Should never happen
                 new_attr = 'Error'

From cc068ae6312ac7cb788abbbf3b3c3e0a78040840 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 16:07:57 +0800
Subject: [PATCH 206/264] fix `-Werror=return-type` when runtime detection
 enabled and plain c disabled

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/library/aes.c b/library/aes.c
index ebacc671a4..4ea4d22674 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -655,6 +655,13 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
+/* When runtime detection enabled and plain C is disabled, compiler
+   reports `-Werror=return-type`. */
+#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
+    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
+    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
+#endif
+
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     for (i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
@@ -1101,6 +1108,13 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
+/* When runtime detection enabled and plain C is disabled, compiler
+   reports `-Werror=return-type`. */
+#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
+    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
+    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
+#endif
+
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     if (mode == MBEDTLS_AES_ENCRYPT) {
         return mbedtls_internal_aes_encrypt(ctx, input, output);

From c628486cd93aa6ea50755e8afe059fd5ebb54664 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 16:08:42 +0800
Subject: [PATCH 207/264] enable runtime detection when padlock enabled and
 plain c disabled

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.c | 3 ++-
 library/aesni.h | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/library/aesni.c b/library/aesni.c
index cc3a3b3f38..427c2fdc6d 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,7 +39,8 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
+    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
 /*
  * AES-NI support detection routine
  */
diff --git a/library/aesni.h b/library/aesni.h
index 1cf01ec9e8..9e07905724 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -97,7 +97,8 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
+    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define mbedtls_aesni_has_support(what) 1

From b6d39c2f8cba00eca52bc8d1081b7ddbb2c44b29 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 15:11:48 +0800
Subject: [PATCH 208/264] Add aesni test for i386

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 56 ++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 54 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 508f0b05a4..ee639f71a0 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3900,11 +3900,63 @@ component_test_aesni () { # ~ 60s
     ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
     grep -q "AES note: using AESNI" ./programs/test/selftest
     not grep -q "AES note: built-in implementation." ./programs/test/selftest
-
-
 }
 
 
+
+support_test_aesni_m32() {
+    support_test_m32_o0 && (lscpu | grep -qw aes)
+}
+
+component_test_aesni_m32 () { # ~ 60s
+    # This tests are duplicated from component_test_aesni for i386 target
+    #
+    # AESNI intrinsic code supports i386 and assembly code does not support it.
+
+    msg "build: default config with different AES implementations"
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
+    scripts/config.py set MBEDTLS_HAVE_ASM
+
+    # test the intrinsics implementation
+    msg "AES tests, test intrinsics"
+    make clean
+    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
+    # check that we built intrinsics - this should be used by default when supported by the compiler
+    ./programs/test/selftest aes | grep "AESNI code" | grep -q "intrinsics"
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    grep -q "AES note: built-in implementation." ./programs/test/selftest
+    grep -q "AES note: using VIA Padlock" ./programs/test/selftest
+    grep -q mbedtls_aesni_has_support ./programs/test/selftest
+
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py set MBEDTLS_PADLOCK_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    msg "AES tests, test AESNI and VIA Padlock enabled"
+    make clean
+    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
+    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
+    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    not grep -q "AES note: built-in implementation." ./programs/test/selftest
+    grep -q "AES note: using VIA Padlock" ./programs/test/selftest
+    grep -q mbedtls_aesni_has_support ./programs/test/selftest
+
+    scripts/config.py set MBEDTLS_AESNI_C
+    scripts/config.py unset MBEDTLS_PADLOCK_C
+    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
+    msg "AES tests, test AESNI only"
+    make clean
+    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
+    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
+    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
+    grep -q "AES note: using AESNI" ./programs/test/selftest
+    not grep -q "AES note: built-in implementation." ./programs/test/selftest
+    not grep -q "AES note: using VIA Padlock" ./programs/test/selftest
+    not grep -q mbedtls_aesni_has_support ./programs/test/selftest
+}
+
 # For timebeing, no aarch64 gcc available in CI and no arm64 CI node.
 component_build_aes_aesce_armcc () {
     msg "Build: AESCE test on arm64 platform without plain C."

From 506759f5cedcdc8288220476d1d297d239b2b0e2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:11:22 +0800
Subject: [PATCH 209/264] fix build fail for via padlock test

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index ee639f71a0..4fccdf1d6e 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3989,9 +3989,11 @@ component_build_aes_aesce_armcc () {
 component_build_aes_via_padlock () {
 
     msg "AES:VIA PadLock, build with default configuration."
+    scripts/config.py unset MBEDTLS_AESNI_C
     scripts/config.py set MBEDTLS_PADLOCK_C
     scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
+    grep -q mbedtls_padlock_has_support ./programs/test/selftest
 
 }
 

From 3ce0398d1db329fbd88f217af6f7b5087b3abc35 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:22:18 +0800
Subject: [PATCH 210/264] Add compiler cflags error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.h | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/aesni.h b/library/aesni.h
index 9e07905724..93d9f0a132 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -76,6 +76,8 @@
 #elif defined(MBEDTLS_HAVE_ASM) && \
     defined(__GNUC__) && defined(MBEDTLS_HAVE_X86_64)
 #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly
+#elif defined(__GNUC__)
+#   error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C"
 #else
 #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available"
 #endif

From 516cf27d45cfb3e44960641e0924ca0a8461360f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:33:32 +0800
Subject: [PATCH 211/264] fix msvc build fail on i386 target

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 4ea4d22674..38ecd821a6 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -71,7 +71,7 @@
 
 #if !defined(MBEDTLS_AES_ALT)
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
 static int aes_padlock_ace = -1;
 #endif
 
@@ -578,7 +578,7 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 #if defined(MAY_NEED_TO_ALIGN)
     int align_16_bytes = 0;
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
     if (aes_padlock_ace == -1) {
         aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE);
     }
@@ -1102,7 +1102,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
     if (aes_padlock_ace > 0) {
         return mbedtls_padlock_xcryptecb(ctx, mode, input, output);
     }
@@ -1148,7 +1148,7 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
         return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
     }
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
     if (aes_padlock_ace > 0) {
         if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) {
             return 0;
@@ -1900,7 +1900,7 @@ int mbedtls_aes_self_test(int verbose)
 #if defined(MBEDTLS_AES_ALT)
         mbedtls_printf("  AES note: alternative implementation.\n");
 #else /* MBEDTLS_AES_ALT */
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
         if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
             mbedtls_printf("  AES note: using VIA Padlock.\n");
         } else

From bdd96b9adf5107c1e47fee26ec82fa118bffc790 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 16 Aug 2023 17:34:27 +0800
Subject: [PATCH 212/264] disable aesni for componets without cpu modifiers

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 4fccdf1d6e..9f64be2e7d 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4272,6 +4272,7 @@ component_test_m32_o0 () {
     # build) and not the i386-specific inline assembly.
     msg "build: i386, make, gcc -O0 (ASan build)" # ~ 30s
     scripts/config.py full
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O0" LDFLAGS="-m32 $ASAN_CFLAGS"
 
     msg "test: i386, make, gcc -O0 (ASan build)"
@@ -4289,6 +4290,7 @@ component_test_m32_o2 () {
     # and go faster for tests.
     msg "build: i386, make, gcc -O2 (ASan build)" # ~ 30s
     scripts/config.py full
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 
     msg "test: i386, make, gcc -O2 (ASan build)"
@@ -4304,6 +4306,7 @@ support_test_m32_o2 () {
 component_test_m32_everest () {
     msg "build: i386, Everest ECDH context (ASan build)" # ~ 6 min
     scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=gcc CFLAGS="$ASAN_CFLAGS -m32 -O2" LDFLAGS="-m32 $ASAN_CFLAGS"
 
     msg "test: i386, Everest ECDH context - main suites (inc. selftests) (ASan build)" # ~ 50s
@@ -4757,6 +4760,7 @@ component_test_tls13_only_record_size_limit () {
 
 component_build_mingw () {
     msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s
+    scripts/config.py unset MBEDTLS_AESNI_C # AESNI depends on cpu modifiers
     make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra' WINDOWS_BUILD=1 lib programs
 
     # note Make tests only builds the tests, but doesn't run them

From e4f6d79bbe70933d145479d89b45be265c26ca26 Mon Sep 17 00:00:00 2001
From: TTornblom <thomas.tornblom@iar.com>
Date: Thu, 16 Apr 2020 13:53:38 +0200
Subject: [PATCH 213/264] BUILD: Update For IAR support

Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.

Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 CMakeLists.txt          | 4 +++-
 library/constant_time.c | 2 +-
 library/psa_crypto.c    | 7 ++++++-
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9092c494d5..4d7e0b055d 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -226,7 +226,9 @@ if(CMAKE_COMPILER_IS_CLANG)
 endif(CMAKE_COMPILER_IS_CLANG)
 
 if(CMAKE_COMPILER_IS_IAR)
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts -Ohz")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} --warn_about_c_style_casts")
+    set(CMAKE_C_FLAGS_RELEASE     "-Ohz")
+    set(CMAKE_C_FLAGS_DEBUG       "--debug -On")
 endif(CMAKE_COMPILER_IS_IAR)
 
 if(CMAKE_COMPILER_IS_MSVC)
diff --git a/library/constant_time.c b/library/constant_time.c
index 832ded9e71..cb5003d022 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -78,7 +78,7 @@ static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsi
      */
     uint32_t r;
 #if defined(MBEDTLS_CT_ARM_ASM)
-    asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
+    __asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
 #elif defined(MBEDTLS_CT_AARCH64_ASM)
     asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :);
 #else
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 2b9eca8f28..352756dc88 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7049,8 +7049,13 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                                size_t peer_key_length)
 {
     psa_status_t status;
+#if PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE != 0
     uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE];
+    size_t shared_secret_length = sizeof(shared_secret);
+#else
+    uint8_t *shared_secret = NULL;
     size_t shared_secret_length = 0;
+#endif
     psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg);
 
     /* Step 1: run the secret agreement algorithm to generate the shared
@@ -7059,7 +7064,7 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                             private_key,
                                             peer_key, peer_key_length,
                                             shared_secret,
-                                            sizeof(shared_secret),
+                                            shared_secret_length,
                                             &shared_secret_length);
     if (status != PSA_SUCCESS) {
         goto exit;

From 1ee4d1228ccd77a79d38a3dd3c1e200a39dfccf3 Mon Sep 17 00:00:00 2001
From: Antonio de Angelis <Antonio.deAngelis@arm.com>
Date: Wed, 16 Aug 2023 12:26:37 +0100
Subject: [PATCH 214/264] Fix error strings without quotes

Some of the error strings that should be printed with the
error preprocessor directive are missing quotes

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 library/aes.c                | 2 +-
 library/common.h             | 2 +-
 library/constant_time.c      | 2 +-
 library/entropy_poll.c       | 2 +-
 library/psa_crypto_storage.h | 2 +-
 library/x509_crt.c           | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index b55c08ab1e..fa773ec601 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1866,7 +1866,7 @@ int mbedtls_aes_self_test(int verbose)
 #elif MBEDTLS_AESNI_HAVE_CODE == 2
         mbedtls_printf("  AES note: AESNI code present (intrinsics implementation).\n");
 #else
-#error Unrecognised value for MBEDTLS_AESNI_HAVE_CODE
+#error "Unrecognised value for MBEDTLS_AESNI_HAVE_CODE"
 #endif
         if (mbedtls_aesni_has_support(MBEDTLS_AESNI_AES)) {
             mbedtls_printf("  AES note: using AESNI.\n");
diff --git a/library/common.h b/library/common.h
index 97dc1d3dec..3c472c685d 100644
--- a/library/common.h
+++ b/library/common.h
@@ -288,7 +288,7 @@ static inline void mbedtls_xor_no_simd(unsigned char *r,
 /* Normal case (64-bit pointers): use "r" as the constraint for pointer operands to asm */
 #define MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT "r"
 #else
-#error Unrecognised pointer size for aarch64
+#error "Unrecognised pointer size for aarch64"
 #endif
 #endif
 
diff --git a/library/constant_time.c b/library/constant_time.c
index cb5003d022..4b71a3da48 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -82,7 +82,7 @@ static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsi
 #elif defined(MBEDTLS_CT_AARCH64_ASM)
     asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :);
 #else
-#error No assembly defined for mbedtls_get_unaligned_volatile_uint32
+#error "No assembly defined for mbedtls_get_unaligned_volatile_uint32"
 #endif
     return r;
 }
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index f90167ca82..bc71307f5b 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -75,7 +75,7 @@ int mbedtls_platform_entropy_poll(void *data, unsigned char *output, size_t len,
     return 0;
 }
 #else /* !_WIN32_WINNT_WINXP */
-#error Entropy not available before Windows XP, use MBEDTLS_NO_PLATFORM_ENTROPY
+#error "Entropy not available before Windows XP, use MBEDTLS_NO_PLATFORM_ENTROPY"
 #endif /* !_WIN32_WINNT_WINXP */
 #else /* _WIN32 && !EFIX64 && !EFI32 */
 
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 04768f8a43..edd9b947cd 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -39,7 +39,7 @@ extern "C" {
 /* Sanity check: a file size must fit in 32 bits. Allow a generous
  * 64kB of metadata. */
 #if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
-#error PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000
+#error "PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000"
 #endif
 
 /** The maximum permitted persistent slot number.
diff --git a/library/x509_crt.c b/library/x509_crt.c
index b40bad2f44..2cbced210e 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1599,7 +1599,7 @@ int mbedtls_x509_crt_parse_path(mbedtls_x509_crt *chain, const char *path)
 cleanup:
     FindClose(hFind);
 #else /* !_WIN32_WINNT_XP */
-#error mbedtls_x509_crt_parse_path not available before Windows XP
+#error "mbedtls_x509_crt_parse_path not available before Windows XP"
 #endif /* !_WIN32_WINNT_XP */
 #else /* _WIN32 */
     int t_ret;

From f1adc2a7a1e44feef10be3c311e5819fe0b2fd67 Mon Sep 17 00:00:00 2001
From: Antonio de Angelis <Antonio.deAngelis@arm.com>
Date: Wed, 16 Aug 2023 12:31:54 +0100
Subject: [PATCH 215/264] Use asm instead of __asm in constant_time.c

The original IAR fix submitted to TF-M directly changed asm to __asm.
But mbed TLS now has a workaround for such cases hence just remove the
original change modification.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 library/constant_time.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/constant_time.c b/library/constant_time.c
index 4b71a3da48..12aed13f3b 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -78,7 +78,7 @@ static inline uint32_t mbedtls_get_unaligned_volatile_uint32(volatile const unsi
      */
     uint32_t r;
 #if defined(MBEDTLS_CT_ARM_ASM)
-    __asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
+    asm volatile ("ldr %0, [%1]" : "=r" (r) : "r" (p) :);
 #elif defined(MBEDTLS_CT_AARCH64_ASM)
     asm volatile ("ldr %w0, [%1]" : "=r" (r) : MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT(p) :);
 #else

From 285f85f962de082084d5ed4c82848a4a7df34959 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Wed, 16 Aug 2023 17:15:48 +0100
Subject: [PATCH 216/264] Remove unnecessary const type qualifiers in casts

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 library/constant_time_impl.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 0c3cde99d1..ea3669b8a6 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -189,8 +189,8 @@ static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low,
                                                          unsigned char c,
                                                          unsigned char t)
 {
-    const unsigned char co = (const unsigned char) mbedtls_ct_compiler_opaque(c);
-    const unsigned char to = (const unsigned char) mbedtls_ct_compiler_opaque(t);
+    const unsigned char co= (unsigned char) mbedtls_ct_compiler_opaque(c);
+    const unsigned char to= (unsigned char) mbedtls_ct_compiler_opaque(t);
 
     /* low_mask is: 0 if low <= c, 0x...ff if low > c */
     unsigned low_mask = ((unsigned) co - low) >> 8;

From 35b59d78056cea346d0cf3e3095a9689a3219831 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 10:34:15 +0800
Subject: [PATCH 217/264] exclude arm64ec mode for aesni

AESNI does not work correctly for msvc arm64ec

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/aesni.h b/library/aesni.h
index 93d9f0a132..d0daaefb36 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -37,7 +37,8 @@
  */
 #if !defined(MBEDTLS_HAVE_X86_64) && \
     (defined(__amd64__) || defined(__x86_64__) || \
-    defined(_M_X64) || defined(_M_AMD64))
+    defined(_M_X64) || defined(_M_AMD64)) && \
+    !defined(_M_ARM64EC)
 #define MBEDTLS_HAVE_X86_64
 #endif
 

From 2319af0d648045b973a502e287c6929063507e1d Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 10:38:57 +0800
Subject: [PATCH 218/264] Change the order of runtime detection

If aesni is available, we will use it.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 38ecd821a6..6ee9971d88 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -1900,11 +1900,6 @@ int mbedtls_aes_self_test(int verbose)
 #if defined(MBEDTLS_AES_ALT)
         mbedtls_printf("  AES note: alternative implementation.\n");
 #else /* MBEDTLS_AES_ALT */
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
-        if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
-            mbedtls_printf("  AES note: using VIA Padlock.\n");
-        } else
-#endif
 #if defined(MBEDTLS_AESNI_HAVE_CODE)
 #if MBEDTLS_AESNI_HAVE_CODE == 1
         mbedtls_printf("  AES note: AESNI code present (assembly implementation).\n");
@@ -1917,6 +1912,11 @@ int mbedtls_aes_self_test(int verbose)
             mbedtls_printf("  AES note: using AESNI.\n");
         } else
 #endif
+#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+        if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
+            mbedtls_printf("  AES note: using VIA Padlock.\n");
+        } else
+#endif
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
         if (mbedtls_aesce_has_support()) {
             mbedtls_printf("  AES note: using AESCE.\n");

From 9e628621b4e4ef95825d89552dc5444bb31158c2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 11:20:09 +0800
Subject: [PATCH 219/264] Add via padlock detection macro

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c     | 14 +++++++-------
 library/padlock.h |  2 ++
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 6ee9971d88..b99a8db921 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -71,7 +71,7 @@
 
 #if !defined(MBEDTLS_AES_ALT)
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
 static int aes_padlock_ace = -1;
 #endif
 
@@ -578,7 +578,7 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 #if defined(MAY_NEED_TO_ALIGN)
     int align_16_bytes = 0;
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
     if (aes_padlock_ace == -1) {
         aes_padlock_ace = mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE);
     }
@@ -1102,7 +1102,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
     if (aes_padlock_ace > 0) {
         return mbedtls_padlock_xcryptecb(ctx, mode, input, output);
     }
@@ -1110,8 +1110,8 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
 
 /* When runtime detection enabled and plain C is disabled, compiler
    reports `-Werror=return-type`. */
-#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
-    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
+    defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) && defined(MBEDTLS_AESNI_HAVE_CODE)
     return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
 #endif
 
@@ -1148,7 +1148,7 @@ int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
         return MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH;
     }
 
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
     if (aes_padlock_ace > 0) {
         if (mbedtls_padlock_xcryptcbc(ctx, mode, length, iv, input, output) == 0) {
             return 0;
@@ -1912,7 +1912,7 @@ int mbedtls_aes_self_test(int verbose)
             mbedtls_printf("  AES note: using AESNI.\n");
         } else
 #endif
-#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) && defined(__GNUC__)
+#if defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)
         if (mbedtls_padlock_has_support(MBEDTLS_PADLOCK_ACE)) {
             mbedtls_printf("  AES note: using VIA Padlock.\n");
         } else
diff --git a/library/padlock.h b/library/padlock.h
index b5f0d7d7a3..ae5c486541 100644
--- a/library/padlock.h
+++ b/library/padlock.h
@@ -42,6 +42,8 @@
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) && \
     !defined(MBEDTLS_HAVE_ASAN)
 
+#define MBEDTLS_VIA_PADLOCK_HAVE_CODE
+
 #ifndef MBEDTLS_HAVE_X86
 #define MBEDTLS_HAVE_X86
 #endif

From 1b4c7eda8066d24704987190c3e4bace871c451a Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 11:25:17 +0800
Subject: [PATCH 220/264] add hardware only check for padlock

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index b99a8db921..968cd31386 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -52,7 +52,8 @@
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
+#if defined(MBEDTLS_PADLOCK_C) && \
+    (!defined(MBEDTLS_HAVE_ASM) || defined(MBEDTLS_AES_USE_HARDWARE_ONLY))
 #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
 #endif
 #endif

From f258d17acda9da2c0dfb6bc3a4969433029ed66a Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 12:39:00 +0800
Subject: [PATCH 221/264] remove aesni + padlock - plain c tests

This test is not valid for padlock depends
on plain c

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 tests/scripts/all.sh | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 9f64be2e7d..a64c09efa4 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3930,19 +3930,6 @@ component_test_aesni_m32 () { # ~ 60s
     grep -q "AES note: using VIA Padlock" ./programs/test/selftest
     grep -q mbedtls_aesni_has_support ./programs/test/selftest
 
-    scripts/config.py set MBEDTLS_AESNI_C
-    scripts/config.py set MBEDTLS_PADLOCK_C
-    scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
-    msg "AES tests, test AESNI and VIA Padlock enabled"
-    make clean
-    make CC=gcc CFLAGS='-m32 -Werror -Wall -Wextra -mpclmul -msse2 -maes' LDFLAGS='-m32'
-    ./programs/test/selftest aes | grep -q "AES note: using AESNI"
-    ./programs/test/selftest aes | not grep -q "AES note: built-in implementation."
-    grep -q "AES note: using AESNI" ./programs/test/selftest
-    not grep -q "AES note: built-in implementation." ./programs/test/selftest
-    grep -q "AES note: using VIA Padlock" ./programs/test/selftest
-    grep -q mbedtls_aesni_has_support ./programs/test/selftest
-
     scripts/config.py set MBEDTLS_AESNI_C
     scripts/config.py unset MBEDTLS_PADLOCK_C
     scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY

From e9c6b53e74e2a316a6d3651b99fd0c4f6a7d37fb Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 13:53:38 +0800
Subject: [PATCH 222/264] remove return-type when runtime detection enabled
 without plain c

This case does not exist

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 968cd31386..7a6f2d91c2 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -656,13 +656,6 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
     }
 #endif
 
-/* When runtime detection enabled and plain C is disabled, compiler
-   reports `-Werror=return-type`. */
-#if defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
-    defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_AESNI_HAVE_CODE)
-    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
-#endif
-
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     for (i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
@@ -1109,13 +1102,6 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
     }
 #endif
 
-/* When runtime detection enabled and plain C is disabled, compiler
-   reports `-Werror=return-type`. */
-#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && \
-    defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE) && defined(MBEDTLS_AESNI_HAVE_CODE)
-    return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED;
-#endif
-
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
     if (mode == MBEDTLS_AES_ENCRYPT) {
         return mbedtls_internal_aes_encrypt(ctx, input, output);

From da8c587531132d01e00f500ac9e1ea3cbec059b6 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Thu, 17 Aug 2023 09:37:46 +0100
Subject: [PATCH 223/264] Add ChangeLog entry

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 ChangeLog.d/fix-iar-compiler-warnings.txt | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 ChangeLog.d/fix-iar-compiler-warnings.txt

diff --git a/ChangeLog.d/fix-iar-compiler-warnings.txt b/ChangeLog.d/fix-iar-compiler-warnings.txt
new file mode 100644
index 0000000000..b0bd3e1dfa
--- /dev/null
+++ b/ChangeLog.d/fix-iar-compiler-warnings.txt
@@ -0,0 +1,2 @@
+Bugfix
+   * Improve general IAR support
\ No newline at end of file

From 6c6b9f602c8b3673f0f453d4b0b0c1159454eced Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 16:53:01 +0800
Subject: [PATCH 224/264] Change document to match real status

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 include/mbedtls/mbedtls_config.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 3dcaa4614b..2c04ea739f 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -4015,8 +4015,8 @@
  *
  * If only one implementation is present, runtime detection will not be used.
  * This configuration will crash at runtime if running on a CPU without the
- * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C,
- * MBEDTLS_AESNI_C and/or MBEDTLS_PADLOCK_C is enabled & present in the build.
+ * necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
+ * and/or MBEDTLS_AESNI_C is enabled & present in the build.
  */
 //#define MBEDTLS_AES_USE_HARDWARE_ONLY
 

From 9ebfa7f64cf3e8749892676e94ad8060fb94844a Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Thu, 17 Aug 2023 10:00:01 +0100
Subject: [PATCH 225/264] Fix style

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 library/constant_time_impl.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index ea3669b8a6..b251a664c0 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -189,8 +189,8 @@ static inline unsigned char mbedtls_ct_uchar_in_range_if(unsigned char low,
                                                          unsigned char c,
                                                          unsigned char t)
 {
-    const unsigned char co= (unsigned char) mbedtls_ct_compiler_opaque(c);
-    const unsigned char to= (unsigned char) mbedtls_ct_compiler_opaque(t);
+    const unsigned char co = (unsigned char) mbedtls_ct_compiler_opaque(c);
+    const unsigned char to = (unsigned char) mbedtls_ct_compiler_opaque(t);
 
     /* low_mask is: 0 if low <= c, 0x...ff if low > c */
     unsigned low_mask = ((unsigned) co - low) >> 8;

From 3a0f044bdef4bd9556ede02ca9ce2039a92489b2 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 17:06:21 +0800
Subject: [PATCH 226/264] improve readability

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 7a6f2d91c2..5a22137337 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -620,9 +620,6 @@ static unsigned mbedtls_aes_rk_offset(uint32_t *buf)
 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-    unsigned int i;
-#endif
     uint32_t *RK;
 
     switch (keybits) {
@@ -657,14 +654,14 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 #endif
 
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-    for (i = 0; i < (keybits >> 5); i++) {
+    for (unsigned int i = 0; i < (keybits >> 5); i++) {
         RK[i] = MBEDTLS_GET_UINT32_LE(key, i << 2);
     }
 
     switch (ctx->nr) {
         case 10:
 
-            for (i = 0; i < 10; i++, RK += 4) {
+            for (unsigned int i = 0; i < 10; i++, RK += 4) {
                 RK[4]  = RK[0] ^ RCON[i] ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[3])]) ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[3])] <<  8) ^
@@ -680,7 +677,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 #if !defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH)
         case 12:
 
-            for (i = 0; i < 8; i++, RK += 6) {
+            for (unsigned int i = 0; i < 8; i++, RK += 6) {
                 RK[6]  = RK[0] ^ RCON[i] ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[5])]) ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[5])] <<  8) ^
@@ -697,7 +694,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 
         case 14:
 
-            for (i = 0; i < 7; i++, RK += 8) {
+            for (unsigned int i = 0; i < 7; i++, RK += 8) {
                 RK[8]  = RK[0] ^ RCON[i] ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_1(RK[7])]) ^
                          ((uint32_t) FSb[MBEDTLS_BYTE_2(RK[7])] <<  8) ^
@@ -735,7 +732,6 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
                            unsigned int keybits)
 {
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-    int i, j;
     uint32_t *SK;
 #endif
     int ret;
@@ -780,9 +776,9 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
     *RK++ = *SK++;
     *RK++ = *SK++;
     *RK++ = *SK++;
-
-    for (i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8) {
-        for (j = 0; j < 4; j++, SK++) {
+    SK -= 8;
+    for (int i = ctx->nr - 1; i > 0; i--, SK -= 8) {
+        for (int j = 0; j < 4; j++, SK++) {
             *RK++ = AES_RT0(FSb[MBEDTLS_BYTE_0(*SK)]) ^
                     AES_RT1(FSb[MBEDTLS_BYTE_1(*SK)]) ^
                     AES_RT2(FSb[MBEDTLS_BYTE_2(*SK)]) ^

From 9608447545c5c7b72439a865a3b8c81406467f82 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Thu, 17 Aug 2023 18:10:45 +0800
Subject: [PATCH 227/264] replace padlock_c with padlock_have_code

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index 5a22137337..888ac0f297 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -567,7 +567,7 @@ void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx)
  * Note that the offset is in units of elements of buf, i.e. 32-bit words,
  * i.e. an offset of 1 means 4 bytes and so on.
  */
-#if (defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)) ||        \
+#if (defined(MBEDTLS_VIA_PADLOCK_HAVE_CODE)) ||        \
     (defined(MBEDTLS_AESNI_C) && MBEDTLS_AESNI_HAVE_CODE == 2)
 #define MAY_NEED_TO_ALIGN
 #endif

From 2c018744e5bc102d9bb2cf74eef5180410832977 Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Thu, 17 Aug 2023 14:00:10 +0100
Subject: [PATCH 228/264] Add newline at end of changelog

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 ChangeLog.d/fix-iar-compiler-warnings.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ChangeLog.d/fix-iar-compiler-warnings.txt b/ChangeLog.d/fix-iar-compiler-warnings.txt
index b0bd3e1dfa..6250150f02 100644
--- a/ChangeLog.d/fix-iar-compiler-warnings.txt
+++ b/ChangeLog.d/fix-iar-compiler-warnings.txt
@@ -1,2 +1,3 @@
 Bugfix
-   * Improve general IAR support
\ No newline at end of file
+   * Improve general IAR support
+   
\ No newline at end of file

From 48eae138a5ed14e04d20c73b62154874d84fedeb Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Thu, 17 Aug 2023 14:07:23 +0100
Subject: [PATCH 229/264] Fix formatting in changelog

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 ChangeLog.d/fix-iar-compiler-warnings.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/ChangeLog.d/fix-iar-compiler-warnings.txt b/ChangeLog.d/fix-iar-compiler-warnings.txt
index 6250150f02..eefbd127d6 100644
--- a/ChangeLog.d/fix-iar-compiler-warnings.txt
+++ b/ChangeLog.d/fix-iar-compiler-warnings.txt
@@ -1,3 +1,2 @@
 Bugfix
    * Improve general IAR support
-   
\ No newline at end of file

From f2334b7b3900872beb662055269487d0bc6b6144 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 17 Aug 2023 12:24:46 +0000
Subject: [PATCH 230/264] Remove new bignum when not needed

New bignum modules are only needed when the new ecp_curves module is
present. Remove them when they are not needed to save code size.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 library/bignum_mod.c                            | 4 ++--
 library/bignum_mod_raw.c                        | 4 ++--
 tests/src/bignum_helpers.c                      | 2 ++
 tests/suites/test_suite_bignum_mod.function     | 2 +-
 tests/suites/test_suite_bignum_mod_raw.function | 2 +-
 tests/suites/test_suite_bignum_random.function  | 4 ++--
 6 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/library/bignum_mod.c b/library/bignum_mod.c
index 4d6782972b..2f0e9ed092 100644
--- a/library/bignum_mod.c
+++ b/library/bignum_mod.c
@@ -19,7 +19,7 @@
 
 #include "common.h"
 
-#if defined(MBEDTLS_BIGNUM_C)
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ECP_WITH_MPI_UINT)
 
 #include <string.h>
 
@@ -403,4 +403,4 @@ cleanup:
     return ret;
 }
 
-#endif /* MBEDTLS_BIGNUM_C */
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ECP_WITH_MPI_UINT */
diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c
index 75cf8c41e0..5ee1b19b25 100644
--- a/library/bignum_mod_raw.c
+++ b/library/bignum_mod_raw.c
@@ -19,7 +19,7 @@
 
 #include "common.h"
 
-#if defined(MBEDTLS_BIGNUM_C)
+#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ECP_WITH_MPI_UINT)
 
 #include <string.h>
 
@@ -285,4 +285,4 @@ void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X,
     (void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) borrow);
 }
 
-#endif /* MBEDTLS_BIGNUM_C */
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_ECP_WITH_MPI_UINT */
diff --git a/tests/src/bignum_helpers.c b/tests/src/bignum_helpers.c
index efb2eca1c3..214530df51 100644
--- a/tests/src/bignum_helpers.c
+++ b/tests/src/bignum_helpers.c
@@ -86,6 +86,7 @@ exit:
     return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
 }
 
+#if defined(MBEDTLS_ECP_WITH_MPI_UINT)
 int mbedtls_test_read_mpi_modulus(mbedtls_mpi_mod_modulus *N,
                                   const char *s,
                                   mbedtls_mpi_mod_rep_selector int_rep)
@@ -122,6 +123,7 @@ void mbedtls_test_mpi_mod_modulus_free_with_limbs(mbedtls_mpi_mod_modulus *N)
     mbedtls_free((mbedtls_mpi_uint *) N->p);
     mbedtls_mpi_mod_modulus_free(N);
 }
+#endif /* MBEDTLS_ECP_WITH_MPI_UINT */
 
 int mbedtls_test_read_mpi(mbedtls_mpi *X, const char *s)
 {
diff --git a/tests/suites/test_suite_bignum_mod.function b/tests/suites/test_suite_bignum_mod.function
index eaf2bd5b9d..9d0fe939f4 100644
--- a/tests/suites/test_suite_bignum_mod.function
+++ b/tests/suites/test_suite_bignum_mod.function
@@ -35,7 +35,7 @@ static int test_read_residue(mbedtls_mpi_mod_residue *r,
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BIGNUM_C
+ * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_ECP_WITH_MPI_UINT
  * END_DEPENDENCIES
  */
 
diff --git a/tests/suites/test_suite_bignum_mod_raw.function b/tests/suites/test_suite_bignum_mod_raw.function
index 6b953f5713..f7f8a5914e 100644
--- a/tests/suites/test_suite_bignum_mod_raw.function
+++ b/tests/suites/test_suite_bignum_mod_raw.function
@@ -11,7 +11,7 @@
 /* END_HEADER */
 
 /* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BIGNUM_C
+ * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_ECP_WITH_MPI_UINT
  * END_DEPENDENCIES
  */
 
diff --git a/tests/suites/test_suite_bignum_random.function b/tests/suites/test_suite_bignum_random.function
index 6e533bc1bf..b43b1e713b 100644
--- a/tests/suites/test_suite_bignum_random.function
+++ b/tests/suites/test_suite_bignum_random.function
@@ -192,7 +192,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_WITH_MPI_UINT */
 void mpi_mod_random_values(int min, char *max_hex, int rep)
 {
     /* Same RNG as in mpi_core_random_basic */
@@ -403,7 +403,7 @@ exit:
 }
 /* END_CASE */
 
-/* BEGIN_CASE */
+/* BEGIN_CASE depends_on:MBEDTLS_ECP_WITH_MPI_UINT */
 void mpi_mod_random_validation(int min, char *bound_hex,
                                int result_limbs_delta,
                                int expected_ret)

From 8e9d6b927e2f36606b7c59f5b094cc5fa8637c3a Mon Sep 17 00:00:00 2001
From: Antonio de Angelis <Antonio.deAngelis@arm.com>
Date: Thu, 17 Aug 2023 15:27:54 +0100
Subject: [PATCH 231/264] Remove the workaround for psa_key_agreement_internal

Remove the workaround for psa_key_agreement_internal to
have a shared_secret array always non-zero. The spec is
recently updated so that PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE
is always non-zero

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
---
 library/psa_crypto.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 352756dc88..2b9eca8f28 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7049,13 +7049,8 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                                size_t peer_key_length)
 {
     psa_status_t status;
-#if PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE != 0
     uint8_t shared_secret[PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE];
-    size_t shared_secret_length = sizeof(shared_secret);
-#else
-    uint8_t *shared_secret = NULL;
     size_t shared_secret_length = 0;
-#endif
     psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE(operation->alg);
 
     /* Step 1: run the secret agreement algorithm to generate the shared
@@ -7064,7 +7059,7 @@ static psa_status_t psa_key_agreement_internal(psa_key_derivation_operation_t *o
                                             private_key,
                                             peer_key, peer_key_length,
                                             shared_secret,
-                                            shared_secret_length,
+                                            sizeof(shared_secret),
                                             &shared_secret_length);
     if (status != PSA_SUCCESS) {
         goto exit;

From e4d634cd872886138d490e892fae6756318168b4 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Thu, 17 Aug 2023 21:11:34 +0530
Subject: [PATCH 232/264] Add tests with higher input costs for pbkdf2

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.pbkdf2.data | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 tests/suites/test_suite_psa_crypto.pbkdf2.data

diff --git a/tests/suites/test_suite_psa_crypto.pbkdf2.data b/tests/suites/test_suite_psa_crypto.pbkdf2.data
new file mode 100644
index 0000000000..3544b68868
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto.pbkdf2.data
@@ -0,0 +1,15 @@
+PSA key derivation: PBKDF2-HMAC(SHA-1), RFC6070 #4
+depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_1
+derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_1):PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"eefe3d61cd4da4e4e9945b3d6ba2158c2634e984":"":0:1:0
+
+PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #2
+depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256
+derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, RFC6070 #4
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"c19b71d2daf483abc9e04fbc78928b4204398d1e":"":0:1:0
+
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, RFC7914 #2
+depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
+derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"3298e89bc3560e61b59aef2c104f93380b5fa26e2e011cb5ac5895fcd5a3bd5a92e617d7cae020fa2c6ef895182d9ffa0cc8f9c22778beb02856127719d95570":"":0:1:0

From 5cad47df8accaf463908f3d3232ecc19f5416366 Mon Sep 17 00:00:00 2001
From: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
Date: Fri, 18 Aug 2023 12:49:07 +0530
Subject: [PATCH 233/264] Modify test description

The test data was generated using the python script.
PBKDF2_AES_CMAC_PRF_128 test vectors are generated using PyCryptodome library:
https://github.com/Legrandin/pycryptodome

Steps to generate test vectors:
1. pip install pycryptodome
2. Use the python script below to generate Derived key (see description for details):

Example usage:
pbkdf2_cmac.py <password> <salt> <number_of_iterations> <derived_key_len>
derive_output.py 4a30314e4d45 54687265616437333563383762344f70656e54687265616444656d6f 16384 16

password         : 4a30314e4d45
salt             : 54687265616437333563383762344f70656e54687265616444656d6f
input cost       : 16384
derived key len  : 16
output           : 8b27beed7e7a4dd6c53138c879a8e33c

"""
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Hash import CMAC
from Crypto.Cipher import AES
import sys

def main():
    #check args
    if len(sys.argv) != 5:
        print("Invalid number of arguments. Expected: <password> <salt> <input_cost> <derived_key_len>")
        return

    password    = bytes.fromhex(sys.argv[1])
    salt        = bytes.fromhex(sys.argv[2])
    iterations  = int(sys.argv[3])
    dklen       = int(sys.argv[4])

    # If password is not 16 bytes then we need to use CMAC to derive the password
    if len(password) != 16:
        zeros     = bytes.fromhex("00000000000000000000000000000000")
        cobj_pass = CMAC.new(zeros, msg=password, ciphermod=AES, mac_len=16)
        passwd    = bytes.fromhex(cobj_pass.hexdigest())
    else:
        passwd = password

    cmac_prf = lambda p,s: CMAC.new(p, s, ciphermod=AES, mac_len=16).digest()

    actual_output = PBKDF2(passwd, salt=salt, dkLen=dklen, count=iterations, prf=cmac_prf)

    print('password         : ' + password.hex())
    print('salt             : ' + salt.hex())
    print('input cost       : ' + str(iterations))
    print('derived key len  : ' + str(dklen))
    print('output           : ' + actual_output.hex())

if __name__ == "__main__":
    main()
"""

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
---
 tests/suites/test_suite_psa_crypto.pbkdf2.data | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto.pbkdf2.data b/tests/suites/test_suite_psa_crypto.pbkdf2.data
index 3544b68868..3b8e7e0668 100644
--- a/tests/suites/test_suite_psa_crypto.pbkdf2.data
+++ b/tests/suites/test_suite_psa_crypto.pbkdf2.data
@@ -6,10 +6,11 @@ PSA key derivation: PBKDF2-HMAC(SHA-256), RFC7914 #2
 depends_on:PSA_WANT_ALG_PBKDF2_HMAC:PSA_WANT_ALG_SHA_256
 derive_output:PSA_ALG_PBKDF2_HMAC(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"4ddcd8f60b98be21830cee5ef22701f9641a4418d04c0414aeff08876b34ab56a1d425a1225833549adb841b51c9b3176a272bdebba1d078478f62b397f33c8d":"":0:1:0
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, RFC6070 #4
+# For PBKDF2_AES_CMAC_PRF_128 the output for the test vectors was generated using a python script. Refer commit message for details.
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, inputs from RFC6070 #4
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"01000000":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"73616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"70617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":20:"c19b71d2daf483abc9e04fbc78928b4204398d1e":"":0:1:0
 
-PSA key derivation: PBKDF2-AES-CMAC-PRF-128, RFC7914 #2
+PSA key derivation: PBKDF2-AES-CMAC-PRF-128, inputs from RFC7914 #2
 depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_AES
 derive_output:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_KEY_DERIVATION_INPUT_COST:"013880":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:"4e61436c":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_PASSWORD:"50617373776f7264":PSA_SUCCESS:0:"":PSA_SUCCESS:"":64:"3298e89bc3560e61b59aef2c104f93380b5fa26e2e011cb5ac5895fcd5a3bd5a92e617d7cae020fa2c6ef895182d9ffa0cc8f9c22778beb02856127719d95570":"":0:1:0

From 372f7a04d0c346c086c4077bf9dd5f323f7d681f Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 18 Aug 2023 17:26:25 +0800
Subject: [PATCH 234/264] Add missing check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/aes.c b/library/aes.c
index 888ac0f297..1e1039b3a9 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -41,7 +41,7 @@
 #endif
 
 #if defined(__amd64__) || defined(__x86_64__) || \
-    defined(_M_X64) || defined(_M_AMD64)
+    ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))
 #if !defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif

From 61fc5ed5f316cec0a6b7439c198b0de580f910e5 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 18 Aug 2023 17:28:48 +0800
Subject: [PATCH 235/264] improve readability of error message

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aes.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 1e1039b3a9..63b36c54c3 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -52,10 +52,15 @@
 #error "MBEDTLS_AES_USE_HARDWARE_ONLY defined, but not all prerequisites"
 #endif
 
-#if defined(MBEDTLS_PADLOCK_C) && \
-    (!defined(MBEDTLS_HAVE_ASM) || defined(MBEDTLS_AES_USE_HARDWARE_ONLY))
+#if defined(MBEDTLS_PADLOCK_C)
+#if !defined(MBEDTLS_HAVE_ASM)
 #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
 #endif
+#if defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+#error "MBEDTLS_AES_USE_HARDWARE_ONLY cannot be defined when " \
+    "MBEDTLS_PADLOCK_C is set"
+#endif
+#endif
 #endif
 
 #if defined(MBEDTLS_PADLOCK_C)

From 0a6272d6c9f84d8397cf7d0cb3a8000558a01112 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 18 Aug 2023 17:35:59 +0800
Subject: [PATCH 236/264] revert padlock from aesni module

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/aesni.c | 3 +--
 library/aesni.h | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/library/aesni.c b/library/aesni.c
index 427c2fdc6d..cc3a3b3f38 100644
--- a/library/aesni.c
+++ b/library/aesni.c
@@ -39,8 +39,7 @@
 #include <immintrin.h>
 #endif
 
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
-    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES-NI support detection routine
  */
diff --git a/library/aesni.h b/library/aesni.h
index d0daaefb36..332a0f0722 100644
--- a/library/aesni.h
+++ b/library/aesni.h
@@ -100,8 +100,7 @@ extern "C" {
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) || \
-    (defined(MBEDTLS_HAVE_X86) && defined(MBEDTLS_PADLOCK_C))
+#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 int mbedtls_aesni_has_support(unsigned int what);
 #else
 #define mbedtls_aesni_has_support(what) 1

From 4566132163a11d4f98b0685a33587281f059ef18 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 4 Aug 2023 12:31:58 +0100
Subject: [PATCH 237/264] Make mbedtls_aesce_has_support more efficient

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/aesce.c | 34 +++++++++++++++++++++++-----------
 library/aesce.h | 22 +++++++++++++++++-----
 2 files changed, 40 insertions(+), 16 deletions(-)

diff --git a/library/aesce.c b/library/aesce.c
index 8aa07894fe..42e04d3a45 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -94,28 +94,40 @@
 #endif /* !(__ARM_FEATURE_CRYPTO || __ARM_FEATURE_AES) ||
           MBEDTLS_ENABLE_ARM_CRYPTO_EXTENSIONS_COMPILER_FLAG */
 
-#if defined(__linux__)
+#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+
 #include <asm/hwcap.h>
 #include <sys/auxv.h>
-#endif
+
+char mbedtls_aesce_has_support_result = 2;
 
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
  * AES instruction support detection routine
  */
-int mbedtls_aesce_has_support(void)
+int mbedtls_aesce_has_support_impl(void)
 {
-#if defined(__linux__)
-    unsigned long auxval = getauxval(AT_HWCAP);
-    return (auxval & (HWCAP_ASIMD | HWCAP_AES)) ==
-           (HWCAP_ASIMD | HWCAP_AES);
-#else
-    /* Assume AES instructions are supported. */
-    return 1;
-#endif
+    /* To avoid many calls to getauxval, cache the result. This is
+     * thread-safe, because we store the result in a char so cannot
+     * be vulnerable to non-atomic updates.
+     * It is possible that we could end up setting result more than
+     * once, but that is harmless.
+     */
+    if (mbedtls_aesce_has_support_result == 2) {
+        unsigned long auxval = getauxval(AT_HWCAP);
+        if ((auxval & (HWCAP_ASIMD | HWCAP_AES)) ==
+            (HWCAP_ASIMD | HWCAP_AES)) {
+            mbedtls_aesce_has_support_result = 1;
+        } else {
+            mbedtls_aesce_has_support_result = 0;
+        }
+    }
+    return mbedtls_aesce_has_support_result;
 }
 #endif
 
+#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
+
 /* Single round of AESCE encryption */
 #define AESCE_ENCRYPT_ROUND                   \
     block = vaeseq_u8(block, vld1q_u8(keys)); \
diff --git a/library/aesce.h b/library/aesce.h
index 9b8b0bcd67..1a0abb86f5 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -42,17 +42,29 @@
 extern "C" {
 #endif
 
+#if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
+
+extern char mbedtls_aesce_has_support_result;
+
 /**
  * \brief          Internal function to detect the crypto extension in CPUs.
  *
  * \return         1 if CPU has support for the feature, 0 otherwise
  */
-#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
-int mbedtls_aesce_has_support(void);
-#else
-#define mbedtls_aesce_has_support() 1
-#endif
+int mbedtls_aesce_has_support_impl(void);
 
+#define mbedtls_aesce_has_support() (mbedtls_aesce_has_support_result == 2 ? \
+                                     mbedtls_aesce_has_support_impl() : \
+                                     mbedtls_aesce_has_support_result)
+
+#else /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
+
+/* If we are not on Linux, we can't detect support so assume that it's supported.
+ * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set.
+ */
+#define mbedtls_aesce_has_support() 1
+
+#endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
 
 /**
  * \brief          Internal AES-ECB block encryption and decryption

From b30adce7fd5c66e0bb35c2d882215c43ae3b32d2 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 4 Aug 2023 12:52:51 +0100
Subject: [PATCH 238/264] Use -1 as uninitialised marker

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/aesce.c | 4 ++--
 library/aesce.h | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/aesce.c b/library/aesce.c
index 42e04d3a45..6f75a67d7f 100644
--- a/library/aesce.c
+++ b/library/aesce.c
@@ -99,7 +99,7 @@
 #include <asm/hwcap.h>
 #include <sys/auxv.h>
 
-char mbedtls_aesce_has_support_result = 2;
+signed char mbedtls_aesce_has_support_result = -1;
 
 #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 /*
@@ -113,7 +113,7 @@ int mbedtls_aesce_has_support_impl(void)
      * It is possible that we could end up setting result more than
      * once, but that is harmless.
      */
-    if (mbedtls_aesce_has_support_result == 2) {
+    if (mbedtls_aesce_has_support_result == -1) {
         unsigned long auxval = getauxval(AT_HWCAP);
         if ((auxval & (HWCAP_ASIMD | HWCAP_AES)) ==
             (HWCAP_ASIMD | HWCAP_AES)) {
diff --git a/library/aesce.h b/library/aesce.h
index 1a0abb86f5..8d48c601bc 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -44,7 +44,7 @@ extern "C" {
 
 #if defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)
 
-extern char mbedtls_aesce_has_support_result;
+extern signed char mbedtls_aesce_has_support_result;
 
 /**
  * \brief          Internal function to detect the crypto extension in CPUs.
@@ -53,7 +53,7 @@ extern char mbedtls_aesce_has_support_result;
  */
 int mbedtls_aesce_has_support_impl(void);
 
-#define mbedtls_aesce_has_support() (mbedtls_aesce_has_support_result == 2 ? \
+#define mbedtls_aesce_has_support() (mbedtls_aesce_has_support_result == -1 ? \
                                      mbedtls_aesce_has_support_impl() : \
                                      mbedtls_aesce_has_support_result)
 

From f2249ec9058f276657cbe59750472798273b25b8 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 4 Aug 2023 14:27:58 +0100
Subject: [PATCH 239/264] Rename mbedtls_aesce_has_support macro to satisfy
 case rules

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/aes.c   | 8 ++++----
 library/aesce.h | 4 ++--
 library/gcm.c   | 6 +++---
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/library/aes.c b/library/aes.c
index 774c2eed04..47a5e3e822 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -653,7 +653,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
 #endif
 
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-    if (mbedtls_aesce_has_support()) {
+    if (MBEDTLS_AESCE_HAS_SUPPORT()) {
         return mbedtls_aesce_setkey_enc((unsigned char *) RK, key, keybits);
     }
 #endif
@@ -765,7 +765,7 @@ int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
 #endif
 
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-    if (mbedtls_aesce_has_support()) {
+    if (MBEDTLS_AESCE_HAS_SUPPORT()) {
         mbedtls_aesce_inverse_key(
             (unsigned char *) RK,
             (const unsigned char *) (cty.buf + cty.rk_offset),
@@ -1092,7 +1092,7 @@ int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
 #endif
 
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-    if (mbedtls_aesce_has_support()) {
+    if (MBEDTLS_AESCE_HAS_SUPPORT()) {
         return mbedtls_aesce_crypt_ecb(ctx, mode, input, output);
     }
 #endif
@@ -1911,7 +1911,7 @@ int mbedtls_aes_self_test(int verbose)
         } else
 #endif
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-        if (mbedtls_aesce_has_support()) {
+        if (MBEDTLS_AESCE_HAS_SUPPORT()) {
             mbedtls_printf("  AES note: using AESCE.\n");
         } else
 #endif
diff --git a/library/aesce.h b/library/aesce.h
index 8d48c601bc..735c8cfad2 100644
--- a/library/aesce.h
+++ b/library/aesce.h
@@ -53,7 +53,7 @@ extern signed char mbedtls_aesce_has_support_result;
  */
 int mbedtls_aesce_has_support_impl(void);
 
-#define mbedtls_aesce_has_support() (mbedtls_aesce_has_support_result == -1 ? \
+#define MBEDTLS_AESCE_HAS_SUPPORT() (mbedtls_aesce_has_support_result == -1 ? \
                                      mbedtls_aesce_has_support_impl() : \
                                      mbedtls_aesce_has_support_result)
 
@@ -62,7 +62,7 @@ int mbedtls_aesce_has_support_impl(void);
 /* If we are not on Linux, we can't detect support so assume that it's supported.
  * Similarly, assume support if MBEDTLS_AES_USE_HARDWARE_ONLY is set.
  */
-#define mbedtls_aesce_has_support() 1
+#define MBEDTLS_AESCE_HAS_SUPPORT() 1
 
 #endif /* defined(__linux__) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) */
 
diff --git a/library/gcm.c b/library/gcm.c
index d49725c69c..786290f2f9 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -98,7 +98,7 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx)
 #endif
 
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-    if (mbedtls_aesce_has_support()) {
+    if (MBEDTLS_AESCE_HAS_SUPPORT()) {
         return 0;
     }
 #endif
@@ -209,7 +209,7 @@ static void gcm_mult(mbedtls_gcm_context *ctx, const unsigned char x[16],
 #endif /* MBEDTLS_AESNI_HAVE_CODE */
 
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-    if (mbedtls_aesce_has_support()) {
+    if (MBEDTLS_AESCE_HAS_SUPPORT()) {
         unsigned char h[16];
 
         /* mbedtls_aesce_gcm_mult needs big-endian input */
@@ -886,7 +886,7 @@ int mbedtls_gcm_self_test(int verbose)
 #endif
 
 #if defined(MBEDTLS_AESCE_C) && defined(MBEDTLS_HAVE_ARM64)
-        if (mbedtls_aesce_has_support()) {
+        if (MBEDTLS_AESCE_HAS_SUPPORT()) {
             mbedtls_printf("  GCM note: using AESCE.\n");
         } else
 #endif

From 3ab114e3da2a5a471768be5914f3e60bdabd17f3 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 21 Aug 2023 07:54:11 +0100
Subject: [PATCH 240/264] Move non-function-specific macro outside of function
 definition

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 44 ++++++++++++++++++------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 111b9af5a0..ab393979ef 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -115,6 +115,28 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x)
 #endif
 }
 
+/*
+ * Selecting unified syntax is needed for gcc, and harmless on clang.
+ *
+ * This is needed because on Thumb 1, condition flags are always set, so
+ * e.g. "negs" is supported but "neg" is not (on Thumb 2, both exist).
+ *
+ * Under Thumb 1 unified syntax, only the "negs" form is accepted, and
+ * under divided syntax, only the "neg" form is accepted. clang only
+ * supports unified syntax.
+ *
+ * On Thumb 2 and Arm, both compilers are happy with the "s" suffix,
+ * although we don't actually care about setting the flags.
+ *
+ * For gcc, restore divided syntax afterwards - otherwise old versions of gcc
+ * seem to apply unified syntax globally, which breaks other asm code.
+ */
+#if !defined(__clang__)
+#define RESTORE_ASM_SYNTAX  ".syntax divided             \n\t"
+#else
+#define RESTORE_ASM_SYNTAX
+#endif
+
 /* Convert a number into a condition in constant time. */
 static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
 {
@@ -140,28 +162,6 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
     return (mbedtls_ct_condition_t) x;
 #elif defined(MBEDTLS_CT_ARM_ASM) && defined(MBEDTLS_CT_SIZE_32)
     uint32_t s;
-    /*
-     * Selecting unified syntax is needed for gcc, and harmless on clang.
-     *
-     * This is needed because on Thumb 1, condition flags are always set, so
-     * e.g. "negs" is supported but "neg" is not (on Thumb 2, both exist).
-     *
-     * Under Thumb 1 unified syntax, only the "negs" form is accepted, and
-     * under divided syntax, only the "neg" form is accepted. clang only
-     * supports unified syntax.
-     *
-     * On Thumb 2 and Arm, both compilers are happy with the "s" suffix,
-     * although we don't actually care about setting the flags.
-     *
-     * For gcc, restore divided syntax afterwards - otherwise old versions of gcc
-     * seem to apply unified syntax globally, which breaks other asm code.
-     */
-#if !defined(__clang__)
-#define RESTORE_ASM_SYNTAX  ".syntax divided             \n\t"
-#else
-#define RESTORE_ASM_SYNTAX
-#endif
-
     asm volatile (".syntax unified                       \n\t"
                   "negs %[s], %[x]                       \n\t"
                   "orrs %[x], %[x], %[s]                 \n\t"

From 0ce0fbc32ae3f89af65bd40a58b54cb0ab1c1404 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 21 Aug 2023 07:58:50 +0100
Subject: [PATCH 241/264] Simplify aarch64 asm for mbedtls_ct_uint_lt

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index ab393979ef..971388c19a 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -234,14 +234,14 @@ static inline mbedtls_ct_uint_t mbedtls_ct_if(mbedtls_ct_condition_t condition,
 static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbedtls_ct_uint_t y)
 {
 #if defined(MBEDTLS_CT_AARCH64_ASM) && (defined(MBEDTLS_CT_SIZE_32) || defined(MBEDTLS_CT_SIZE_64))
-    uint64_t s1, s2;
+    uint64_t s1;
     asm volatile ("eor     %x[s1], %x[y], %x[x]          \n\t"
-                  "sub     %x[s2], %x[x], %x[y]          \n\t"
-                  "bic     %x[s2], %x[s2], %[s1]         \n\t"
+                  "sub     %x[x], %x[x], %x[y]           \n\t"
+                  "bic     %x[x], %x[x], %[s1]           \n\t"
                   "and     %x[s1], %x[s1], %x[y]         \n\t"
-                  "orr     %x[s1], %x[s2], %x[s1]        \n\t"
+                  "orr     %x[s1], %x[x], %x[s1]         \n\t"
                   "asr     %x[x], %x[s1], 63"
-                  : [s1] "=&r" (s1), [s2] "=&r" (s2), [x] "+r" (x)
+                  : [s1] "=&r" (s1), [x] "+&r" (x)
                   : [y] "r" (y)
                   :
                   );

From 8cd1da4b73009794a5cf5102855d63e1f70f5b7e Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 17 May 2023 23:18:41 +0200
Subject: [PATCH 242/264] Remove spurious extern "C"

This header only contains preprocessor definitions. They are not affected by
extern "C".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 include/mbedtls/config_psa.h | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 303758f03e..9823fa3986 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -44,10 +44,6 @@
 
 #include "psa/crypto_legacy.h"
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-
 
 
 /****************************************************************/
@@ -1074,8 +1070,4 @@ extern "C" {
 #define PSA_WANT_KEY_TYPE_PASSWORD_HASH 1
 #define PSA_WANT_KEY_TYPE_RAW_DATA 1
 
-#ifdef __cplusplus
-}
-#endif
-
 #endif /* MBEDTLS_CONFIG_PSA_H */

From a458d48e7f185dcc727f81e86f557f23a12b0e24 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 17 May 2023 23:13:06 +0200
Subject: [PATCH 243/264] Move the inclusion of the PSA config file(s) into
 build_info.h

They belong here, next to the inclusion of the mbedtls config file. We only
put them in config_psa.h in Mbed TLS 2.x because there was no build_info.h
we could use.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 include/mbedtls/build_info.h | 14 ++++++++++++++
 include/mbedtls/config_psa.h | 12 ------------
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index 985edd2336..b54b9baa80 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -59,6 +59,7 @@
 #define inline __inline
 #endif
 
+/* X.509, TLS and non-PSA crypto configuration */
 #if !defined(MBEDTLS_CONFIG_FILE)
 #include "mbedtls/mbedtls_config.h"
 #else
@@ -80,6 +81,19 @@
 #include MBEDTLS_USER_CONFIG_FILE
 #endif
 
+/* PSA crypto configuration */
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
+#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+#else
+#include "psa/crypto_config.h"
+#endif
+#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
+
+#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
+#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+#endif
+
 /* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
  * MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined
  * to ensure a 128-bit key size in CTR_DRBG.
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 9823fa3986..3b30c02776 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -30,18 +30,6 @@
 #ifndef MBEDTLS_CONFIG_PSA_H
 #define MBEDTLS_CONFIG_PSA_H
 
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
-#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
-#else
-#include "psa/crypto_config.h"
-#endif
-#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
-
-#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
-#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
-#endif
-
 #include "psa/crypto_legacy.h"
 
 

From 7b7ecf5e0d42537f5f5deb93eb5ce278ecd6a8f1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 17 May 2023 23:15:31 +0200
Subject: [PATCH 244/264] Fix condition to include
 MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE

Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when
MBEDTLS_PSA_CRYPTO_CONFIG is disabled. This didn't make sense and was an
editorial mistake when adding it: it's meant as an addition to
MBEDTLS_PSA_CRYPTO_CONFIG_FILE, so it should be included under the same
conditions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 ChangeLog.d/psa_crypto_user_config_file.txt | 3 +++
 include/mbedtls/build_info.h                | 3 +--
 2 files changed, 4 insertions(+), 2 deletions(-)
 create mode 100644 ChangeLog.d/psa_crypto_user_config_file.txt

diff --git a/ChangeLog.d/psa_crypto_user_config_file.txt b/ChangeLog.d/psa_crypto_user_config_file.txt
new file mode 100644
index 0000000000..f538f47072
--- /dev/null
+++ b/ChangeLog.d/psa_crypto_user_config_file.txt
@@ -0,0 +1,3 @@
+Bugfix
+   * Don't try to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE when
+     MBEDTLS_PSA_CRYPTO_CONFIG is disabled.
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index b54b9baa80..c0424da82f 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -88,11 +88,10 @@
 #else
 #include "psa/crypto_config.h"
 #endif
-#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
-
 #if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
 #include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
 #endif
+#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
 
 /* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
  * MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined

From 44243e11ffd47df0ff6e15c0a17a448cde3de954 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 18 May 2023 19:39:11 +0200
Subject: [PATCH 245/264] Remove obsolete header inclusions

Since 3.0.0, mbedtls_config.h (formerly config.h) no longer needs to include
config_psa.h or check_config.h: build_info.h takes care of that.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/include/test/drivers/config_test_driver.h | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h
index 2585fd9f05..81f988339a 100644
--- a/tests/include/test/drivers/config_test_driver.h
+++ b/tests/include/test/drivers/config_test_driver.h
@@ -53,7 +53,4 @@
 //#define MBEDTLS_PEM_PARSE_C
 //#define MBEDTLS_BASE64_C
 
-#include "mbedtls/config_psa.h"
-#include "mbedtls/check_config.h"
-
 #endif /* MBEDTLS_CONFIG_H */

From 9af413bcc5294de8810aca03ecff452f5f695edc Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 18 May 2023 20:12:44 +0200
Subject: [PATCH 246/264] Don't try to include mbedtls/config_*.h

They're included by build_info.h and must not be included directly.

Currently, this only concerns one file: config_psa.h. It's technically a bug
to include it, but a harmless one because that header has already been
included by build_info.h except in configurations where it
effectively had no effect (enabling PSA options with PSA turned off).

We plan to split config_psa.h into multiple headers that are less
independent, which could make the inclusion more problematic.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 programs/test/generate_cpp_dummy_build.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh
index 94e911515d..2541683318 100755
--- a/programs/test/generate_cpp_dummy_build.sh
+++ b/programs/test/generate_cpp_dummy_build.sh
@@ -63,6 +63,7 @@ EOF
     for header in include/mbedtls/*.h include/psa/*.h; do
         case ${header#include/} in
             mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion
+            mbedtls/config_*.h) :;; # not meant for direct inclusion
             psa/crypto_config.h) :;; # not meant for direct inclusion
             # Some of the psa/crypto_*.h headers are not meant to be included
             # directly. They do have include guards that make them no-ops if

From ea4fc97cd01fdbeb76bb25dce9666f29c1bb64ce Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 22 May 2023 12:18:08 +0200
Subject: [PATCH 247/264] Restore a comment and fix it

aca31654e6e96c76b073e0ffedb6ae53c9e4f4c7 removed a sentence with copypasta
refering to PBKDF2 instead of XTS. Restore that comment but fix the
copypasta.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 include/psa/crypto_config.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index af78dce177..d8e8e19d0a 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -92,7 +92,8 @@
 #define PSA_WANT_ALG_TLS12_PSK_TO_MS            1
 #define PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS       1
 
-/* Note: when adding support, also adjust include/mbedtls/config_psa.h */
+/* XTS is not yet supported via the PSA API in Mbed TLS.
+ * Note: when adding support, also adjust include/mbedtls/config_psa.h */
 //#define PSA_WANT_ALG_XTS                        1
 
 #define PSA_WANT_ECC_BRAINPOOL_P_R1_256         1

From 0c99a9083ef633183951c80354fc506ca4e80567 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Mon, 21 Aug 2023 17:06:24 +0100
Subject: [PATCH 248/264] Avoid signed right shift UB

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 971388c19a..54bd2b0ede 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -183,8 +183,14 @@ static inline mbedtls_ct_condition_t mbedtls_ct_bool(mbedtls_ct_uint_t x)
 #pragma warning( push )
 #pragma warning( disable : 4146 )
 #endif
-    return (mbedtls_ct_condition_t) (((mbedtls_ct_int_t) ((-xo) | -(xo >> 1))) >>
-                                     (MBEDTLS_CT_SIZE - 1));
+    // y is negative (i.e., top bit set) iff x is non-zero
+    mbedtls_ct_int_t y = (-xo) | -(xo >> 1);
+
+    // extract only the sign bit of y so that y == 1 (if x is non-zero) or 0 (if x is zero)
+    y = (((mbedtls_ct_uint_t) y) >> (MBEDTLS_CT_SIZE - 1));
+
+    // -y has all bits set (if x is non-zero), or all bits clear (if x is zero)
+    return (mbedtls_ct_condition_t) (-y);
 #if defined(_MSC_VER)
 #pragma warning( pop )
 #endif

From fdb722384b93675486fae98d7c1817fcf23c3637 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 19 Jun 2023 20:46:47 +0200
Subject: [PATCH 249/264] Move PSA information and dependency automation into
 their own module

This will let us use these features from other modules (yet to be created).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 scripts/mbedtls_dev/psa_information.py | 162 ++++++++++++++++++++
 tests/CMakeLists.txt                   |   1 +
 tests/Makefile                         |   1 +
 tests/scripts/generate_psa_tests.py    | 202 +++++--------------------
 4 files changed, 199 insertions(+), 167 deletions(-)
 create mode 100644 scripts/mbedtls_dev/psa_information.py

diff --git a/scripts/mbedtls_dev/psa_information.py b/scripts/mbedtls_dev/psa_information.py
new file mode 100644
index 0000000000..a82df41df4
--- /dev/null
+++ b/scripts/mbedtls_dev/psa_information.py
@@ -0,0 +1,162 @@
+"""Collect information about PSA cryptographic mechanisms.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import re
+from typing import Dict, FrozenSet, List, Optional
+
+from . import macro_collector
+
+
+class Information:
+    """Gather information about PSA constructors."""
+
+    def __init__(self) -> None:
+        self.constructors = self.read_psa_interface()
+
+    @staticmethod
+    def remove_unwanted_macros(
+            constructors: macro_collector.PSAMacroEnumerator
+    ) -> None:
+        # Mbed TLS does not support finite-field DSA.
+        # Don't attempt to generate any related test case.
+        constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')
+        constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY')
+
+    def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator:
+        """Return the list of known key types, algorithms, etc."""
+        constructors = macro_collector.InputsForTest()
+        header_file_names = ['include/psa/crypto_values.h',
+                             'include/psa/crypto_extra.h']
+        test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
+        for header_file_name in header_file_names:
+            constructors.parse_header(header_file_name)
+        for test_cases in test_suites:
+            constructors.parse_test_cases(test_cases)
+        self.remove_unwanted_macros(constructors)
+        constructors.gather_arguments()
+        return constructors
+
+
+def psa_want_symbol(name: str) -> str:
+    """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature."""
+    if name.startswith('PSA_'):
+        return name[:4] + 'WANT_' + name[4:]
+    else:
+        raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name)
+
+def finish_family_dependency(dep: str, bits: int) -> str:
+    """Finish dep if it's a family dependency symbol prefix.
+
+    A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be
+    qualified by the key size. If dep is such a symbol, finish it by adjusting
+    the prefix and appending the key size. Other symbols are left unchanged.
+    """
+    return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep)
+
+def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]:
+    """Finish any family dependency symbol prefixes.
+
+    Apply `finish_family_dependency` to each element of `dependencies`.
+    """
+    return [finish_family_dependency(dep, bits) for dep in dependencies]
+
+SYMBOLS_WITHOUT_DEPENDENCY = frozenset([
+    'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies
+    'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier
+    'PSA_ALG_ANY_HASH', # only in policies
+    'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies
+    'PSA_ALG_KEY_AGREEMENT', # chaining
+    'PSA_ALG_TRUNCATED_MAC', # modifier
+])
+def automatic_dependencies(*expressions: str) -> List[str]:
+    """Infer dependencies of a test case by looking for PSA_xxx symbols.
+
+    The arguments are strings which should be C expressions. Do not use
+    string literals or comments as this function is not smart enough to
+    skip them.
+    """
+    used = set()
+    for expr in expressions:
+        used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr))
+    used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY)
+    return sorted(psa_want_symbol(name) for name in used)
+
+# Define set of regular expressions and dependencies to optionally append
+# extra dependencies for test case.
+AES_128BIT_ONLY_DEP_REGEX = r'AES\s(192|256)'
+AES_128BIT_ONLY_DEP = ["!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"]
+
+DEPENDENCY_FROM_KEY = {
+    AES_128BIT_ONLY_DEP_REGEX: AES_128BIT_ONLY_DEP
+}#type: Dict[str, List[str]]
+def generate_key_dependencies(description: str) -> List[str]:
+    """Return additional dependencies based on pairs of REGEX and dependencies.
+    """
+    deps = []
+    for regex, dep in DEPENDENCY_FROM_KEY.items():
+        if re.search(regex, description):
+            deps += dep
+
+    return deps
+
+# A temporary hack: at the time of writing, not all dependency symbols
+# are implemented yet. Skip test cases for which the dependency symbols are
+# not available. Once all dependency symbols are available, this hack must
+# be removed so that a bug in the dependency symbols properly leads to a test
+# failure.
+def read_implemented_dependencies(filename: str) -> FrozenSet[str]:
+    return frozenset(symbol
+                     for line in open(filename)
+                     for symbol in re.findall(r'\bPSA_WANT_\w+\b', line))
+_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name
+def hack_dependencies_not_implemented(dependencies: List[str]) -> None:
+    global _implemented_dependencies #pylint: disable=global-statement,invalid-name
+    if _implemented_dependencies is None:
+        _implemented_dependencies = \
+            read_implemented_dependencies('include/psa/crypto_config.h')
+    if not all((dep.lstrip('!') in _implemented_dependencies or
+                not dep.lstrip('!').startswith('PSA_WANT'))
+               for dep in dependencies):
+        dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET')
+
+def tweak_key_pair_dependency(dep: str, usage: str):
+    """
+    This helper function add the proper suffix to PSA_WANT_KEY_TYPE_xxx_KEY_PAIR
+    symbols according to the required usage.
+    """
+    ret_list = list()
+    if dep.endswith('KEY_PAIR'):
+        if usage == "BASIC":
+            # BASIC automatically includes IMPORT and EXPORT for test purposes (see
+            # config_psa.h).
+            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_BASIC', dep))
+            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_IMPORT', dep))
+            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_EXPORT', dep))
+        elif usage == "GENERATE":
+            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_GENERATE', dep))
+    else:
+        # No replacement to do in this case
+        ret_list.append(dep)
+    return ret_list
+
+def fix_key_pair_dependencies(dep_list: List[str], usage: str):
+    new_list = [new_deps
+                for dep in dep_list
+                for new_deps in tweak_key_pair_dependency(dep, usage)]
+
+    return new_list
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 9bd93f1568..3274739e5b 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -120,6 +120,7 @@ if(GEN_FILES)
             ${CMAKE_CURRENT_SOURCE_DIR}/../tests/scripts/generate_psa_tests.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/crypto_knowledge.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/macro_collector.py
+            ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/psa_information.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/psa_storage.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_case.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/test_data_generation.py
diff --git a/tests/Makefile b/tests/Makefile
index 75dc3c6294..3a3425b185 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -123,6 +123,7 @@ $(GENERATED_PSA_DATA_FILES): generated_psa_test_data
 generated_psa_test_data: scripts/generate_psa_tests.py
 generated_psa_test_data: ../scripts/mbedtls_dev/crypto_knowledge.py
 generated_psa_test_data: ../scripts/mbedtls_dev/macro_collector.py
+generated_psa_test_data: ../scripts/mbedtls_dev/psa_information.py
 generated_psa_test_data: ../scripts/mbedtls_dev/psa_storage.py
 generated_psa_test_data: ../scripts/mbedtls_dev/test_case.py
 generated_psa_test_data: ../scripts/mbedtls_dev/test_data_generation.py
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
index 993457872f..5cdeb3bae4 100755
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@@ -27,150 +27,13 @@ from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional
 
 import scripts_path # pylint: disable=unused-import
 from mbedtls_dev import crypto_knowledge
-from mbedtls_dev import macro_collector
+from mbedtls_dev import macro_collector #pylint: disable=unused-import
+from mbedtls_dev import psa_information
 from mbedtls_dev import psa_storage
 from mbedtls_dev import test_case
 from mbedtls_dev import test_data_generation
 
 
-def psa_want_symbol(name: str) -> str:
-    """Return the PSA_WANT_xxx symbol associated with a PSA crypto feature."""
-    if name.startswith('PSA_'):
-        return name[:4] + 'WANT_' + name[4:]
-    else:
-        raise ValueError('Unable to determine the PSA_WANT_ symbol for ' + name)
-
-def finish_family_dependency(dep: str, bits: int) -> str:
-    """Finish dep if it's a family dependency symbol prefix.
-
-    A family dependency symbol prefix is a PSA_WANT_ symbol that needs to be
-    qualified by the key size. If dep is such a symbol, finish it by adjusting
-    the prefix and appending the key size. Other symbols are left unchanged.
-    """
-    return re.sub(r'_FAMILY_(.*)', r'_\1_' + str(bits), dep)
-
-def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]:
-    """Finish any family dependency symbol prefixes.
-
-    Apply `finish_family_dependency` to each element of `dependencies`.
-    """
-    return [finish_family_dependency(dep, bits) for dep in dependencies]
-
-SYMBOLS_WITHOUT_DEPENDENCY = frozenset([
-    'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies
-    'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier
-    'PSA_ALG_ANY_HASH', # only in policies
-    'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies
-    'PSA_ALG_KEY_AGREEMENT', # chaining
-    'PSA_ALG_TRUNCATED_MAC', # modifier
-])
-def automatic_dependencies(*expressions: str) -> List[str]:
-    """Infer dependencies of a test case by looking for PSA_xxx symbols.
-
-    The arguments are strings which should be C expressions. Do not use
-    string literals or comments as this function is not smart enough to
-    skip them.
-    """
-    used = set()
-    for expr in expressions:
-        used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr))
-    used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY)
-    return sorted(psa_want_symbol(name) for name in used)
-
-# Define set of regular expressions and dependencies to optionally append
-# extra dependencies for test case.
-AES_128BIT_ONLY_DEP_REGEX = r'AES\s(192|256)'
-AES_128BIT_ONLY_DEP = ["!MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH"]
-
-DEPENDENCY_FROM_KEY = {
-    AES_128BIT_ONLY_DEP_REGEX: AES_128BIT_ONLY_DEP
-}#type: Dict[str, List[str]]
-def generate_key_dependencies(description: str) -> List[str]:
-    """Return additional dependencies based on pairs of REGEX and dependencies.
-    """
-    deps = []
-    for regex, dep in DEPENDENCY_FROM_KEY.items():
-        if re.search(regex, description):
-            deps += dep
-
-    return deps
-
-# A temporary hack: at the time of writing, not all dependency symbols
-# are implemented yet. Skip test cases for which the dependency symbols are
-# not available. Once all dependency symbols are available, this hack must
-# be removed so that a bug in the dependency symbols properly leads to a test
-# failure.
-def read_implemented_dependencies(filename: str) -> FrozenSet[str]:
-    return frozenset(symbol
-                     for line in open(filename)
-                     for symbol in re.findall(r'\bPSA_WANT_\w+\b', line))
-_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name
-def hack_dependencies_not_implemented(dependencies: List[str]) -> None:
-    global _implemented_dependencies #pylint: disable=global-statement,invalid-name
-    if _implemented_dependencies is None:
-        _implemented_dependencies = \
-            read_implemented_dependencies('include/psa/crypto_config.h')
-    if not all((dep.lstrip('!') in _implemented_dependencies or
-                not dep.lstrip('!').startswith('PSA_WANT'))
-               for dep in dependencies):
-        dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET')
-
-def tweak_key_pair_dependency(dep: str, usage: str):
-    """
-    This helper function add the proper suffix to PSA_WANT_KEY_TYPE_xxx_KEY_PAIR
-    symbols according to the required usage.
-    """
-    ret_list = list()
-    if dep.endswith('KEY_PAIR'):
-        if usage == "BASIC":
-            # BASIC automatically includes IMPORT and EXPORT for test purposes (see
-            # config_psa.h).
-            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_BASIC', dep))
-            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_IMPORT', dep))
-            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_EXPORT', dep))
-        elif usage == "GENERATE":
-            ret_list.append(re.sub(r'KEY_PAIR', r'KEY_PAIR_GENERATE', dep))
-    else:
-        # No replacement to do in this case
-        ret_list.append(dep)
-    return ret_list
-
-def fix_key_pair_dependencies(dep_list: List[str], usage: str):
-    new_list = [new_deps
-                for dep in dep_list
-                for new_deps in tweak_key_pair_dependency(dep, usage)]
-
-    return new_list
-
-class Information:
-    """Gather information about PSA constructors."""
-
-    def __init__(self) -> None:
-        self.constructors = self.read_psa_interface()
-
-    @staticmethod
-    def remove_unwanted_macros(
-            constructors: macro_collector.PSAMacroEnumerator
-    ) -> None:
-        # Mbed TLS does not support finite-field DSA.
-        # Don't attempt to generate any related test case.
-        constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR')
-        constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY')
-
-    def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator:
-        """Return the list of known key types, algorithms, etc."""
-        constructors = macro_collector.InputsForTest()
-        header_file_names = ['include/psa/crypto_values.h',
-                             'include/psa/crypto_extra.h']
-        test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data']
-        for header_file_name in header_file_names:
-            constructors.parse_header(header_file_name)
-        for test_cases in test_suites:
-            constructors.parse_test_cases(test_cases)
-        self.remove_unwanted_macros(constructors)
-        constructors.gather_arguments()
-        return constructors
-
 
 def test_case_for_key_type_not_supported(
         verb: str, key_type: str, bits: int,
@@ -181,7 +44,7 @@ def test_case_for_key_type_not_supported(
     """Return one test case exercising a key creation method
     for an unsupported key type or size.
     """
-    hack_dependencies_not_implemented(dependencies)
+    psa_information.hack_dependencies_not_implemented(dependencies)
     tc = test_case.TestCase()
     short_key_type = crypto_knowledge.short_expression(key_type)
     adverb = 'not' if dependencies else 'never'
@@ -197,7 +60,7 @@ def test_case_for_key_type_not_supported(
 class KeyTypeNotSupported:
     """Generate test cases for when a key type is not supported."""
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         self.constructors = info.constructors
 
     ALWAYS_SUPPORTED = frozenset([
@@ -224,20 +87,22 @@ class KeyTypeNotSupported:
             # They would be skipped in all configurations, which is noise.
             return
         import_dependencies = [('!' if param is None else '') +
-                               psa_want_symbol(kt.name)]
+                               psa_information.psa_want_symbol(kt.name)]
         if kt.params is not None:
             import_dependencies += [('!' if param == i else '') +
-                                    psa_want_symbol(sym)
+                                    psa_information.psa_want_symbol(sym)
                                     for i, sym in enumerate(kt.params)]
         if kt.name.endswith('_PUBLIC_KEY'):
             generate_dependencies = []
         else:
-            generate_dependencies = fix_key_pair_dependencies(import_dependencies, 'GENERATE')
-            import_dependencies = fix_key_pair_dependencies(import_dependencies, 'BASIC')
+            generate_dependencies = \
+                psa_information.fix_key_pair_dependencies(import_dependencies, 'GENERATE')
+            import_dependencies = \
+                psa_information.fix_key_pair_dependencies(import_dependencies, 'BASIC')
         for bits in kt.sizes_to_test():
             yield test_case_for_key_type_not_supported(
                 'import', kt.expression, bits,
-                finish_family_dependencies(import_dependencies, bits),
+                psa_information.finish_family_dependencies(import_dependencies, bits),
                 test_case.hex_string(kt.key_material(bits)),
                 param_descr=param_descr,
             )
@@ -251,7 +116,7 @@ class KeyTypeNotSupported:
             if not kt.is_public():
                 yield test_case_for_key_type_not_supported(
                     'generate', kt.expression, bits,
-                    finish_family_dependencies(generate_dependencies, bits),
+                    psa_information.finish_family_dependencies(generate_dependencies, bits),
                     str(bits),
                     param_descr=param_descr,
                 )
@@ -294,7 +159,7 @@ def test_case_for_key_generation(
 ) -> test_case.TestCase:
     """Return one test case exercising a key generation.
     """
-    hack_dependencies_not_implemented(dependencies)
+    psa_information.hack_dependencies_not_implemented(dependencies)
     tc = test_case.TestCase()
     short_key_type = crypto_knowledge.short_expression(key_type)
     tc.set_description('PSA {} {}-bit'
@@ -308,7 +173,7 @@ def test_case_for_key_generation(
 class KeyGenerate:
     """Generate positive and negative (invalid argument) test cases for key generation."""
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         self.constructors = info.constructors
 
     ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR',
@@ -327,9 +192,9 @@ class KeyGenerate:
         """
         result = 'PSA_SUCCESS'
 
-        import_dependencies = [psa_want_symbol(kt.name)]
+        import_dependencies = [psa_information.psa_want_symbol(kt.name)]
         if kt.params is not None:
-            import_dependencies += [psa_want_symbol(sym)
+            import_dependencies += [psa_information.psa_want_symbol(sym)
                                     for i, sym in enumerate(kt.params)]
         if kt.name.endswith('_PUBLIC_KEY'):
             # The library checks whether the key type is a public key generically,
@@ -338,7 +203,8 @@ class KeyGenerate:
             generate_dependencies = []
             result = 'PSA_ERROR_INVALID_ARGUMENT'
         else:
-            generate_dependencies = fix_key_pair_dependencies(import_dependencies, 'GENERATE')
+            generate_dependencies = \
+                psa_information.fix_key_pair_dependencies(import_dependencies, 'GENERATE')
         for bits in kt.sizes_to_test():
             if kt.name == 'PSA_KEY_TYPE_RSA_KEY_PAIR':
                 size_dependency = "PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS <= " +  str(bits)
@@ -347,7 +213,7 @@ class KeyGenerate:
                 test_dependencies = generate_dependencies
             yield test_case_for_key_generation(
                 kt.expression, bits,
-                finish_family_dependencies(test_dependencies, bits),
+                psa_information.finish_family_dependencies(test_dependencies, bits),
                 str(bits),
                 result
             )
@@ -380,7 +246,7 @@ class OpFail:
         INCOMPATIBLE = 2
         PUBLIC = 3
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         self.constructors = info.constructors
         key_type_expressions = self.constructors.generate_expressions(
             sorted(self.constructors.key_types)
@@ -417,8 +283,8 @@ class OpFail:
                                    pretty_alg,
                                    pretty_reason,
                                    ' with ' + pretty_type if pretty_type else ''))
-        dependencies = automatic_dependencies(alg.base_expression, key_type)
-        dependencies = fix_key_pair_dependencies(dependencies, 'BASIC')
+        dependencies = psa_information.automatic_dependencies(alg.base_expression, key_type)
+        dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC')
         for i, dep in enumerate(dependencies):
             if dep in not_deps:
                 dependencies[i] = '!' + dep
@@ -445,7 +311,7 @@ class OpFail:
         """Generate failure test cases for keyless operations with the specified algorithm."""
         if alg.can_do(category):
             # Compatible operation, unsupported algorithm
-            for dep in automatic_dependencies(alg.base_expression):
+            for dep in psa_information.automatic_dependencies(alg.base_expression):
                 yield self.make_test_case(alg, category,
                                           self.Reason.NOT_SUPPORTED,
                                           not_deps=frozenset([dep]))
@@ -463,7 +329,7 @@ class OpFail:
             key_is_compatible = kt.can_do(alg)
             if key_is_compatible and alg.can_do(category):
                 # Compatible key and operation, unsupported algorithm
-                for dep in automatic_dependencies(alg.base_expression):
+                for dep in psa_information.automatic_dependencies(alg.base_expression):
                     yield self.make_test_case(alg, category,
                                               self.Reason.NOT_SUPPORTED,
                                               kt=kt, not_deps=frozenset([dep]))
@@ -569,7 +435,7 @@ class StorageTestData(StorageKey):
 class StorageFormat:
     """Storage format stability test cases."""
 
-    def __init__(self, info: Information, version: int, forward: bool) -> None:
+    def __init__(self, info: psa_information.Information, version: int, forward: bool) -> None:
         """Prepare to generate test cases for storage format stability.
 
         * `info`: information about the API. See the `Information` class.
@@ -636,13 +502,13 @@ class StorageFormat:
         verb = 'save' if self.forward else 'read'
         tc = test_case.TestCase()
         tc.set_description(verb + ' ' + key.description)
-        dependencies = automatic_dependencies(
+        dependencies = psa_information.automatic_dependencies(
             key.lifetime.string, key.type.string,
             key.alg.string, key.alg2.string,
         )
-        dependencies = finish_family_dependencies(dependencies, key.bits)
-        dependencies += generate_key_dependencies(key.description)
-        dependencies = fix_key_pair_dependencies(dependencies, 'BASIC')
+        dependencies = psa_information.finish_family_dependencies(dependencies, key.bits)
+        dependencies += psa_information.generate_key_dependencies(key.description)
+        dependencies = psa_information.fix_key_pair_dependencies(dependencies, 'BASIC')
         tc.set_dependencies(dependencies)
         tc.set_function('key_storage_' + verb)
         if self.forward:
@@ -847,13 +713,13 @@ class StorageFormat:
 class StorageFormatForward(StorageFormat):
     """Storage format stability test cases for forward compatibility."""
 
-    def __init__(self, info: Information, version: int) -> None:
+    def __init__(self, info: psa_information.Information, version: int) -> None:
         super().__init__(info, version, True)
 
 class StorageFormatV0(StorageFormat):
     """Storage format stability test cases for version 0 compatibility."""
 
-    def __init__(self, info: Information) -> None:
+    def __init__(self, info: psa_information.Information) -> None:
         super().__init__(info, 0, False)
 
     def all_keys_for_usage_flags(self) -> Iterator[StorageTestData]:
@@ -963,6 +829,7 @@ class StorageFormatV0(StorageFormat):
         yield from super().generate_all_keys()
         yield from self.all_keys_for_implicit_usage()
 
+
 class PSATestGenerator(test_data_generation.TestGenerator):
     """Test generator subclass including PSA targets and info."""
     # Note that targets whose names contain 'test_format' have their content
@@ -978,14 +845,15 @@ class PSATestGenerator(test_data_generation.TestGenerator):
         lambda info: StorageFormatForward(info, 0).all_test_cases(),
         'test_suite_psa_crypto_storage_format.v0':
         lambda info: StorageFormatV0(info).all_test_cases(),
-    } #type: Dict[str, Callable[[Information], Iterable[test_case.TestCase]]]
+    } #type: Dict[str, Callable[[psa_information.Information], Iterable[test_case.TestCase]]]
 
     def __init__(self, options):
         super().__init__(options)
-        self.info = Information()
+        self.info = psa_information.Information()
 
     def generate_target(self, name: str, *target_args) -> None:
         super().generate_target(name, self.info)
 
+
 if __name__ == '__main__':
     test_data_generation.main(sys.argv[1:], __doc__, PSATestGenerator)

From e20d6884635f8cdf5fe72c3fb5c3dd1e637f4364 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Tue, 22 Aug 2023 08:46:18 +0100
Subject: [PATCH 250/264] Fix missing operand modifier

Co-authored-by: Yanray Wang <yanray.wang@arm.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 54bd2b0ede..bf841fe8ad 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -243,7 +243,7 @@ static inline mbedtls_ct_condition_t mbedtls_ct_uint_lt(mbedtls_ct_uint_t x, mbe
     uint64_t s1;
     asm volatile ("eor     %x[s1], %x[y], %x[x]          \n\t"
                   "sub     %x[x], %x[x], %x[y]           \n\t"
-                  "bic     %x[x], %x[x], %[s1]           \n\t"
+                  "bic     %x[x], %x[x], %x[s1]          \n\t"
                   "and     %x[s1], %x[s1], %x[y]         \n\t"
                   "orr     %x[s1], %x[x], %x[s1]         \n\t"
                   "asr     %x[x], %x[s1], 63"

From c9187c5866d7d562b7e077cbe7ba6c03f76809d5 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 20 Jun 2023 15:22:53 +0200
Subject: [PATCH 251/264] New test suite for the low-level hash interface

Some basic test coverage for now:

* Nominal operation.
* Larger output buffer.
* Clone an operation and use it after the original operation stops.

Generate test data automatically. For the time being, only do that for
hashes that Python supports natively. Supporting all algorithms is future
work.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 scripts/mbedtls_dev/crypto_data_tests.py      | 123 ++++++++++
 tests/CMakeLists.txt                          |   1 +
 tests/Makefile                                |   1 +
 tests/scripts/generate_psa_tests.py           |   3 +
 .../test_suite_psa_crypto_low_hash.function   | 225 ++++++++++++++++++
 5 files changed, 353 insertions(+)
 create mode 100644 scripts/mbedtls_dev/crypto_data_tests.py
 create mode 100644 tests/suites/test_suite_psa_crypto_low_hash.function

diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py
new file mode 100644
index 0000000000..80051fa439
--- /dev/null
+++ b/scripts/mbedtls_dev/crypto_data_tests.py
@@ -0,0 +1,123 @@
+"""Generate test data for cryptographic mechanisms.
+
+This module is a work in progress, only implementing a few cases for now.
+"""
+
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import hashlib
+from typing import Callable, Dict, Iterator, List, Optional #pylint: disable=unused-import
+
+from . import crypto_knowledge
+from . import psa_information
+from . import test_case
+
+
+def psa_low_level_dependencies(*expressions: str) -> List[str]:
+    """Infer dependencies of a PSA low-level test case by looking for PSA_xxx symbols.
+
+    This function generates MBEDTLS_PSA_BUILTIN_xxx symbols.
+    """
+    high_level = psa_information.automatic_dependencies(*expressions)
+    for dep in high_level:
+        assert dep.startswith('PSA_WANT_')
+    return ['MBEDTLS_PSA_BUILTIN_' + dep[9:] for dep in high_level]
+
+
+class HashPSALowLevel:
+    """Generate test cases for the PSA low-level hash interface."""
+
+    def __init__(self, info: psa_information.Information) -> None:
+        self.info = info
+        base_algorithms = sorted(info.constructors.algorithms)
+        all_algorithms = \
+            [crypto_knowledge.Algorithm(expr)
+             for expr in info.constructors.generate_expressions(base_algorithms)]
+        self.algorithms = \
+            [alg
+             for alg in all_algorithms
+             if (not alg.is_wildcard and
+                 alg.can_do(crypto_knowledge.AlgorithmCategory.HASH))]
+
+    # CALCULATE[alg] = function to return the hash of its argument in hex
+    # TO-DO: implement the None entries with a third-party library, because
+    # hashlib might not have everything, depending on the Python version and
+    # the underlying OpenSSL. On Ubuntu 16.04, truncated sha512 and sha3/shake
+    # are not available. On Ubuntu 22.04, md2, md4 and ripemd160 are not
+    # available.
+    CALCULATE = {
+        'PSA_ALG_MD5': lambda data: hashlib.md5(data).hexdigest(),
+        'PSA_ALG_RIPEMD160': None, #lambda data: hashlib.new('ripdemd160').hexdigest()
+        'PSA_ALG_SHA_1': lambda data: hashlib.sha1(data).hexdigest(),
+        'PSA_ALG_SHA_224': lambda data: hashlib.sha224(data).hexdigest(),
+        'PSA_ALG_SHA_256': lambda data: hashlib.sha256(data).hexdigest(),
+        'PSA_ALG_SHA_384': lambda data: hashlib.sha384(data).hexdigest(),
+        'PSA_ALG_SHA_512': lambda data: hashlib.sha512(data).hexdigest(),
+        'PSA_ALG_SHA_512_224': None, #lambda data: hashlib.new('sha512_224').hexdigest()
+        'PSA_ALG_SHA_512_256': None, #lambda data: hashlib.new('sha512_256').hexdigest()
+        'PSA_ALG_SHA3_224': None, #lambda data: hashlib.sha3_224(data).hexdigest(),
+        'PSA_ALG_SHA3_256': None, #lambda data: hashlib.sha3_256(data).hexdigest(),
+        'PSA_ALG_SHA3_384': None, #lambda data: hashlib.sha3_384(data).hexdigest(),
+        'PSA_ALG_SHA3_512': None, #lambda data: hashlib.sha3_512(data).hexdigest(),
+        'PSA_ALG_SHAKE256_512': None, #lambda data: hashlib.shake_256(data).hexdigest(64),
+    } #typing: Optional[Dict[str, Callable[[bytes], str]]]
+
+    @staticmethod
+    def one_test_case(alg: crypto_knowledge.Algorithm,
+                      function: str, note: str,
+                      arguments: List[str]) -> test_case.TestCase:
+        """Construct one test case involving a hash."""
+        tc = test_case.TestCase()
+        tc.set_description('{}{} {}'
+                           .format(function,
+                                   ' ' + note if note else '',
+                                   alg.short_expression()))
+        tc.set_dependencies(psa_low_level_dependencies(alg.expression))
+        tc.set_function(function)
+        tc.set_arguments([alg.expression] +
+                         ['"{}"'.format(arg) for arg in arguments])
+        return tc
+
+    def test_cases_for_hash(self,
+                            alg: crypto_knowledge.Algorithm
+                            ) -> Iterator[test_case.TestCase]:
+        """Enumerate all test cases for one hash algorithm."""
+        calc = self.CALCULATE[alg.expression]
+        if calc is None:
+            return # not implemented yet
+
+        short = b'abc'
+        hash_short = calc(short)
+        long = (b'Hello, world. Here are 16 unprintable bytes: ['
+                b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a'
+                b'\x80\x81\x82\x83\xfe\xff]. '
+                b' This message was brought to you by a natural intelligence. '
+                b' If you can read this, good luck with your debugging!')
+        hash_long = calc(long)
+
+        yield self.one_test_case(alg, 'hash_empty', '', [calc(b'')])
+        yield self.one_test_case(alg, 'hash_valid_one_shot', '',
+                                 [short.hex(), hash_short])
+        for n in [0, 1, 64, len(long) - 1, len(long)]:
+            yield self.one_test_case(alg, 'hash_valid_multipart',
+                                     '{} + {}'.format(n, len(long) - n),
+                                     [long[:n].hex(), calc(long[:n]),
+                                      long[n:].hex(), hash_long])
+
+    def all_test_cases(self) -> Iterator[test_case.TestCase]:
+        """Enumerate all test cases for all hash algorithms."""
+        for alg in self.algorithms:
+            yield from self.test_cases_for_hash(alg)
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 3274739e5b..0869aaa018 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -118,6 +118,7 @@ if(GEN_FILES)
             --directory ${CMAKE_CURRENT_BINARY_DIR}/suites
         DEPENDS
             ${CMAKE_CURRENT_SOURCE_DIR}/../tests/scripts/generate_psa_tests.py
+            ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/crypto_data_tests.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/crypto_knowledge.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/macro_collector.py
             ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/mbedtls_dev/psa_information.py
diff --git a/tests/Makefile b/tests/Makefile
index 3a3425b185..ec016d871f 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -121,6 +121,7 @@ generated_ecp_test_data:
 
 $(GENERATED_PSA_DATA_FILES): generated_psa_test_data
 generated_psa_test_data: scripts/generate_psa_tests.py
+generated_psa_test_data: ../scripts/mbedtls_dev/crypto_data_tests.py
 generated_psa_test_data: ../scripts/mbedtls_dev/crypto_knowledge.py
 generated_psa_test_data: ../scripts/mbedtls_dev/macro_collector.py
 generated_psa_test_data: ../scripts/mbedtls_dev/psa_information.py
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
index 5cdeb3bae4..b6f83c111b 100755
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@@ -26,6 +26,7 @@ import sys
 from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional
 
 import scripts_path # pylint: disable=unused-import
+from mbedtls_dev import crypto_data_tests
 from mbedtls_dev import crypto_knowledge
 from mbedtls_dev import macro_collector #pylint: disable=unused-import
 from mbedtls_dev import psa_information
@@ -839,6 +840,8 @@ class PSATestGenerator(test_data_generation.TestGenerator):
         lambda info: KeyGenerate(info).test_cases_for_key_generation(),
         'test_suite_psa_crypto_not_supported.generated':
         lambda info: KeyTypeNotSupported(info).test_cases_for_not_supported(),
+        'test_suite_psa_crypto_low_hash.generated':
+        lambda info: crypto_data_tests.HashPSALowLevel(info).all_test_cases(),
         'test_suite_psa_crypto_op_fail.generated':
         lambda info: OpFail(info).all_test_cases(),
         'test_suite_psa_crypto_storage_format.current':
diff --git a/tests/suites/test_suite_psa_crypto_low_hash.function b/tests/suites/test_suite_psa_crypto_low_hash.function
new file mode 100644
index 0000000000..24cc90536d
--- /dev/null
+++ b/tests/suites/test_suite_psa_crypto_low_hash.function
@@ -0,0 +1,225 @@
+/* BEGIN_HEADER */
+/*
+ * Test suite for the PSA hash built-in driver
+ *
+ * This test suite exercises some aspects of the built-in PSA driver for
+ * hash algorithms (psa_crypto_hash.c). This code is mostly tested via
+ * the application interface (above the PSA API layer) and via tests of
+ * individual hash modules. The goal of this test suite is to ensure that
+ * the driver dispatch layer behaves correctly even when not invoked via
+ * the API layer, but directly from another driver.
+ *
+ * This test suite is currently incomplete. It focuses on non-regression
+ * tests for past bugs or near misses.
+ */
+
+#include <psa_crypto_hash.h>
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PSA_BUILTIN_HASH
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE */
+void hash_valid_one_shot(int alg_arg, data_t *input,
+                         data_t *expected)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = expected->len;
+    size_t length = SIZE_MAX;
+
+    /* Nominal case */
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len,
+                                        output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+    /* Larger output buffer */
+    output_size = expected->len + 1;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len,
+                                        output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+#if 0
+    /* Smaller output buffer (does not have to work!) */
+    output_size = expected->len - 1;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len,
+                                        output, output_size, &length),
+               PSA_ERROR_BUFFER_TOO_SMALL);
+    mbedtls_free(output);
+    output = NULL;
+#endif
+
+exit:
+    mbedtls_free(output);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_valid_multipart(int alg_arg,
+                          data_t *input1, data_t *expected1,
+                          data_t *input2, data_t *expected2)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = expected1->len;
+    size_t length = SIZE_MAX;
+    mbedtls_psa_hash_operation_t operation0; // original
+    memset(&operation0, 0, sizeof(operation0));
+    mbedtls_psa_hash_operation_t clone_start; // cloned after setup
+    memset(&clone_start, 0, sizeof(clone_start));
+    mbedtls_psa_hash_operation_t clone_middle; // cloned between updates
+    memset(&clone_middle, 0, sizeof(clone_middle));
+    mbedtls_psa_hash_operation_t clone_end; // cloned before finish
+    memset(&clone_end, 0, sizeof(clone_end));
+    mbedtls_psa_hash_operation_t clone_more; // cloned before finish
+    memset(&clone_more, 0, sizeof(clone_more));
+
+    /* Nominal case with two update calls */
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_setup(&operation0, alg),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_start),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_update(&operation0, input1->x, input1->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_middle),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_update(&operation0, input2->x, input2->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_clone(&operation0, &clone_end),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&operation0,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+
+    /* Nominal case with an operation cloned after setup */
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_update(&clone_start, input1->x, input1->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_start,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected1->x, expected1->len, output, length);
+
+    /* Nominal case with an operation cloned between updates */
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_update(&clone_middle, input2->x, input2->len),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_middle,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+
+    /* Nominal case with an operation cloned before finish */
+    TEST_EQUAL(mbedtls_psa_hash_clone(&clone_end, &clone_more),
+               PSA_SUCCESS);
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+    /* Larger output buffer */
+    TEST_EQUAL(mbedtls_psa_hash_clone(&clone_more, &clone_end),
+               PSA_SUCCESS);
+    output_size = expected2->len + 1;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+#if 0
+    /* Smaller output buffer (does not have to work!) */
+    TEST_EQUAL(mbedtls_psa_hash_clone(&clone_more, &clone_end),
+               PSA_SUCCESS);
+    output_size = expected2->len - 1;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end,
+                                       output, output_size, &length),
+               PSA_ERROR_BUFFER_TOO_SMALL);
+    mbedtls_free(output);
+    output = NULL;
+#endif
+
+    /* Nominal case again after an error in a cloned operation */
+    output_size = expected2->len;
+    ASSERT_ALLOC(output, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_more,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected2->x, expected2->len, output, length);
+    mbedtls_free(output);
+    output = NULL;
+
+exit:
+    mbedtls_free(output);
+    mbedtls_psa_hash_abort(&operation0);
+    mbedtls_psa_hash_abort(&clone_start);
+    mbedtls_psa_hash_abort(&clone_middle);
+    mbedtls_psa_hash_abort(&clone_end);
+    mbedtls_psa_hash_abort(&clone_more);
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void hash_empty(int alg_arg, data_t *expected)
+{
+    psa_algorithm_t alg = alg_arg;
+    uint8_t *output = NULL;
+    size_t output_size = expected->len;
+    size_t length = SIZE_MAX;
+    mbedtls_psa_hash_operation_t operation;
+    memset(&operation, 0, sizeof(operation));
+
+    ASSERT_ALLOC(output, output_size);
+
+    /* One-shot */
+    TEST_EQUAL(mbedtls_psa_hash_compute(alg, NULL, 0,
+                                        output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+
+    /* Multipart, no update */
+    memset(output, 0, output_size);
+    TEST_EQUAL(mbedtls_psa_hash_setup(&operation, alg),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&operation,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+
+    /* Multipart, one update */
+    memset(output, 0, output_size);
+    memset(&operation, 0, sizeof(operation));
+    TEST_EQUAL(mbedtls_psa_hash_setup(&operation, alg),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_update(&operation, NULL, 0),
+               PSA_SUCCESS);
+    TEST_EQUAL(mbedtls_psa_hash_finish(&operation,
+                                       output, output_size, &length),
+               PSA_SUCCESS);
+    ASSERT_COMPARE(expected->x, expected->len, output, length);
+
+exit:
+    mbedtls_free(output);
+    mbedtls_psa_hash_abort(&operation);
+}
+/* END_CASE */

From 6d14c2b858969c4861c865b2a2240ad0981c2a01 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 7 Aug 2023 21:21:21 +0200
Subject: [PATCH 252/264] Remove dead code

Do explain why we don't test a smaller buffer in addition to testing the
nominal size and a larger buffer.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 .../test_suite_psa_crypto_low_hash.function   | 28 ++++---------------
 1 file changed, 6 insertions(+), 22 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_low_hash.function b/tests/suites/test_suite_psa_crypto_low_hash.function
index 24cc90536d..6dabceff9e 100644
--- a/tests/suites/test_suite_psa_crypto_low_hash.function
+++ b/tests/suites/test_suite_psa_crypto_low_hash.function
@@ -50,16 +50,9 @@ void hash_valid_one_shot(int alg_arg, data_t *input,
     mbedtls_free(output);
     output = NULL;
 
-#if 0
-    /* Smaller output buffer (does not have to work!) */
-    output_size = expected->len - 1;
-    ASSERT_ALLOC(output, output_size);
-    TEST_EQUAL(mbedtls_psa_hash_compute(alg, input->x, input->len,
-                                        output, output_size, &length),
-               PSA_ERROR_BUFFER_TOO_SMALL);
-    mbedtls_free(output);
-    output = NULL;
-#endif
+    /* We don't test with a smaller output buffer because this isn't
+     * guaranteed to work: the core must pass a sufficiently large
+     * output buffer to the driver. */
 
 exit:
     mbedtls_free(output);
@@ -146,18 +139,9 @@ void hash_valid_multipart(int alg_arg,
     mbedtls_free(output);
     output = NULL;
 
-#if 0
-    /* Smaller output buffer (does not have to work!) */
-    TEST_EQUAL(mbedtls_psa_hash_clone(&clone_more, &clone_end),
-               PSA_SUCCESS);
-    output_size = expected2->len - 1;
-    ASSERT_ALLOC(output, output_size);
-    TEST_EQUAL(mbedtls_psa_hash_finish(&clone_end,
-                                       output, output_size, &length),
-               PSA_ERROR_BUFFER_TOO_SMALL);
-    mbedtls_free(output);
-    output = NULL;
-#endif
+    /* We don't test with a smaller output buffer because this isn't
+     * guaranteed to work: the core must pass a sufficiently large
+     * output buffer to the driver. */
 
     /* Nominal case again after an error in a cloned operation */
     output_size = expected2->len;

From ad7725d95d2d024034f12411192b1a5179e49c21 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 9 Aug 2023 10:50:58 +0200
Subject: [PATCH 253/264] Fix type annotation

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 scripts/mbedtls_dev/crypto_data_tests.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/mbedtls_dev/crypto_data_tests.py b/scripts/mbedtls_dev/crypto_data_tests.py
index 80051fa439..7593952da1 100644
--- a/scripts/mbedtls_dev/crypto_data_tests.py
+++ b/scripts/mbedtls_dev/crypto_data_tests.py
@@ -73,7 +73,7 @@ class HashPSALowLevel:
         'PSA_ALG_SHA3_384': None, #lambda data: hashlib.sha3_384(data).hexdigest(),
         'PSA_ALG_SHA3_512': None, #lambda data: hashlib.sha3_512(data).hexdigest(),
         'PSA_ALG_SHAKE256_512': None, #lambda data: hashlib.shake_256(data).hexdigest(64),
-    } #typing: Optional[Dict[str, Callable[[bytes], str]]]
+    } #type: Dict[str, Optional[Callable[[bytes], str]]]
 
     @staticmethod
     def one_test_case(alg: crypto_knowledge.Algorithm,

From 7ebb18fbd678d2a454c3111b9d8536886073377a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Tue, 22 Aug 2023 09:40:23 +0100
Subject: [PATCH 254/264] Make non-executed tests that are not in the allow
 list an error
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

 * Turn the warnings produced when finding non-executed tests that
   are not in the allow list into errors.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index e5abae7388..230fc2f3e6 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -85,7 +85,10 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage):
                 results.warning('Test case not executed: {}', key)
         elif hits != 0 and key in allow_list:
             # Test Case should be removed from the allow list.
-            results.warning('Allow listed test case was executed: {}', key)
+            if full_coverage:
+              results.error('Allow listed test case was executed: {}', key)
+            else:
+                results.warning('Allow listed test case was executed: {}', key)
 
 def analyze_driver_vs_reference(outcomes, component_ref, component_driver,
                                 ignored_suites, ignored_test=None):

From 5022311c9de839a0d4e22a3be47cd569e63d33ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Tue, 22 Aug 2023 09:52:06 +0100
Subject: [PATCH 255/264] Tidy up allow list definition
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

 * Don't break string literals in the allow list definition
 * Comment each test that belongs to the allow list is there.

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index 230fc2f3e6..ea1172ae2b 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -184,9 +184,10 @@ TASKS = {
         'test_function': do_analyze_coverage,
         'args': {
             'allow_list': [
-                'test_suite_psa_crypto_metadata;Asymmetric signature: '
-                'pure EdDSA',
-                'test_suite_psa_crypto_metadata;Cipher: XTS'
+                # Algorithm not supported yet
+                'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA',
+                # Algorithm not supported yet
+                'test_suite_psa_crypto_metadata;Cipher: XTS',
                 ],
             'full_coverage': False,
         }

From 30b0378008895e5d9c938761aca424dd28b04e0b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Tue, 22 Aug 2023 11:06:47 +0200
Subject: [PATCH 256/264] Fix off-by-one error

The value of p after adding the last entry in the gap table is not used.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 library/bignum.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/library/bignum.c b/library/bignum.c
index f84b2e7cef..3724571b2b 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -2194,6 +2194,7 @@ static const unsigned char small_prime_gaps[] = {
     14, 4, 2, 4, 14, 4, 2, 4,
     20, 4, 8, 10, 8, 4, 6, 6,
     14, 4, 6, 6, 8, 6, /*reaches 997*/
+    0 /* the last entry is effectively unused */
 };
 
 /*

From a0631446b530759dce94d9b50e1fccb11de62cd2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Tue, 22 Aug 2023 12:17:57 +0100
Subject: [PATCH 257/264] Correct analyze_outcomes.py identation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index ea1172ae2b..c8bf0799bf 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -86,7 +86,7 @@ def analyze_coverage(results, outcomes, allow_list, full_coverage):
         elif hits != 0 and key in allow_list:
             # Test Case should be removed from the allow list.
             if full_coverage:
-              results.error('Allow listed test case was executed: {}', key)
+                results.error('Allow listed test case was executed: {}', key)
             else:
                 results.warning('Allow listed test case was executed: {}', key)
 

From c5eb13d2a986b04b5329400f72f53a971a21de1c Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Tue, 22 Aug 2023 15:13:04 +0100
Subject: [PATCH 258/264] Reword IAR changelog for fixing compiler warnings

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 ChangeLog.d/fix-iar-compiler-warnings.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog.d/fix-iar-compiler-warnings.txt b/ChangeLog.d/fix-iar-compiler-warnings.txt
index eefbd127d6..50f1dcaad5 100644
--- a/ChangeLog.d/fix-iar-compiler-warnings.txt
+++ b/ChangeLog.d/fix-iar-compiler-warnings.txt
@@ -1,2 +1,2 @@
 Bugfix
-   * Improve general IAR support
+   * Fix IAR compiler warnings. Fixes #7873, #4300.

From 1515f351a104807163ce4ef7743b140b27b04b6e Mon Sep 17 00:00:00 2001
From: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Date: Tue, 22 Aug 2023 15:24:38 +0100
Subject: [PATCH 259/264] Remove IAR warning fixes to 2.28 from changelog

Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
---
 ChangeLog.d/fix-iar-compiler-warnings.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog.d/fix-iar-compiler-warnings.txt b/ChangeLog.d/fix-iar-compiler-warnings.txt
index 50f1dcaad5..0dc2623f8f 100644
--- a/ChangeLog.d/fix-iar-compiler-warnings.txt
+++ b/ChangeLog.d/fix-iar-compiler-warnings.txt
@@ -1,2 +1,2 @@
 Bugfix
-   * Fix IAR compiler warnings. Fixes #7873, #4300.
+   * Fix IAR compiler warnings.

From d43cab3f5c09bdff40649bade124450bdb05c84f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Gonz=C3=A1lez?=
 <tomasagustin.gonzalezorlando@arm.com>
Date: Thu, 24 Aug 2023 09:12:40 +0100
Subject: [PATCH 260/264] Correct analyze_outcomes identation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
---
 tests/scripts/analyze_outcomes.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index c8bf0799bf..3b91bfb19b 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -188,10 +188,10 @@ TASKS = {
                 'test_suite_psa_crypto_metadata;Asymmetric signature: pure EdDSA',
                 # Algorithm not supported yet
                 'test_suite_psa_crypto_metadata;Cipher: XTS',
-                ],
+            ],
             'full_coverage': False,
         }
-        },
+    },
     # There are 2 options to use analyze_driver_vs_reference_xxx locally:
     # 1. Run tests and then analysis:
     #   - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>

From 024a3b3f0402ae99db6b3f56cc12d4b121418188 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Tue, 29 Aug 2023 13:21:43 +0100
Subject: [PATCH 261/264] Disable p256-m asm on aarch64

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 3rdparty/p256-m/p256-m/p256-m.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/3rdparty/p256-m/p256-m/p256-m.c b/3rdparty/p256-m/p256-m/p256-m.c
index 53d306f638..21a021bad6 100644
--- a/3rdparty/p256-m/p256-m/p256-m.c
+++ b/3rdparty/p256-m/p256-m/p256-m.c
@@ -199,10 +199,12 @@ static uint64_t u32_muladd64(uint32_t x, uint32_t y, uint32_t z, uint32_t t);
  * Currently assembly optimisations are only supported with GCC/Clang for
  * Arm's Cortex-A and Cortex-M lines of CPUs, which start with the v6-M and
  * v7-M architectures. __ARM_ARCH_PROFILE is not defined for v6 and earlier.
+ * Thumb and 32-bit assembly is supported; aarch64 is not supported.
  */
 #if defined(__GNUC__) &&\
     defined(__ARM_ARCH) && __ARM_ARCH >= 6 && defined(__ARM_ARCH_PROFILE) && \
-    ( __ARM_ARCH_PROFILE == 77 || __ARM_ARCH_PROFILE == 65 ) /* 'M' or 'A' */
+    ( __ARM_ARCH_PROFILE == 77 || __ARM_ARCH_PROFILE == 65 ) /* 'M' or 'A' */ && \
+    !defined(__aarch64__)
 
 /*
  * This set of CPUs is conveniently partitioned as follows:

From 63f0abe2265ab12e31affcacc30c5658fb38ffc1 Mon Sep 17 00:00:00 2001
From: Yanray Wang <yanray.wang@arm.com>
Date: Wed, 30 Aug 2023 18:31:35 +0800
Subject: [PATCH 262/264] check_test_cases: add a comment to explain idx in
 walk_compat_sh

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
---
 tests/scripts/check_test_cases.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index 2692371ab8..1395d4d901 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -120,6 +120,8 @@ state may override this method.
         # Assume compat.sh is responsible for printing identical format of
         # test case description between --list-test-case and its OUTCOME.CSV
         description = compat_output.strip().split(b'\n')
+        # idx indicates the number of test case since there is no line number
+        # in `compat.sh` for each test case.
         for idx, descrip in enumerate(description):
             self.process_test_case(descriptions, file_name, idx, descrip)
 

From dbddb0015870f1ff68bdba246be7a93763fb9460 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 30 Aug 2023 18:43:23 +0100
Subject: [PATCH 263/264] Ensure mbedtls_sha3_finish zeroizes the context

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/sha3.c                        | 11 +++++++++--
 tests/suites/test_suite_shax.function |  5 ++++-
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/library/sha3.c b/library/sha3.c
index 4b97a85c5f..982550419b 100644
--- a/library/sha3.c
+++ b/library/sha3.c
@@ -259,10 +259,13 @@ int mbedtls_sha3_update(mbedtls_sha3_context *ctx,
 int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
                         uint8_t *output, size_t olen)
 {
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
     /* Catch SHA-3 families, with fixed output length */
     if (ctx->olen > 0) {
         if (ctx->olen > olen) {
-            return MBEDTLS_ERR_SHA3_BAD_INPUT_DATA;
+            ret = MBEDTLS_ERR_SHA3_BAD_INPUT_DATA;
+            goto exit;
         }
         olen = ctx->olen;
     }
@@ -280,7 +283,11 @@ int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
         }
     }
 
-    return 0;
+    ret = 0;
+
+exit:
+    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha3_context));
+    return ret;
 }
 
 /*
diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function
index 7dd9166658..629e281008 100644
--- a/tests/suites/test_suite_shax.function
+++ b/tests/suites/test_suite_shax.function
@@ -176,9 +176,12 @@ void sha3_invalid_param()
     TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_NONE), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
 
     TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
-
     TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 0), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
     TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 31), MBEDTLS_ERR_SHA3_BAD_INPUT_DATA);
+
+    TEST_EQUAL(mbedtls_sha3_starts(&ctx, MBEDTLS_SHA3_256), 0);
     TEST_EQUAL(mbedtls_sha3_finish(&ctx, output, 32), 0);
 
 exit:

From 984309c2c3c5ce5277ba9c349148ac4e2e0093fc Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 30 Aug 2023 19:22:28 +0100
Subject: [PATCH 264/264] Call mbedtls_platform_zeroize via mbedtls_sha3_free

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/sha3.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/sha3.c b/library/sha3.c
index 982550419b..dca5790484 100644
--- a/library/sha3.c
+++ b/library/sha3.c
@@ -286,7 +286,7 @@ int mbedtls_sha3_finish(mbedtls_sha3_context *ctx,
     ret = 0;
 
 exit:
-    mbedtls_platform_zeroize(ctx, sizeof(mbedtls_sha3_context));
+    mbedtls_sha3_free(ctx);
     return ret;
 }