From 64ce9741800526fcf62151245f61af10bf269a1e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 08:19:40 +0100 Subject: [PATCH 001/271] Don't check ciphersuite and compression in SSL session cache lookup Session-ID based session resumption requires that the resumed session is consistent with the client's ClientHello in terms of choice of ciphersuite and choice of compression. This check was previously assumed to be performed in the session cache implementation, which seems wrong: The session cache should be an id-based lookup only, and protocol specific checks should be left to Mbed TLS. This commit - adds an explicit ciphersuite and compression consistency check after the SSL session cache has been queried - removes the ciphersuite and compression consistency check from Mbed TLS' session cache reference implementation. Signed-off-by: Hanno Becker --- library/ssl_cache.c | 10 +++---- library/ssl_srv.c | 64 +++++++++++++++++++++++++++++++++------------ 2 files changed, 52 insertions(+), 22 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index bb5007bd1a..ce85157d2f 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -78,14 +78,12 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) continue; #endif - if( session->ciphersuite != entry->session.ciphersuite || - session->compression != entry->session.compression || - session->id_len != entry->session.id_len ) - continue; - - if( memcmp( session->id, entry->session.id, + if( session->id_len != entry->session.id_len || + memcmp( session->id, entry->session.id, entry->session.id_len ) != 0 ) + { continue; + } ret = mbedtls_ssl_session_copy( session, &entry->session ); if( ret != 0 ) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 913a18f7e5..40ad490d8e 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2765,6 +2765,53 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ +static void ssl_check_id_based_session_resumption( mbedtls_ssl_context *ssl ) +{ + int ret; + mbedtls_ssl_session session_tmp = { 0 }; + mbedtls_ssl_session * const session = ssl->session_negotiate; + + /* Resume is 0 by default, see ssl_handshake_init(). + * It may be already set to 1 by ssl_parse_session_ticket_ext(). */ + if( ssl->handshake->resume == 1 ) + return; + if( ssl->session_negotiate->id_len == 0 ) + return; + if( ssl->conf->f_get_cache == NULL ) + return; +#if defined(MBEDTLS_SSL_RENEGOTIATION) + if( ssl->renego_status != MBEDTLS_SSL_INITIAL_HANDSHAKE ) + return; +#endif + + session_tmp.id_len = session->id_len; + memcpy( session_tmp.id, session->id, session->id_len ); + + ret = ssl->conf->f_get_cache( ssl->conf->p_cache, + &session_tmp ); + if( ret != 0 ) + goto exit; + + if( session->ciphersuite != session_tmp.ciphersuite || + session->compression != session_tmp.compression ) + { + /* Mismatch between cached and negotiated session */ + goto exit; + } + + /* Move semantics */ + /* Zeroization of session_tmp happens at the end of the function. */ + mbedtls_ssl_session_free( session ); + *session = session_tmp; + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); + ssl->handshake->resume = 1; + +exit: + + mbedtls_platform_zeroize( &session_tmp, sizeof( session_tmp ) ); +} + static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) { #if defined(MBEDTLS_HAVE_TIME) @@ -2835,22 +2882,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); - /* - * Resume is 0 by default, see ssl_handshake_init(). - * It may be already set to 1 by ssl_parse_session_ticket_ext(). - * If not, try looking up session ID in our cache. - */ - if( ssl->handshake->resume == 0 && -#if defined(MBEDTLS_SSL_RENEGOTIATION) - ssl->renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE && -#endif - ssl->session_negotiate->id_len != 0 && - ssl->conf->f_get_cache != NULL && - ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); - ssl->handshake->resume = 1; - } + ssl_check_id_based_session_resumption( ssl ); if( ssl->handshake->resume == 0 ) { From a637ff6ddd04bbe2b5728a9544da47807f44ce7c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 08:42:48 +0100 Subject: [PATCH 002/271] Introduce typedef for SSL session cache callbacks Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 16 +++++++++++----- library/ssl_tls.c | 6 +++--- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 41973b767f..b2d5574fc8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -501,6 +501,7 @@ typedef enum MBEDTLS_SSL_TLS_PRF_SHA256 } mbedtls_tls_prf_types; + /** * \brief Callback type: send data on the network. * @@ -626,6 +627,11 @@ typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert; typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; #endif +/* TODO: Document */ +typedef int mbedtls_ssl_cache_get_t( void *data, mbedtls_ssl_session *session ); +/* TODO: Document */ +typedef int mbedtls_ssl_cache_set_t( void *data, const mbedtls_ssl_session *session ); + #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) #if defined(MBEDTLS_X509_CRT_PARSE_C) /** @@ -968,9 +974,9 @@ struct mbedtls_ssl_config void *p_rng; /*!< context for the RNG function */ /** Callback to retrieve a session from the cache */ - int (*f_get_cache)(void *, mbedtls_ssl_session *); + mbedtls_ssl_cache_get_t *f_get_cache; /** Callback to store a session into the cache */ - int (*f_set_cache)(void *, const mbedtls_ssl_session *); + mbedtls_ssl_cache_set_t *f_set_cache; void *p_cache; /*!< context for cache callbacks */ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) @@ -2428,9 +2434,9 @@ void mbedtls_ssl_conf_handshake_timeout( mbedtls_ssl_config *conf, uint32_t min, * \param f_set_cache session set callback */ void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ); + void *p_cache, + mbedtls_ssl_cache_get_t *f_get_cache, + mbedtls_ssl_cache_set_t *f_set_cache ); #endif /* MBEDTLS_SSL_SRV_C */ #if defined(MBEDTLS_SSL_CLI_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1a04f6cb9c..67fcebfddc 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4167,9 +4167,9 @@ void mbedtls_ssl_set_timer_cb( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_SRV_C) void mbedtls_ssl_conf_session_cache( mbedtls_ssl_config *conf, - void *p_cache, - int (*f_get_cache)(void *, mbedtls_ssl_session *), - int (*f_set_cache)(void *, const mbedtls_ssl_session *) ) + void *p_cache, + mbedtls_ssl_cache_get_t *f_get_cache, + mbedtls_ssl_cache_set_t *f_set_cache ) { conf->p_cache = p_cache; conf->f_get_cache = f_get_cache; From ccdaf6ed220bd8dd301e175864712df45043109f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 09:26:17 +0100 Subject: [PATCH 003/271] Add session ID as explicit parameter to SSL session cache API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 10 ++++++++-- include/mbedtls/ssl_cache.h | 25 +++++++++++++++++++------ library/ssl_cache.c | 19 ++++++++++++++----- library/ssl_srv.c | 5 ++--- library/ssl_tls.c | 5 ++++- 5 files changed, 47 insertions(+), 17 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b2d5574fc8..89912c606f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -628,9 +628,15 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; #endif /* TODO: Document */ -typedef int mbedtls_ssl_cache_get_t( void *data, mbedtls_ssl_session *session ); +typedef int mbedtls_ssl_cache_get_t( void *data, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_session *session ); /* TODO: Document */ -typedef int mbedtls_ssl_cache_set_t( void *data, const mbedtls_ssl_session *session ); +typedef int mbedtls_ssl_cache_set_t( void *data, + unsigned char const *session_id, + size_t session_id_len, + const mbedtls_ssl_session *session ); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) #if defined(MBEDTLS_X509_CRT_PARSE_C) diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index c6ef2960f4..cb55f7f96f 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -99,19 +99,32 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ); * \brief Cache get callback implementation * (Thread-safe if MBEDTLS_THREADING_C is enabled) * - * \param data SSL cache context - * \param session session to retrieve entry for + * \param data The SSL cache context to use. + * \param session_id The pointer to the buffer holding the session ID + * for the session to load. + * \param session_id_len The length of \p session_id in bytes. + * \param session The address at which to store the session + * associated with \p session_id, if present. */ -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ); +int mbedtls_ssl_cache_get( void *data, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_session *session ); /** * \brief Cache set callback implementation * (Thread-safe if MBEDTLS_THREADING_C is enabled) * - * \param data SSL cache context - * \param session session to store entry for + * \param data The SSL cache context to use. + * \param session_id The pointer to the buffer holding the session ID + * associated to \p session. + * \param session_id_len The length of \p session_id in bytes. + * \param session The session to store. */ -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ); +int mbedtls_ssl_cache_set( void *data, + unsigned char const *session_id, + size_t session_id_len, + const mbedtls_ssl_session *session ); #if defined(MBEDTLS_HAVE_TIME) /** diff --git a/library/ssl_cache.c b/library/ssl_cache.c index ce85157d2f..e0e2177964 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -50,7 +50,10 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) #endif } -int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) +int mbedtls_ssl_cache_get( void *data, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_session *session ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) @@ -78,8 +81,8 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) continue; #endif - if( session->id_len != entry->session.id_len || - memcmp( session->id, entry->session.id, + if( session_id_len != entry->session.id_len || + memcmp( session_id, entry->session.id, entry->session.id_len ) != 0 ) { continue; @@ -135,7 +138,10 @@ exit: return( ret ); } -int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) +int mbedtls_ssl_cache_set( void *data, + unsigned char const *session_id, + size_t session_id_len, + const mbedtls_ssl_session *session ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) @@ -167,8 +173,11 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) } #endif - if( memcmp( session->id, cur->session.id, cur->session.id_len ) == 0 ) + if( session_id_len == cur->session.id_len && + memcmp( session_id, cur->session.id, cur->session.id_len ) == 0 ) + { break; /* client reconnected, keep timestamp for session id */ + } #if defined(MBEDTLS_HAVE_TIME) if( oldest == 0 || cur->timestamp < oldest ) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 40ad490d8e..784ab2d516 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2784,10 +2784,9 @@ static void ssl_check_id_based_session_resumption( mbedtls_ssl_context *ssl ) return; #endif - session_tmp.id_len = session->id_len; - memcpy( session_tmp.id, session->id, session->id_len ); - ret = ssl->conf->f_get_cache( ssl->conf->p_cache, + session->id, + session->id_len, &session_tmp ); if( ret != 0 ) goto exit; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 67fcebfddc..c26f68bee2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3411,7 +3411,10 @@ void mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl ) ssl->session->id_len != 0 && resume == 0 ) { - if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) + if( ssl->conf->f_set_cache( ssl->conf->p_cache, + ssl->session->id, + ssl->session->id_len, + ssl->session ) != 0 ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); } From 02a68ebc0eea891482091f6fe2f83e90539d9d66 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 09:57:17 +0100 Subject: [PATCH 004/271] Add helper function to finding a fresh entry in the SSL cache This commit improves the readability of the SSL session cache reference implementation of mbedtls_ssl_cache_set() by moving the logic for finding a suitable free slot for the session to store into a static helper function. Signed-off-by: Hanno Becker --- library/ssl_cache.c | 63 +++++++++++++++++++++++++++++++-------------- 1 file changed, 43 insertions(+), 20 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index e0e2177964..216b192739 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -138,24 +138,18 @@ exit: return( ret ); } -int mbedtls_ssl_cache_set( void *data, - unsigned char const *session_id, - size_t session_id_len, - const mbedtls_ssl_session *session ) +static int ssl_cache_find_fresh_entry( mbedtls_ssl_cache_context *cache, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_cache_entry **dst ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; mbedtls_ssl_cache_entry *old = NULL; #endif - mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; - mbedtls_ssl_cache_entry *cur, *prv; int count = 0; - -#if defined(MBEDTLS_THREADING_C) - if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) - return( ret ); -#endif + mbedtls_ssl_cache_entry *cur, *prv; cur = cache->chain; prv = NULL; @@ -249,17 +243,46 @@ int mbedtls_ssl_cache_set( void *data, #endif } -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* - * If we're reusing an entry, free its certificate first - */ - if( cur->peer_cert.p != NULL ) + if( cur != NULL ) { - mbedtls_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + *dst = cur; + + /* + * If we're reusing an entry, free its certificate first + */ + if( cur->peer_cert.p != NULL ) + { + mbedtls_free( cur->peer_cert.p ); + memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + } + + ret = 0; } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + +exit: + + return( ret ); +} + +int mbedtls_ssl_cache_set( void *data, + unsigned char const *session_id, + size_t session_id_len, + const mbedtls_ssl_session *session ) +{ + int ret = 1; + mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; + mbedtls_ssl_cache_entry *cur; + +#if defined(MBEDTLS_THREADING_C) + if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) + return( ret ); +#endif + + ret = ssl_cache_find_fresh_entry( cache, + session_id, session_id_len, + &cur ); + if( ret != 0 ) + goto exit; /* Copy the entire session; this temporarily makes a copy of the * X.509 CRT structure even though we only want to store the raw CRT. From f938c436fb33e43b566402b9f0e024cb26256936 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 10:17:53 +0100 Subject: [PATCH 005/271] Add helper function to find entry in SSL session cache Signed-off-by: Hanno Becker --- library/ssl_cache.c | 120 +++++++++++++++++++++++++------------------- 1 file changed, 67 insertions(+), 53 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 216b192739..3fdab5b48e 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -50,84 +50,98 @@ void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache ) #endif } +static int ssl_cache_find_entry( mbedtls_ssl_cache_context *cache, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_cache_entry **dst ) +{ + int ret = 1; +#if defined(MBEDTLS_HAVE_TIME) + mbedtls_time_t t = mbedtls_time( NULL ); +#endif + mbedtls_ssl_cache_entry *cur; + + for( cur = cache->chain; cur != NULL; cur = cur->next ) + { +#if defined(MBEDTLS_HAVE_TIME) + if( cache->timeout != 0 && + (int) ( t - cur->timestamp ) > cache->timeout ) + continue; +#endif + + if( session_id_len != cur->session.id_len || + memcmp( session_id, cur->session.id, + cur->session.id_len ) != 0 ) + { + continue; + } + + break; + } + + if( cur != NULL ) + { + *dst = cur; + ret = 0; + } + + return( ret ); +} + + int mbedtls_ssl_cache_get( void *data, unsigned char const *session_id, size_t session_id_len, mbedtls_ssl_session *session ) { int ret = 1; -#if defined(MBEDTLS_HAVE_TIME) - mbedtls_time_t t = mbedtls_time( NULL ); -#endif mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; - mbedtls_ssl_cache_entry *cur, *entry; + mbedtls_ssl_cache_entry *entry; #if defined(MBEDTLS_THREADING_C) if( mbedtls_mutex_lock( &cache->mutex ) != 0 ) return( 1 ); #endif - cur = cache->chain; - entry = NULL; + ret = ssl_cache_find_entry( cache, session_id, session_id_len, &entry ); + if( ret != 0 ) + goto exit; - while( cur != NULL ) + ret = mbedtls_ssl_session_copy( session, &entry->session ); + if( ret != 0 ) + goto exit; + +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) + /* + * Restore peer certificate (without rest of the original chain) + */ + if( entry->peer_cert.p != NULL ) { - entry = cur; - cur = cur->next; + /* `session->peer_cert` is NULL after the call to + * mbedtls_ssl_session_copy(), because cache entries + * have the `peer_cert` field set to NULL. */ -#if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - entry->timestamp ) > cache->timeout ) - continue; -#endif - - if( session_id_len != entry->session.id_len || - memcmp( session_id, entry->session.id, - entry->session.id_len ) != 0 ) - { - continue; - } - - ret = mbedtls_ssl_session_copy( session, &entry->session ); - if( ret != 0 ) + if( ( session->peer_cert = mbedtls_calloc( 1, + sizeof(mbedtls_x509_crt) ) ) == NULL ) { ret = 1; goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* - * Restore peer certificate (without rest of the original chain) - */ - if( entry->peer_cert.p != NULL ) + mbedtls_x509_crt_init( session->peer_cert ); + if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, + entry->peer_cert.len ) != 0 ) { - /* `session->peer_cert` is NULL after the call to - * mbedtls_ssl_session_copy(), because cache entries - * have the `peer_cert` field set to NULL. */ - - if( ( session->peer_cert = mbedtls_calloc( 1, - sizeof(mbedtls_x509_crt) ) ) == NULL ) - { - ret = 1; - goto exit; - } - - mbedtls_x509_crt_init( session->peer_cert ); - if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, - entry->peer_cert.len ) != 0 ) - { - mbedtls_free( session->peer_cert ); - session->peer_cert = NULL; - ret = 1; - goto exit; - } + mbedtls_free( session->peer_cert ); + session->peer_cert = NULL; + ret = 1; + goto exit; } + } #endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - ret = 0; - goto exit; - } + ret = 0; exit: #if defined(MBEDTLS_THREADING_C) From 7e6eb9fa27a67eb8ab9833c3e5fb1075073513f6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 10:26:06 +0100 Subject: [PATCH 006/271] Simplify SSL session cache implementation via session serialization Signed-off-by: Hanno Becker --- include/mbedtls/ssl_cache.h | 12 ++-- library/ssl_cache.c | 125 +++++++++++++++--------------------- 2 files changed, 57 insertions(+), 80 deletions(-) diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index cb55f7f96f..ac7b77cfbb 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -67,11 +67,13 @@ struct mbedtls_ssl_cache_entry #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t timestamp; /*!< entry timestamp */ #endif - mbedtls_ssl_session session; /*!< entry session */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_x509_buf peer_cert; /*!< entry peer_cert */ -#endif + + unsigned char session_id[32]; /*!< session ID */ + size_t session_id_len; + + unsigned char *session; /*!< serialized session */ + size_t session_len; + mbedtls_ssl_cache_entry *next; /*!< chain pointer */ }; diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 3fdab5b48e..3677e51539 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -69,9 +69,9 @@ static int ssl_cache_find_entry( mbedtls_ssl_cache_context *cache, continue; #endif - if( session_id_len != cur->session.id_len || - memcmp( session_id, cur->session.id, - cur->session.id_len ) != 0 ) + if( session_id_len != cur->session_id_len || + memcmp( session_id, cur->session_id, + cur->session_id_len ) != 0 ) { continue; } @@ -107,40 +107,12 @@ int mbedtls_ssl_cache_get( void *data, if( ret != 0 ) goto exit; - ret = mbedtls_ssl_session_copy( session, &entry->session ); + ret = mbedtls_ssl_session_load( session, + entry->session, + entry->session_len ); if( ret != 0 ) goto exit; -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* - * Restore peer certificate (without rest of the original chain) - */ - if( entry->peer_cert.p != NULL ) - { - /* `session->peer_cert` is NULL after the call to - * mbedtls_ssl_session_copy(), because cache entries - * have the `peer_cert` field set to NULL. */ - - if( ( session->peer_cert = mbedtls_calloc( 1, - sizeof(mbedtls_x509_crt) ) ) == NULL ) - { - ret = 1; - goto exit; - } - - mbedtls_x509_crt_init( session->peer_cert ); - if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p, - entry->peer_cert.len ) != 0 ) - { - mbedtls_free( session->peer_cert ); - session->peer_cert = NULL; - ret = 1; - goto exit; - } - } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - ret = 0; exit: @@ -181,8 +153,8 @@ static int ssl_cache_find_fresh_entry( mbedtls_ssl_cache_context *cache, } #endif - if( session_id_len == cur->session.id_len && - memcmp( session_id, cur->session.id, cur->session.id_len ) == 0 ) + if( session_id_len == cur->session_id_len && + memcmp( session_id, cur->session_id, cur->session_id_len ) == 0 ) { break; /* client reconnected, keep timestamp for session id */ } @@ -262,12 +234,15 @@ static int ssl_cache_find_fresh_entry( mbedtls_ssl_cache_context *cache, *dst = cur; /* - * If we're reusing an entry, free its certificate first + * If we're reusing an entry, free it first. */ - if( cur->peer_cert.p != NULL ) + if( cur->session != NULL ) { - mbedtls_free( cur->peer_cert.p ); - memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); + mbedtls_free( cur->session ); + cur->session = NULL; + cur->session_len = 0; + memset( cur->session_id, 0, sizeof( cur->session_id ) ); + cur->session_id_len = 0; } ret = 0; @@ -287,6 +262,9 @@ int mbedtls_ssl_cache_set( void *data, mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data; mbedtls_ssl_cache_entry *cur; + size_t session_serialized_len; + unsigned char *session_serialized = NULL; + #if defined(MBEDTLS_THREADING_C) if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 ) return( ret ); @@ -298,41 +276,41 @@ int mbedtls_ssl_cache_set( void *data, if( ret != 0 ) goto exit; - /* Copy the entire session; this temporarily makes a copy of the - * X.509 CRT structure even though we only want to store the raw CRT. - * This inefficiency will go away as soon as we implement on-demand - * parsing of CRTs, in which case there's no need for the `peer_cert` - * field anymore in the first place, and we're done after this call. */ - ret = mbedtls_ssl_session_copy( &cur->session, session ); - if( ret != 0 ) + /* Check how much space we need to serialize the session + * and allocate a sufficiently large buffer. */ + ret = mbedtls_ssl_session_save( session, NULL, 0, &session_serialized_len ); + if( ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ) { ret = 1; goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - /* If present, free the X.509 structure and only store the raw CRT data. */ - if( cur->session.peer_cert != NULL ) + session_serialized = mbedtls_calloc( 1, session_serialized_len ); + if( session_serialized == NULL ) { - cur->peer_cert.p = - mbedtls_calloc( 1, cur->session.peer_cert->raw.len ); - if( cur->peer_cert.p == NULL ) - { - ret = 1; - goto exit; - } - - memcpy( cur->peer_cert.p, - cur->session.peer_cert->raw.p, - cur->session.peer_cert->raw.len ); - cur->peer_cert.len = session->peer_cert->raw.len; - - mbedtls_x509_crt_free( cur->session.peer_cert ); - mbedtls_free( cur->session.peer_cert ); - cur->session.peer_cert = NULL; + ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; + goto exit; } -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ + + /* Now serialize the session into the allocated buffer. */ + ret = mbedtls_ssl_session_save( session, + session_serialized, + session_serialized_len, + &session_serialized_len ); + if( ret != 0 ) + goto exit; + + if( session_id_len > 32 ) + { + ret = 1; + goto exit; + } + cur->session_id_len = session_id_len; + memcpy( cur->session_id, session_id, session_id_len ); + + cur->session = session_serialized; + cur->session_len = session_serialized_len; + session_serialized = NULL; ret = 0; @@ -342,6 +320,9 @@ exit: ret = 1; #endif + if( session_serialized != NULL ) + mbedtls_platform_zeroize( session_serialized, session_serialized_len ); + return( ret ); } @@ -372,13 +353,7 @@ void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) prv = cur; cur = cur->next; - mbedtls_ssl_session_free( &prv->session ); - -#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ - defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - mbedtls_free( prv->peer_cert.p ); -#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - + mbedtls_free( prv->session ); mbedtls_free( prv ); } From a5b1a3945b8561f0247e7f7ab5269911b6265e40 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 16:48:01 +0100 Subject: [PATCH 007/271] Don't use 0-initializer for structs Signed-off-by: Hanno Becker --- library/ssl_srv.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 784ab2d516..7bdad3d0de 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2768,7 +2768,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) static void ssl_check_id_based_session_resumption( mbedtls_ssl_context *ssl ) { int ret; - mbedtls_ssl_session session_tmp = { 0 }; + mbedtls_ssl_session session_tmp; mbedtls_ssl_session * const session = ssl->session_negotiate; /* Resume is 0 by default, see ssl_handshake_init(). @@ -2784,6 +2784,8 @@ static void ssl_check_id_based_session_resumption( mbedtls_ssl_context *ssl ) return; #endif + mbedtls_ssl_session_init( &session_tmp ); + ret = ssl->conf->f_get_cache( ssl->conf->p_cache, session->id, session->id_len, From aee4cc4cbbb29b63c6a81c8bb4d470054b5978d5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 15 Apr 2021 16:49:32 +0100 Subject: [PATCH 008/271] Use sizeof() instead of magic constant Signed-off-by: Hanno Becker --- library/ssl_cache.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 3677e51539..6ef1a972c8 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -300,7 +300,7 @@ int mbedtls_ssl_cache_set( void *data, if( ret != 0 ) goto exit; - if( session_id_len > 32 ) + if( session_id_len > sizeof( cur->session_id ) ) { ret = 1; goto exit; From 36dd93e7453c2c185c5b95fb46cac152142476e4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 13:02:03 +0200 Subject: [PATCH 009/271] Test the multipart GCM interface The existing GCM test suite only exercises the one-shot API. Also test the multipart interface: systematically run it on the same test data, with the input (plaintext or ciphertext) split in two parts. Given the current limitations of the GCM API, the associated data is always passed in a single shot to mbedtls_gcm_starts(), and the first part of the input is a nonzero multiple of 16. Signed-off-by: Gilles Peskine --- tests/suites/test_suite_gcm.function | 83 +++++++++++++++++++++++++--- 1 file changed, 76 insertions(+), 7 deletions(-) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 9b7b0ee14c..c2f353496e 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -1,5 +1,57 @@ /* BEGIN_HEADER */ #include "mbedtls/gcm.h" + +/* Use the multipart interface to process the encrypted data in two parts + * and check that the output matches the expected output. + * The context must have been set up with the key. */ +static int check_multipart( mbedtls_gcm_context *ctx, + int mode, + const data_t *iv, + const data_t *add, + const data_t *input, + const data_t *expected_output, + const data_t *tag, + size_t n1 ) +{ + int ok = 0; + uint8_t *output = NULL; + size_t n2 = input->len - n1; + + /* Sanity checks on the test data */ + TEST_ASSERT( n1 <= input->len ); + TEST_EQUAL( input->len, expected_output->len ); + + TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, + iv->x, iv->len, + add->x, add->len ) ); + + /* Allocate a tight buffer for each update call. This way, if the function + * tries to write beyond the advertised required buffer size, this will + * count as an overflow for memory sanitizers and static checkers. */ + ASSERT_ALLOC( output, n1 ); + TEST_EQUAL( 0, mbedtls_gcm_update( ctx, n1, input->x, output ) ); + ASSERT_COMPARE( output, n1, expected_output->x, n1 ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, n2 ); + TEST_EQUAL( 0, mbedtls_gcm_update( ctx, n2, input->x + n1, output ) ); + ASSERT_COMPARE( output, n2, expected_output->x + n1, n2 ); + mbedtls_free( output ); + output = NULL; + + ASSERT_ALLOC( output, tag->len ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, output, tag->len ) ); + ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); + mbedtls_free( output ); + output = NULL; + + ok = 1; +exit: + mbedtls_free( output ); + return( ok ); +} + /* END_HEADER */ /* BEGIN_DEPENDENCIES @@ -43,6 +95,7 @@ void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, unsigned char tag_output[16]; mbedtls_gcm_context ctx; size_t tag_len = tag_len_bits / 8; + size_t n1; mbedtls_gcm_init( &ctx ); @@ -55,10 +108,18 @@ void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, { TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, src_str->len, iv_str->x, iv_str->len, add_str->x, add_str->len, src_str->x, output, tag_len, tag_output ) == 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, - src_str->len, dst->len ) == 0 ); - TEST_ASSERT( mbedtls_test_hexcmp( tag_output, tag->x, - tag_len, tag->len ) == 0 ); + ASSERT_COMPARE( output, src_str->len, dst->x, dst->len ); + ASSERT_COMPARE( tag_output, tag_len, tag->x, tag->len ); + + for( n1 = 16; n1 < src_str->len; n1 += 16 ) + { + mbedtls_test_set_step( n1 ); + if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT, + iv_str, add_str, src_str, + dst, tag, + n1 ) ) + goto exit; + } } exit: @@ -77,6 +138,7 @@ void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, mbedtls_gcm_context ctx; int ret; size_t tag_len = tag_len_bits / 8; + size_t n1; mbedtls_gcm_init( &ctx ); @@ -95,10 +157,17 @@ void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, else { TEST_ASSERT( ret == 0 ); + ASSERT_COMPARE( output, src_str->len, pt_result->x, pt_result->len ); - TEST_ASSERT( mbedtls_test_hexcmp( output, pt_result->x, - src_str->len, - pt_result->len ) == 0 ); + for( n1 = 16; n1 < src_str->len; n1 += 16 ) + { + mbedtls_test_set_step( n1 ); + if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT, + iv_str, add_str, src_str, + pt_result, tag_str, + n1 ) ) + goto exit; + } } } From 58fc272af9359a171e6a9549ab6385feedc9a2dd Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 15:58:27 +0200 Subject: [PATCH 010/271] Remove alignment requirement for mbedtls_gcm_update: implementation mbedtls_gcm_update now accepts inputs of arbitrary size. There is no longer a requirement that all calls except the last one pass a multiple of 16 bytes. This commit updates the library code and adjusts the GCM tests to exercise arbitrarily aligned input sizes. Signed-off-by: Gilles Peskine --- library/gcm.c | 113 ++++++++++++++++++++------- tests/suites/test_suite_gcm.function | 4 +- 2 files changed, 86 insertions(+), 31 deletions(-) diff --git a/library/gcm.c b/library/gcm.c index 300521ecdd..b3105d80d6 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -355,21 +355,64 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, return( 0 ); } +/* Increment the counter. */ +static void gcm_incr( unsigned char y[16] ) +{ + size_t i; + for( i = 16; i > 12; i-- ) + if( ++y[i - 1] != 0 ) + break; +} + +/* Calculate and apply the encryption mask. Process use_len bytes of data, + * starting at position offset in the mask block. */ +static int gcm_mask( mbedtls_gcm_context *ctx, + unsigned char ectr[16], + size_t offset, size_t use_len, + const unsigned char *input, + unsigned char *output ) +{ + size_t i; + size_t olen = 0; + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, + &olen ) ) != 0 ) + { + mbedtls_platform_zeroize( ectr, 16 ); + return( ret ); + } + + for( i = 0; i < use_len; i++ ) + { + if( ctx->mode == MBEDTLS_GCM_DECRYPT ) + ctx->buf[offset + i] ^= input[i]; + output[i] = ectr[offset + i] ^ input[i]; + if( ctx->mode == MBEDTLS_GCM_ENCRYPT ) + ctx->buf[offset + i] ^= output[i]; + } + return( 0 ); +} + int mbedtls_gcm_update( mbedtls_gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char ectr[16]; - size_t i; - const unsigned char *p; + const unsigned char *p = input; unsigned char *out_p = output; - size_t use_len, olen = 0; + size_t offset; + unsigned char ectr[16]; + + /* Exit early if length==0 so that we don't do any pointer arithmetic on + * a potentially null pointer. */ + if( length == 0 ) + return( 0 ); GCM_VALIDATE_RET( ctx != NULL ); - GCM_VALIDATE_RET( length == 0 || input != NULL ); - GCM_VALIDATE_RET( length == 0 || output != NULL ); + GCM_VALIDATE_RET( input != NULL ); + GCM_VALIDATE_RET( output != NULL ); if( output > input && (size_t) ( output - input ) < length ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); @@ -382,39 +425,48 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, return( MBEDTLS_ERR_GCM_BAD_INPUT ); } - ctx->len += length; - - p = input; - while( length > 0 ) + offset = ctx->len % 16; + if( offset != 0 ) { - use_len = ( length < 16 ) ? length : 16; + size_t use_len = 16 - offset; + if( use_len > length ) + use_len = length; - for( i = 16; i > 12; i-- ) - if( ++ctx->y[i - 1] != 0 ) - break; - - if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, - &olen ) ) != 0 ) - { + if( ( ret = gcm_mask( ctx, ectr, offset, use_len, p, out_p ) ) != 0 ) return( ret ); - } - for( i = 0; i < use_len; i++ ) - { - if( ctx->mode == MBEDTLS_GCM_DECRYPT ) - ctx->buf[i] ^= p[i]; - out_p[i] = ectr[i] ^ p[i]; - if( ctx->mode == MBEDTLS_GCM_ENCRYPT ) - ctx->buf[i] ^= out_p[i]; - } - - gcm_mult( ctx, ctx->buf, ctx->buf ); + if( offset + use_len == 16 ) + gcm_mult( ctx, ctx->buf, ctx->buf ); + ctx->len += use_len; length -= use_len; p += use_len; out_p += use_len; } + ctx->len += length; + + while( length >= 16 ) + { + gcm_incr( ctx->y ); + if( ( ret = gcm_mask( ctx, ectr, 0, 16, p, out_p ) ) != 0 ) + return( ret ); + + gcm_mult( ctx, ctx->buf, ctx->buf ); + + length -= 16; + p += 16; + out_p += 16; + } + + if( length > 0 ) + { + gcm_incr( ctx->y ); + if( ( ret = gcm_mask( ctx, ectr, 0, length, p, out_p ) ) != 0 ) + return( ret ); + } + + mbedtls_platform_zeroize( ectr, sizeof( ectr ) ); return( 0 ); } @@ -436,6 +488,9 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, if( tag_len > 16 || tag_len < 4 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); + if( ctx->len % 16 != 0 ) + gcm_mult( ctx, ctx->buf, ctx->buf ); + memcpy( tag, ctx->base_ectr, tag_len ); if( orig_len || orig_add_len ) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index c2f353496e..d4dce9398c 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -111,7 +111,7 @@ void gcm_encrypt_and_tag( int cipher_id, data_t * key_str, ASSERT_COMPARE( output, src_str->len, dst->x, dst->len ); ASSERT_COMPARE( tag_output, tag_len, tag->x, tag->len ); - for( n1 = 16; n1 < src_str->len; n1 += 16 ) + for( n1 = 0; n1 <= src_str->len; n1 += 1 ) { mbedtls_test_set_step( n1 ); if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT, @@ -159,7 +159,7 @@ void gcm_decrypt_and_verify( int cipher_id, data_t * key_str, TEST_ASSERT( ret == 0 ); ASSERT_COMPARE( output, src_str->len, pt_result->x, pt_result->len ); - for( n1 = 16; n1 < src_str->len; n1 += 16 ) + for( n1 = 0; n1 <= src_str->len; n1 += 1 ) { mbedtls_test_set_step( n1 ); if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT, From 441907ec30a837e20bdd4cd7d6f4ec9e0b3928f0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 13 Apr 2021 16:09:32 +0200 Subject: [PATCH 011/271] Remove alignment requirement for mbedtls_gcm_update: documentation Signed-off-by: Gilles Peskine --- ChangeLog.d/gcm-update.txt | 4 ++++ include/mbedtls/cipher.h | 5 ----- include/mbedtls/gcm.h | 7 +------ 3 files changed, 5 insertions(+), 11 deletions(-) create mode 100644 ChangeLog.d/gcm-update.txt diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt new file mode 100644 index 0000000000..4511fec32a --- /dev/null +++ b/ChangeLog.d/gcm-update.txt @@ -0,0 +1,4 @@ +Features + * The multi-part GCM interface (mbedtls_gcm_update() or + mbedtls_cipher_update()) no longer requires the size of partial inputs to + be a multiple of 16. diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index bfc911fc1b..eaa49b1fff 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -727,11 +727,6 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, * Exception: For MBEDTLS_MODE_ECB, expects a single block * in size. For example, 16 Bytes for AES. * - * \note If the underlying cipher is used in GCM mode, all calls - * to this function, except for the last one before - * mbedtls_cipher_finish(), must have \p ilen as a - * multiple of the block size of the cipher. - * * \param ctx The generic cipher context. This must be initialized and * bound to a key. * \param input The buffer holding the input data. This must be a diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 6b673616f9..8a26ebb964 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -249,17 +249,12 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * \brief This function feeds an input buffer into an ongoing GCM * encryption or decryption operation. * - * ` The function expects input to be a multiple of 16 - * Bytes. Only the last call before calling - * mbedtls_gcm_finish() can be less than 16 Bytes. - * * \note For decryption, the output buffer cannot be the same as * input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. * * \param ctx The GCM context. This must be initialized. - * \param length The length of the input data. This must be a multiple of - * 16 except in the last call before mbedtls_gcm_finish(). + * \param length The length of the input data. * \param input The buffer holding the input data. If \p length is greater * than zero, this must be a readable buffer of at least that * size in Bytes. From 9461e45a17b0172b96f33567a09d051f77da3a7b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Apr 2021 16:48:32 +0200 Subject: [PATCH 012/271] Add output parameter to mbedtls_gcm_finish Alternative implementations of GCM may delay the output of partial blocks from mbedtls_gcm_update(). Add an output parameter to mbedtls_gcm_finish() to allow such implementations to pass the final partial block back to the caller. With the software implementation, this final output is always empty. Signed-off-by: Gilles Peskine --- ChangeLog.d/gcm-update.txt | 10 ++++++++++ include/mbedtls/gcm.h | 14 ++++++++++++-- library/cipher.c | 2 ++ library/gcm.c | 15 ++++++++++----- tests/suites/test_suite_gcm.function | 6 +++--- 5 files changed, 37 insertions(+), 10 deletions(-) diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt index 4511fec32a..d384551021 100644 --- a/ChangeLog.d/gcm-update.txt +++ b/ChangeLog.d/gcm-update.txt @@ -1,3 +1,13 @@ +API changes + * The interface of the GCM module has changed to remove restrictions on + how the input to multipart operations is broken down. mbedtls_gcm_finish() + now takes an extra output parameter for the last partial output block. + The software implementation always produces the full output at each + call to mbedtls_gcm_update(), but alternative implementations activated + by MBEDTLS_GCM_ALT may delay partial blocks to the next call to + mbedtls_gcm_update() or mbedtls_gcm_finish(). + These changes are backward compatible for users of the cipher API. + Features * The multi-part GCM interface (mbedtls_gcm_update() or mbedtls_cipher_update()) no longer requires the size of partial inputs to diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 8a26ebb964..951ee00c43 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -282,13 +282,23 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * buffer of at least \p tag_len Bytes. * \param tag_len The length of the tag to generate. This must be at least * four. + * \param output The buffer for the final output. + * This must be a writable buffer of at least \p output_len + * bytes. + * With the built-in implementation, there is no final + * output and this can be \p NULL. + * Alternative implementations may return a partial block + * of output. + * \param output_len The size of the \p output buffer in bytes. + * With the built-in implementation, this can be \c 0. + * Alternative implementations may require a 15-byte buffer. * * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. */ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *tag, - size_t tag_len ); + unsigned char *output, size_t output_len, + unsigned char *tag, size_t tag_len ); /** * \brief This function clears a GCM context and the underlying diff --git a/library/cipher.c b/library/cipher.c index c88d6666dc..63eaba88fa 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -1101,6 +1101,7 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, + NULL, 0, tag, tag_len ) ); #endif @@ -1153,6 +1154,7 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, + NULL, 0, check_tag, tag_len ) ) ) { return( ret ); diff --git a/library/gcm.c b/library/gcm.c index b3105d80d6..de766bc764 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -471,8 +471,8 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, } int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *tag, - size_t tag_len ) + unsigned char *output, size_t output_len, + unsigned char *tag, size_t tag_len ) { unsigned char work_buf[16]; size_t i; @@ -482,6 +482,11 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( tag != NULL ); + /* We never pass any output in finish(). The output parameter exists only + * for the sake of alternative implementations. */ + (void) output; + (void) output_len; + orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; @@ -541,7 +546,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 ) return( ret ); - if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 ) + if( ( ret = mbedtls_gcm_finish( ctx, NULL, 0, tag, tag_len ) ) != 0 ) return( ret ); return( 0 ); @@ -979,7 +984,7 @@ int mbedtls_gcm_self_test( int verbose ) goto exit; } - ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); + ret = mbedtls_gcm_finish( &ctx, NULL, 0, tag_buf, 16 ); if( ret != 0 ) goto exit; @@ -1039,7 +1044,7 @@ int mbedtls_gcm_self_test( int verbose ) goto exit; } - ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 ); + ret = mbedtls_gcm_finish( &ctx, NULL, 0, tag_buf, 16 ); if( ret != 0 ) goto exit; diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index d4dce9398c..965d154825 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -41,7 +41,7 @@ static int check_multipart( mbedtls_gcm_context *ctx, output = NULL; ASSERT_ALLOC( output, tag->len ); - TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, output, tag->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) ); ASSERT_COMPARE( output, tag->len, tag->x, tag->len ); mbedtls_free( output ); output = NULL; @@ -326,10 +326,10 @@ void gcm_invalid_param( ) /* mbedtls_gcm_finish() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( NULL, valid_buffer, valid_len ) ); + mbedtls_gcm_finish( NULL, NULL, 0, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_finish( &ctx, NULL, valid_len ) ); + mbedtls_gcm_finish( &ctx, NULL, 0, NULL, valid_len ) ); exit: mbedtls_gcm_free( &ctx ); From a56c4486364c48ec4f0b0708487152252e6de735 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Apr 2021 17:22:35 +0200 Subject: [PATCH 013/271] Add output length parameters to mbedtls_gcm_update Alternative implementations of GCM may delay the output of partial blocks from mbedtls_gcm_update(). Add an output length parameter to mbedtls_gcm_update() to allow such implementations to delay the output of partial blocks. With the software implementation, there is no such delay. Signed-off-by: Gilles Peskine --- ChangeLog.d/gcm-update.txt | 1 + include/mbedtls/gcm.h | 42 +++++++++---- library/cipher.c | 6 +- library/gcm.c | 88 ++++++++++++++++++---------- tests/suites/test_suite_gcm.function | 30 ++++++---- 5 files changed, 112 insertions(+), 55 deletions(-) diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt index d384551021..10d53efd77 100644 --- a/ChangeLog.d/gcm-update.txt +++ b/ChangeLog.d/gcm-update.txt @@ -2,6 +2,7 @@ API changes * The interface of the GCM module has changed to remove restrictions on how the input to multipart operations is broken down. mbedtls_gcm_finish() now takes an extra output parameter for the last partial output block. + mbedtls_gcm_update() now takes extra parameters for the output length. The software implementation always produces the full output at each call to mbedtls_gcm_update(), but alternative implementations activated by MBEDTLS_GCM_ALT may delay partial blocks to the next call to diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 951ee00c43..0bd6e1e0fc 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -253,22 +253,42 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. * - * \param ctx The GCM context. This must be initialized. - * \param length The length of the input data. - * \param input The buffer holding the input data. If \p length is greater - * than zero, this must be a readable buffer of at least that - * size in Bytes. - * \param output The buffer for holding the output data. If \p length is - * greater than zero, this must be a writable buffer of at - * least that size in Bytes. + * \param ctx The GCM context. This must be initialized. + * \param input The buffer holding the input data. If \p input_length + * is greater than zero, this must be a readable buffer + * of at least \p input_length bytes. + * \param input_length The length of the input data in bytes. + * \param output The buffer for the output data. If \p output_length + * is greater than zero, this must be a writable buffer of + * of at least \p output_size bytes. + * This function may withhold the end of the output if + * it is a partial block for the underlying block cipher. + * That is, if the cumulated input passed to + * mbedtls_gcm_update() so far (including the current call) + * is 16 *n* + *p* with *p* < 16, this function may + * withhold the last *p* bytes, which will be output by + * a subsequent call to mbedtls_gcm_update() or + * mbedtls_gcm_finish(). + * \param output_size The size of the output buffer in bytes. + * This must be at least \p input_length plus the length + * of the input withheld by the previous call to + * mbedtls_gcm_update(). Therefore: + * - With arbitrary inputs, \p output_size may need to + * be as large as `input_length + 15`. + * - If all input lengths are a multiple of 16, then + * \p output_size = \p input_length is sufficient. + * \param output_length On success, \p *output_length contains the actual + * length of the output written in \p output. + * On failure, the content of \p *output_length is + * unspecified. * * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. */ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *input, - unsigned char *output ); + const unsigned char *input, size_t input_length, + unsigned char *output, size_t output_size, + size_t *output_length ); /** * \brief This function finishes the GCM operation and generates diff --git a/library/cipher.c b/library/cipher.c index 63eaba88fa..7e6d0e02c9 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -545,9 +545,9 @@ int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *i #if defined(MBEDTLS_GCM_C) if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM ) { - *olen = ilen; - return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input, - output ) ); + return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, + input, ilen, + output, ilen, olen ) ); } #endif diff --git a/library/gcm.c b/library/gcm.c index de766bc764..13e7296432 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -395,9 +395,9 @@ static int gcm_mask( mbedtls_gcm_context *ctx, } int mbedtls_gcm_update( mbedtls_gcm_context *ctx, - size_t length, - const unsigned char *input, - unsigned char *output ) + const unsigned char *input, size_t input_length, + unsigned char *output, size_t output_size, + size_t *output_length ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned char *p = input; @@ -405,22 +405,27 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, size_t offset; unsigned char ectr[16]; - /* Exit early if length==0 so that we don't do any pointer arithmetic on - * a potentially null pointer. */ - if( length == 0 ) + if( output_size < input_length ) + return( MBEDTLS_ERR_GCM_BAD_INPUT ); + GCM_VALIDATE_RET( output_length != NULL ); + *output_length = input_length; + + /* Exit early if input_length==0 so that we don't do any pointer arithmetic + * on a potentially null pointer. */ + if( input_length == 0 ) return( 0 ); GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( input != NULL ); GCM_VALIDATE_RET( output != NULL ); - if( output > input && (size_t) ( output - input ) < length ) + if( output > input && (size_t) ( output - input ) < input_length ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes * Also check for possible overflow */ - if( ctx->len + length < ctx->len || - (uint64_t) ctx->len + length > 0xFFFFFFFE0ull ) + if( ctx->len + input_length < ctx->len || + (uint64_t) ctx->len + input_length > 0xFFFFFFFE0ull ) { return( MBEDTLS_ERR_GCM_BAD_INPUT ); } @@ -429,8 +434,8 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, if( offset != 0 ) { size_t use_len = 16 - offset; - if( use_len > length ) - use_len = length; + if( use_len > input_length ) + use_len = input_length; if( ( ret = gcm_mask( ctx, ectr, offset, use_len, p, out_p ) ) != 0 ) return( ret ); @@ -439,14 +444,14 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, gcm_mult( ctx, ctx->buf, ctx->buf ); ctx->len += use_len; - length -= use_len; + input_length -= use_len; p += use_len; out_p += use_len; } - ctx->len += length; + ctx->len += input_length; - while( length >= 16 ) + while( input_length >= 16 ) { gcm_incr( ctx->y ); if( ( ret = gcm_mask( ctx, ectr, 0, 16, p, out_p ) ) != 0 ) @@ -454,15 +459,15 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, gcm_mult( ctx, ctx->buf, ctx->buf ); - length -= 16; + input_length -= 16; p += 16; out_p += 16; } - if( length > 0 ) + if( input_length > 0 ) { gcm_incr( ctx->y ); - if( ( ret = gcm_mask( ctx, ectr, 0, length, p, out_p ) ) != 0 ) + if( ( ret = gcm_mask( ctx, ectr, 0, input_length, p, out_p ) ) != 0 ) return( ret ); } @@ -532,6 +537,7 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, unsigned char *tag ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + size_t olen; GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( iv != NULL ); @@ -543,7 +549,8 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) return( ret ); - if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 ) + if( ( ret = mbedtls_gcm_update( ctx, input, length, + output, length, &olen ) ) != 0 ) return( ret ); if( ( ret = mbedtls_gcm_finish( ctx, NULL, 0, tag, tag_len ) ) != 0 ) @@ -840,6 +847,7 @@ int mbedtls_gcm_self_test( int verbose ) unsigned char tag_buf[16]; int i, j, ret; mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES; + size_t olen; for( j = 0; j < 3; j++ ) { @@ -963,25 +971,34 @@ int mbedtls_gcm_self_test( int verbose ) if( pt_len_test_data[i] > 32 ) { size_t rest_len = pt_len_test_data[i] - 32; - ret = mbedtls_gcm_update( &ctx, 32, + ret = mbedtls_gcm_update( &ctx, pt_test_data[pt_index_test_data[i]], - buf ); + 32, + buf, sizeof( buf ), &olen ); if( ret != 0 ) goto exit; + if( olen != 32 ) + goto exit; - ret = mbedtls_gcm_update( &ctx, rest_len, - pt_test_data[pt_index_test_data[i]] + 32, - buf + 32 ); + ret = mbedtls_gcm_update( &ctx, + pt_test_data[pt_index_test_data[i]] + 32, + rest_len, + buf + 32, sizeof( buf ) - 32, &olen ); if( ret != 0 ) goto exit; + if( olen != rest_len ) + goto exit; } else { - ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i], + ret = mbedtls_gcm_update( &ctx, pt_test_data[pt_index_test_data[i]], - buf ); + pt_len_test_data[i], + buf, sizeof( buf ), &olen ); if( ret != 0 ) goto exit; + if( olen != pt_len_test_data[i] ) + goto exit; } ret = mbedtls_gcm_finish( &ctx, NULL, 0, tag_buf, 16 ); @@ -1024,24 +1041,33 @@ int mbedtls_gcm_self_test( int verbose ) if( pt_len_test_data[i] > 32 ) { size_t rest_len = pt_len_test_data[i] - 32; - ret = mbedtls_gcm_update( &ctx, 32, ct_test_data[j * 6 + i], - buf ); + ret = mbedtls_gcm_update( &ctx, + ct_test_data[j * 6 + i], 32, + buf, sizeof( buf ), &olen ); if( ret != 0 ) goto exit; + if( olen != 32 ) + goto exit; - ret = mbedtls_gcm_update( &ctx, rest_len, + ret = mbedtls_gcm_update( &ctx, ct_test_data[j * 6 + i] + 32, - buf + 32 ); + rest_len, + buf + 32, sizeof( buf ) - 32, &olen ); if( ret != 0 ) goto exit; + if( olen != rest_len ) + goto exit; } else { - ret = mbedtls_gcm_update( &ctx, pt_len_test_data[i], + ret = mbedtls_gcm_update( &ctx, ct_test_data[j * 6 + i], - buf ); + pt_len_test_data[i], + buf, sizeof( buf ), &olen ); if( ret != 0 ) goto exit; + if( olen != pt_len_test_data[i] ) + goto exit; } ret = mbedtls_gcm_finish( &ctx, NULL, 0, tag_buf, 16 ); diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index 965d154825..da6aea8992 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -16,6 +16,7 @@ static int check_multipart( mbedtls_gcm_context *ctx, int ok = 0; uint8_t *output = NULL; size_t n2 = input->len - n1; + size_t olen; /* Sanity checks on the test data */ TEST_ASSERT( n1 <= input->len ); @@ -29,14 +30,18 @@ static int check_multipart( mbedtls_gcm_context *ctx, * tries to write beyond the advertised required buffer size, this will * count as an overflow for memory sanitizers and static checkers. */ ASSERT_ALLOC( output, n1 ); - TEST_EQUAL( 0, mbedtls_gcm_update( ctx, n1, input->x, output ) ); - ASSERT_COMPARE( output, n1, expected_output->x, n1 ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x, n1, output, n1, &olen ) ); + TEST_EQUAL( n1, olen ); + ASSERT_COMPARE( output, olen, expected_output->x, n1 ); mbedtls_free( output ); output = NULL; ASSERT_ALLOC( output, n2 ); - TEST_EQUAL( 0, mbedtls_gcm_update( ctx, n2, input->x + n1, output ) ); - ASSERT_COMPARE( output, n2, expected_output->x + n1, n2 ); + olen = 0xdeadbeef; + TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x + n1, n2, output, n2, &olen ) ); + TEST_EQUAL( n2, olen ); + ASSERT_COMPARE( output, olen, expected_output->x + n1, n2 ); mbedtls_free( output ); output = NULL; @@ -185,6 +190,7 @@ void gcm_invalid_param( ) int valid_mode = MBEDTLS_GCM_ENCRYPT; int valid_len = sizeof(valid_buffer); int valid_bitlen = 128, invalid_bitlen = 1; + size_t olen; mbedtls_gcm_init( &ctx ); @@ -312,16 +318,20 @@ void gcm_invalid_param( ) /* mbedtls_gcm_update() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( NULL, valid_len, - valid_buffer, valid_buffer ) ); + mbedtls_gcm_update( NULL, valid_buffer, valid_len, + valid_buffer, valid_len, &olen ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_len, - NULL, valid_buffer ) ); + mbedtls_gcm_update( &ctx, NULL, valid_len, + valid_buffer, valid_len, &olen ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_update( &ctx, valid_len, - valid_buffer, NULL ) ); + mbedtls_gcm_update( &ctx, valid_buffer, valid_len, + NULL, valid_len, &olen ) ); + TEST_INVALID_PARAM_RET( + MBEDTLS_ERR_GCM_BAD_INPUT, + mbedtls_gcm_update( &ctx, valid_buffer, valid_len, + valid_buffer, valid_len, NULL ) ); /* mbedtls_gcm_finish() */ TEST_INVALID_PARAM_RET( From 295fc13ef33c9ce610be812f83ed00b366be1c39 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 15 Apr 2021 18:32:23 +0200 Subject: [PATCH 014/271] Split mbedtls_gcm_update_ad out of mbedtls_gcm_starts The GCM interface now has separate functions to start the operation and to pass the associated data. This is in preparation for allowing the associated data to be passed in chunks with repeatated calls to mbedtls_gcm_update_ad(). Signed-off-by: Gilles Peskine --- ChangeLog.d/gcm-update.txt | 4 +- include/mbedtls/gcm.h | 29 +++++++++++--- library/cipher.c | 13 +++++- library/gcm.c | 60 +++++++++++++++++++--------- tests/suites/test_suite_gcm.function | 12 +++--- 5 files changed, 83 insertions(+), 35 deletions(-) diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt index 10d53efd77..0fffd094d0 100644 --- a/ChangeLog.d/gcm-update.txt +++ b/ChangeLog.d/gcm-update.txt @@ -6,7 +6,9 @@ API changes The software implementation always produces the full output at each call to mbedtls_gcm_update(), but alternative implementations activated by MBEDTLS_GCM_ALT may delay partial blocks to the next call to - mbedtls_gcm_update() or mbedtls_gcm_finish(). + mbedtls_gcm_update() or mbedtls_gcm_finish(). Furthermore, applications + no longer pass the associated data to mbedtls_gcm_starts(), but to the + new function mbedtls_gcm_update_ad(). These changes are backward compatible for users of the cipher API. Features diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 0bd6e1e0fc..7218081e3c 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -231,6 +231,26 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, * \param iv The initialization vector. This must be a readable buffer of * at least \p iv_len Bytes. * \param iv_len The length of the IV. + * + * \return \c 0 on success. + */ +int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, + int mode, + const unsigned char *iv, + size_t iv_len ); + +/** + * \brief This function starts a GCM encryption or decryption + * operation. + * + * \note This function may only be called once per operation: + * you must pass the whole associated data in a single + * call. This limitation will be lifted in a future version + * of Mbed TLS. + * + * \param ctx The GCM context. This must have been started with + * mbedtls_gcm_starts() and must not have yet received + * any input with mbedtls_gcm_update(). * \param add The buffer holding the additional data, or \c NULL * if \p add_len is \c 0. * \param add_len The length of the additional data. If \c 0, @@ -238,12 +258,9 @@ int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx, * * \return \c 0 on success. */ -int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len ); +int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, + const unsigned char *add, + size_t add_len ); /** * \brief This function feeds an input buffer into an ongoing GCM diff --git a/library/cipher.c b/library/cipher.c index 7e6d0e02c9..e09130ac5d 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -415,6 +415,15 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, } #endif +#if defined(MBEDTLS_GCM_C) + if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) + { + return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, + ctx->operation, + iv, iv_len ) ); + } +#endif + if ( actual_iv_size != 0 ) { memcpy( ctx->iv, iv, actual_iv_size ); @@ -466,8 +475,8 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode ) { - return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation, - ctx->iv, ctx->iv_size, ad, ad_len ) ); + return( mbedtls_gcm_update_ad( (mbedtls_gcm_context *) ctx->cipher_ctx, + ad, ad_len ) ); } #endif diff --git a/library/gcm.c b/library/gcm.c index 13e7296432..ee10093c0e 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -269,11 +269,8 @@ static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16], } int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, - int mode, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len ) + int mode, + const unsigned char *iv, size_t iv_len ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; @@ -283,16 +280,11 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, GCM_VALIDATE_RET( ctx != NULL ); GCM_VALIDATE_RET( iv != NULL ); - GCM_VALIDATE_RET( add_len == 0 || add != NULL ); - /* IV and AD are limited to 2^64 bits, so 2^61 bytes */ + /* IV is are limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ - if( iv_len == 0 || - ( (uint64_t) iv_len ) >> 61 != 0 || - ( (uint64_t) add_len ) >> 61 != 0 ) - { + if( iv_len == 0 || (uint64_t) iv_len >> 61 != 0 ) return( MBEDTLS_ERR_GCM_BAD_INPUT ); - } memset( ctx->y, 0x00, sizeof(ctx->y) ); memset( ctx->buf, 0x00, sizeof(ctx->buf) ); @@ -337,6 +329,26 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, return( ret ); } + return( 0 ); +} + + +int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, + const unsigned char *add, size_t add_len ) +{ + const unsigned char *p; + size_t use_len, i; + + GCM_VALIDATE_RET( add_len == 0 || add != NULL ); + + /* IV is are limited to 2^64 bits, so 2^61 bytes */ + if( (uint64_t) add_len >> 61 != 0 ) + return( MBEDTLS_ERR_GCM_BAD_INPUT ); + + /* Calling update_ad multiple times is not yet supported */ + if( ctx->add_len != 0 ) + return( MBEDTLS_ERR_GCM_BAD_INPUT ); + ctx->add_len = add_len; p = add; while( add_len > 0 ) @@ -546,7 +558,10 @@ int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx, GCM_VALIDATE_RET( length == 0 || output != NULL ); GCM_VALIDATE_RET( tag != NULL ); - if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) + if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len ) ) != 0 ) + return( ret ); + + if( ( ret = mbedtls_gcm_update_ad( ctx, add, add_len ) ) != 0 ) return( ret ); if( ( ret = mbedtls_gcm_update( ctx, input, length, @@ -961,10 +976,14 @@ int mbedtls_gcm_self_test( int verbose ) goto exit; ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT, - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], - additional_test_data[add_index_test_data[i]], - add_len_test_data[i] ); + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i] ); + if( ret != 0 ) + goto exit; + + ret = mbedtls_gcm_update_ad( &ctx, + additional_test_data[add_index_test_data[i]], + add_len_test_data[i] ); if( ret != 0 ) goto exit; @@ -1031,8 +1050,11 @@ int mbedtls_gcm_self_test( int verbose ) goto exit; ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT, - iv_test_data[iv_index_test_data[i]], - iv_len_test_data[i], + iv_test_data[iv_index_test_data[i]], + iv_len_test_data[i] ); + if( ret != 0 ) + goto exit; + ret = mbedtls_gcm_update_ad( &ctx, additional_test_data[add_index_test_data[i]], add_len_test_data[i] ); if( ret != 0 ) diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function index da6aea8992..9733eb2356 100644 --- a/tests/suites/test_suite_gcm.function +++ b/tests/suites/test_suite_gcm.function @@ -23,8 +23,8 @@ static int check_multipart( mbedtls_gcm_context *ctx, TEST_EQUAL( input->len, expected_output->len ); TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, - iv->x, iv->len, - add->x, add->len ) ); + iv->x, iv->len ) ); + TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) ); /* Allocate a tight buffer for each update call. This way, if the function * tries to write beyond the advertised required buffer size, this will @@ -300,19 +300,17 @@ void gcm_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, mbedtls_gcm_starts( NULL, valid_mode, - valid_buffer, valid_len, valid_buffer, valid_len ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, mbedtls_gcm_starts( &ctx, valid_mode, - NULL, valid_len, - valid_buffer, valid_len ) ); + NULL, valid_len ) ); + /* mbedtls_gcm_update_ad() */ TEST_INVALID_PARAM_RET( MBEDTLS_ERR_GCM_BAD_INPUT, - mbedtls_gcm_starts( &ctx, valid_mode, - valid_buffer, valid_len, + mbedtls_gcm_update_ad( &ctx, NULL, valid_len ) ); /* mbedtls_gcm_update() */ From 946c92584047c50240d69877a878c436cbf0c173 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Apr 2021 21:41:47 +0100 Subject: [PATCH 015/271] Document new semantics for static PSK configuration Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 50 ++++++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 20 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2350910756..f9a5970e15 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2693,8 +2693,8 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /** - * \brief Configure a pre-shared key (PSK) and identity - * to be used in PSK-based ciphersuites. + * \brief Configure one or more pre-shared keys (PSKs) and their + * identities to be used in PSK-based ciphersuites. * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. @@ -2702,13 +2702,6 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * \note A PSK set by \c mbedtls_ssl_set_hs_psk() in the PSK callback * takes precedence over a PSK configured by this function. * - * \warning Currently, clients can only register a single pre-shared key. - * Calling this function or mbedtls_ssl_conf_psk_opaque() more - * than once will overwrite values configured in previous calls. - * Support for setting multiple PSKs on clients and selecting - * one based on the identity hint is not a planned feature, - * but feedback is welcomed. - * * \param conf The SSL configuration to register the PSK with. * \param psk The pointer to the pre-shared key to use. * \param psk_len The length of the pre-shared key in bytes. @@ -2720,8 +2713,20 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * hence need not be preserved by the caller for the lifetime * of the SSL configuration. * + * \note While this function may be called multiple times to + * register multiple PSKs, the number of supported PSKs + * is implementation-defined. Once the limit is reached, + * this function fails, maintaining the PSKs previously + * configured and ignoring the excess request. + * This behavior is in contrast to Mbed TLS 2.x, where + * later invocations would overwrite the effect of earlier + * calls. + * * \return \c 0 if successful. - * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs + * can be configured. In this case, the SSL configuration + * remains usable, but the PSK has not been configured. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, const unsigned char *psk, size_t psk_len, @@ -2729,8 +2734,8 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, #if defined(MBEDTLS_USE_PSA_CRYPTO) /** - * \brief Configure an opaque pre-shared key (PSK) and identity - * to be used in PSK-based ciphersuites. + * \brief Configure one or more opaque pre-shared keys (PSKs) and + * their identities to be used in PSK-based ciphersuites. * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. @@ -2739,13 +2744,6 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * the PSK callback takes precedence over an opaque PSK * configured by this function. * - * \warning Currently, clients can only register a single pre-shared key. - * Calling this function or mbedtls_ssl_conf_psk() more than - * once will overwrite values configured in previous calls. - * Support for setting multiple PSKs on clients and selecting - * one based on the identity hint is not a planned feature, - * but feedback is welcomed. - * * \param conf The SSL configuration to register the PSK with. * \param psk The identifier of the key slot holding the PSK. * Until \p conf is destroyed or this function is successfully @@ -2761,8 +2759,20 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * not be preserved by the caller for the lifetime of the * SSL configuration. * + * \note While this function may be called multiple times to + * register multiple PSKs, the number of supported PSKs + * is implementation-defined. Once the limit is reached, + * this function fails, maintaining the PSKs previously + * configured and ignoring the excess request. + * This behavior is in contrast to Mbed TLS 2.x, where + * later invocations would overwrite the effect of earlier + * calls. + * * \return \c 0 if successful. - * \return An \c MBEDTLS_ERR_SSL_XXX error code on failure. + * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs + * can be configured. In this case, the SSL configuration + * remains usable, but the PSK has not been configured. + * \return Another negative error code on other kinds of failure. */ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, psa_key_id_t psk, From 2ed3dced8fb26fd25e8598b08ed64aeef3488a1f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Apr 2021 21:59:14 +0100 Subject: [PATCH 016/271] Implement new semantics for static PSK configuration Signed-off-by: Hanno Becker --- library/ssl_tls.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8946c236a8..21cef9f785 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4005,6 +4005,19 @@ int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) +static int ssl_conf_psk_is_configured( mbedtls_ssl_config const *conf ) +{ +#if defined(MBEDTLS_USE_PSA_CRYPTO) + if( !mbedtls_svc_key_id_is_null( conf->psk_opaque ) ) + return( 1 ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + + if( conf->psk != NULL ) + return( 1 ); + + return( 0 ); +} + static void ssl_conf_remove_psk( mbedtls_ssl_config *conf ) { /* Remove reference to existing PSK, if any. */ @@ -4070,8 +4083,10 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, const unsigned char *psk_identity, size_t psk_identity_len ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - /* Remove opaque/raw PSK + PSK Identity */ - ssl_conf_remove_psk( conf ); + + /* We currently only support one PSK, raw or opaque. */ + if( ssl_conf_psk_is_configured( conf ) ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); /* Check and set raw PSK */ if( psk == NULL ) @@ -4139,8 +4154,10 @@ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, size_t psk_identity_len ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - /* Clear opaque/raw PSK + PSK Identity, if present. */ - ssl_conf_remove_psk( conf ); + + /* We currently only support one PSK, raw or opaque. */ + if( ssl_conf_psk_is_configured( conf ) ) + return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); /* Check and set opaque PSK */ if( mbedtls_svc_key_id_is_null( psk ) ) From 6667ffdd867c180939aeae698f35b401cf7c7ac4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 19 Apr 2021 21:59:22 +0100 Subject: [PATCH 017/271] Test new semantics for static PSK configuration Signed-off-by: Hanno Becker --- tests/suites/test_suite_ssl.data | 12 +++ tests/suites/test_suite_ssl.function | 108 +++++++++++++++++++++++++++ 2 files changed, 120 insertions(+) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e59c9055f7..0cfcd497ad 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -1,3 +1,15 @@ +Attempt to register multiple PSKs +test_multiple_psks: + +Attempt to register multiple PSKS, incl. opaque PSK, #0 +test_multiple_psks_opaque:0 + +Attempt to register multiple PSKs, incl. opaque PSK, #1 +test_multiple_psks_opaque:1 + +Attempt to register multiple PSKs, incl. opaque PSK, #2 +test_multiple_psks_opaque:2 + Test calback buffer sanity test_callback_buffer_sanity: diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2f59afea4f..e07de88a7c 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -8,6 +8,8 @@ #include #include "test/certs.h" +#include + #include #include @@ -4535,3 +4537,109 @@ exit: mbedtls_free( src ); } /* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ +void test_multiple_psks() +{ + unsigned char psk0[10] = { 0 }; + unsigned char psk0_identity[] = { 'f', 'o', 'o' }; + + unsigned char psk1[10] = { 0 }; + unsigned char psk1_identity[] = { 'b', 'a', 'r' }; + + mbedtls_ssl_config conf; + + mbedtls_ssl_config_init( &conf ); + + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk0, sizeof( psk0 ), + psk0_identity, sizeof( psk0_identity ) ) == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk1, sizeof( psk1 ), + psk1_identity, sizeof( psk1_identity ) ) == + MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + +exit: + + mbedtls_ssl_config_free( &conf ); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED:MBEDTLS_USE_PSA_CRYPTO */ +void test_multiple_psks_opaque( int mode ) +{ + /* + * Mode 0: Raw PSK, then opaque PSK + * Mode 1: Opaque PSK, then raw PSK + * Mode 2: 2x opaque PSK + */ + + unsigned char psk0_raw[10] = { 0 }; + unsigned char psk0_raw_identity[] = { 'f', 'o', 'o' }; + + psa_key_id_t psk0_opaque = (psa_key_id_t) 1; + unsigned char psk0_opaque_identity[] = { 'f', 'o', 'o' }; + + unsigned char psk1_raw[10] = { 0 }; + unsigned char psk1_raw_identity[] = { 'b', 'a', 'r' }; + + psa_key_id_t psk1_opaque = (psa_key_id_t) 2; + unsigned char psk1_opaque_identity[] = { 'b', 'a', 'r' }; + + mbedtls_ssl_config conf; + + USE_PSA_INIT( ); + mbedtls_ssl_config_init( &conf ); + + switch( mode ) + { + case 0: + + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk0_raw, sizeof( psk0_raw ), + psk0_raw_identity, sizeof( psk0_raw_identity ) ) + == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk1_opaque, + psk1_opaque_identity, sizeof( psk1_opaque_identity ) ) + == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + break; + + case 1: + + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk0_opaque, + psk0_opaque_identity, sizeof( psk0_opaque_identity ) ) + == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk( &conf, + psk1_raw, sizeof( psk1_raw ), + psk1_raw_identity, sizeof( psk1_raw_identity ) ) + == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + + break; + + case 2: + + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk0_opaque, + psk0_opaque_identity, sizeof( psk0_opaque_identity ) ) + == 0 ); + TEST_ASSERT( mbedtls_ssl_conf_psk_opaque( &conf, + psk1_opaque, + psk1_opaque_identity, sizeof( psk1_opaque_identity ) ) + == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); + + break; + + default: + TEST_ASSERT( 0 ); + break; + } + +exit: + + mbedtls_ssl_config_free( &conf ); + USE_PSA_DONE( ); + +} +/* END_CASE */ From 6b0f911b9aaef49e705c7e744cb3b223eb681df6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 00:21:58 +0200 Subject: [PATCH 018/271] Use Python 3 instead of Python 2 to generate test files Python 2 is no longer officially supported, but we were still using it to generate test suite .c files from .function files when using GNU make. Switch to looking for Python 3. This change was done for CMake a long time ago. Signed-off-by: Gilles Peskine --- tests/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index d250d717ac..59ed45a66e 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -54,8 +54,7 @@ else DLEXT ?= so EXEXT= SHARED_SUFFIX= -# python2 for POSIX since FreeBSD has only python2 as default. -PYTHON ?= python2 +PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif # Zlib shared library extensions: From 96f5baecec8b155260e36f02dfcb4ad1c3155382 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 1 Apr 2021 14:00:11 +0200 Subject: [PATCH 019/271] Fix SSL tests scripts with recent OpenSSL server with Diffie-Hellman Our interoperability tests fail with a recent OpenSSL server. The reason is that they force 1024-bit Diffie-Hellman parameters, which recent OpenSSL (e.g. 1.1.1f on Ubuntu 20.04) reject: ``` 140072814650688:error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small:../ssl/s3_lib.c:3782: ``` We've been passing custom DH parameters since 6195767554da332e9f81e6510b07f7565ff8a538 because OpenSSL <=1.0.2a requires it. This is only concerns the version we use as OPENSSL_LEGACY. So only use custom DH parameters for that version. In compat.sh, use it based on the observed version of $OPENSSL_CMD. This way, ssl-opt.sh and compat.sh work (barring other issues) for all our reference versions of OpenSSL as well as for a modern system OpenSSL. Signed-off-by: Gilles Peskine --- tests/compat.sh | 15 ++++++++++++++- tests/ssl-opt.sh | 2 +- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/tests/compat.sh b/tests/compat.sh index cbb2daf6ae..6a2bbb270c 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -871,10 +871,23 @@ setup_arguments() fi M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE" - O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem" + O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE" G_SERVER_ARGS="-p $PORT --http $G_MODE" G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" + # The default prime for `openssl s_server` depends on the version: + # * OpenSSL <= 1.0.2a: 512-bit + # * OpenSSL 1.0.2b to 1.1.1b: 1024-bit + # * OpenSSL >= 1.1.1c: 2048-bit + # Mbed TLS wants >=1024, so force that for older versions. Don't force + # it for newer versions, which reject a 1024-bit prime. Indifferently + # force it or not for intermediate versions. + case $($OPENSSL_CMD version) in + "OpenSSL 1.0"*) + O_SERVER_ARGS="$O_SERVER_ARGS -dhparam data_files/dhparams.pem" + ;; + esac + # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes if is_dtls "$MODE"; then O_SERVER_ARGS="$O_SERVER_ARGS" diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index db898cfa97..33ae4e4719 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1197,7 +1197,7 @@ SRV_DELAY_SECONDS=0 P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" -O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem" +O_SRV="$O_SRV -accept $SRV_PORT" O_CLI="$O_CLI -connect localhost:+SRV_PORT" G_SRV="$G_SRV -p $SRV_PORT" G_CLI="$G_CLI -p +SRV_PORT" From 3352a534753e1963cca214e9969b08e50ca7779a Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 6 Apr 2021 14:28:22 +0200 Subject: [PATCH 020/271] Modify config option for SHA384. Although SHA512 is currently required to enable SHA384, this is expected to change in the future. This commit is an intermediate step towards fully separating SHA384 and SHA512. check_config is the only module which enforces that SHA512 is enabled together with SHA384. Signed-off-by: Mateusz Starzyk --- configs/config-no-entropy.h | 1 + configs/config-psa-crypto.h | 16 +- configs/config-suite-b.h | 1 + configs/config-symmetric-only.h | 1 + include/mbedtls/check_config.h | 4 +- include/mbedtls/config.h | 14 +- include/mbedtls/config_psa.h | 7 +- include/mbedtls/psa_util.h | 4 +- include/mbedtls/sha512.h | 10 +- library/md.c | 58 +- library/md_wrap.h | 4 +- library/psa_crypto_hash.c | 2 +- library/sha512.c | 18 +- library/ssl_ciphersuites.c | 195 ++-- library/ssl_tls.c | 10 +- library/version_features.c | 6 +- programs/ssl/ssl_client2.c | 4 +- programs/ssl/ssl_server2.c | 4 +- programs/ssl/ssl_test_common_source.c | 2 + programs/test/query_config.c | 8 +- scripts/config.py | 1 - tests/scripts/depends-hashes.pl | 8 +- tests/scripts/set_psa_test_dependencies.py | 1 - tests/ssl-opt.sh | 3 + tests/suites/test_suite_ecdsa.data | 20 +- tests/suites/test_suite_hmac_drbg.misc.data | 8 +- .../test_suite_hmac_drbg.no_reseed.data | 120 +- tests/suites/test_suite_hmac_drbg.nopr.data | 120 +- tests/suites/test_suite_hmac_drbg.pr.data | 120 +- tests/suites/test_suite_md.data | 66 +- tests/suites/test_suite_pkcs1_v21.data | 18 +- tests/suites/test_suite_pkcs5.data | 10 +- tests/suites/test_suite_pkparse.data | 72 +- tests/suites/test_suite_rsa.data | 18 +- tests/suites/test_suite_shax.data | 16 +- tests/suites/test_suite_ssl.data | 1012 ++++++++--------- tests/suites/test_suite_x509parse.data | 24 +- tests/suites/test_suite_x509write.data | 2 +- 38 files changed, 1030 insertions(+), 978 deletions(-) diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index f92d9c3b6a..24822eae69 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -75,6 +75,7 @@ #define MBEDTLS_RSA_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C +#define MBEDTLS_SHA384_C #define MBEDTLS_VERSION_C #define MBEDTLS_X509_USE_C #define MBEDTLS_X509_CRT_PARSE_C diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 29c6d145c8..f37007a3e6 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1249,6 +1249,17 @@ */ //#define MBEDTLS_SHA256_SMALLER +/** + * \def MBEDTLS_SHA384_C + * + * Enable the SHA-384 option of the SHA-512 module. + * + * Requires: MBEDTLS_SHA512_C + * + * Comment to disable SHA-384 + */ +#define MBEDTLS_SHA384_C + /** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * @@ -2632,7 +2643,7 @@ /** * \def MBEDTLS_SHA512_C * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * Enable SHA-512 cryptographic hash algorithms. * * Module: library/sha512.c * Caller: library/entropy.c @@ -2640,7 +2651,8 @@ * library/ssl_cli.c * library/ssl_srv.c * - * This module adds support for SHA-384 and SHA-512. + * This module adds support for SHA-512. + * This module is required for SHA-384. */ #define MBEDTLS_SHA512_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 7cb566c1b3..986d042f61 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -65,6 +65,7 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C +#define MBEDTLS_SHA384_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 8a289cd190..28150d6851 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -86,6 +86,7 @@ #define MBEDTLS_SHA1_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA512_C +#define MBEDTLS_SHA384_C //#define MBEDTLS_THREADING_C #define MBEDTLS_TIMING_C #define MBEDTLS_VERSION_C diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 47b5de04dd..bccbae7155 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -618,8 +618,8 @@ #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_NO_SHA384) && !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_NO_SHA384 defined without MBEDTLS_SHA512_C" +#if defined(MBEDTLS_SHA384_C) && !defined(MBEDTLS_SHA512_C) +#error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C" #endif #if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \ diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 9cf626a25d..b802cd47f9 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1449,16 +1449,15 @@ //#define MBEDTLS_SHA512_SMALLER /** - * \def MBEDTLS_SHA512_NO_SHA384 + * \def MBEDTLS_SHA384_C * - * Disable the SHA-384 option of the SHA-512 module. Use this to save some - * code size on devices that don't use SHA-384. + * Enable the SHA-384 option of the SHA-512 module. * * Requires: MBEDTLS_SHA512_C * - * Uncomment to disable SHA-384 + * Comment to disable SHA-384 */ -//#define MBEDTLS_SHA512_NO_SHA384 +#define MBEDTLS_SHA384_C /** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -3125,7 +3124,7 @@ /** * \def MBEDTLS_SHA512_C * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * Enable SHA-512 cryptographic hash algorithms. * * Module: library/sha512.c * Caller: library/entropy.c @@ -3133,7 +3132,8 @@ * library/ssl_cli.c * library/ssl_srv.c * - * This module adds support for SHA-384 and SHA-512. + * This module adds support for SHA-512. + * This module is required for SHA-384. */ #define MBEDTLS_SHA512_C diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index fa415d5f02..89616c5576 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -159,7 +159,7 @@ extern "C" { #if defined(PSA_WANT_ALG_SHA_384) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 -#define MBEDTLS_SHA512_C +#define MBEDTLS_SHA384_C #endif #if defined(PSA_WANT_ALG_SHA_512) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) @@ -611,11 +611,12 @@ extern "C" { #define PSA_WANT_ALG_SHA_256 1 #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) #define MBEDTLS_PSA_BUILTIN_ALG_SHA_384 1 #define PSA_WANT_ALG_SHA_384 1 #endif + +#if defined(MBEDTLS_SHA512_C) #define MBEDTLS_PSA_BUILTIN_ALG_SHA_512 1 #define PSA_WANT_ALG_SHA_512 1 #endif diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index a49968effe..be3745cef1 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -142,9 +142,11 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg case MBEDTLS_MD_SHA256: return( PSA_ALG_SHA_256 ); #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: return( PSA_ALG_SHA_384 ); +#endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( PSA_ALG_SHA_512 ); #endif diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 56cefe1bd0..5e6a855c87 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -55,7 +55,7 @@ typedef struct mbedtls_sha512_context uint64_t total[2]; /*!< The number of Bytes processed. */ uint64_t state[8]; /*!< The intermediate digest state. */ unsigned char buffer[128]; /*!< The data block being processed. */ -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) int is384; /*!< Determines which function to use: 0: Use SHA-512, or 1: Use SHA-384. */ #endif @@ -101,8 +101,8 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \param is384 Determines which function to use. This must be * either \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must - * be \c 0, or the function will return + * \note When \c MBEDTLS_SHA384_C is not defined, + * \p is384 must be \c 0, or the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. @@ -175,8 +175,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA512_NO_SHA384 is defined, \p is384 must - * be \c 0, or the function will return + * \note When \c MBEDTLS_SHA384_C is defined, \p is384 must + * be \c 1, or the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. diff --git a/library/md.c b/library/md.c index 900165d080..d9ff699f6f 100644 --- a/library/md.c +++ b/library/md.c @@ -113,8 +113,7 @@ const mbedtls_md_info_t mbedtls_sha256_info = { }; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) const mbedtls_md_info_t mbedtls_sha384_info = { "SHA384", MBEDTLS_MD_SHA384, @@ -123,6 +122,7 @@ const mbedtls_md_info_t mbedtls_sha384_info = { }; #endif +#if defined(MBEDTLS_SHA512_C) const mbedtls_md_info_t mbedtls_sha512_info = { "SHA512", MBEDTLS_MD_SHA512, @@ -138,9 +138,10 @@ static const int supported_digests[] = { #if defined(MBEDTLS_SHA512_C) MBEDTLS_MD_SHA512, -#if !defined(MBEDTLS_SHA512_NO_SHA384) - MBEDTLS_MD_SHA384, #endif + +#if defined(MBEDTLS_SHA384_C) + MBEDTLS_MD_SHA384, #endif #if defined(MBEDTLS_SHA256_C) @@ -208,11 +209,11 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) if( !strcmp( "SHA256", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) if( !strcmp( "SHA384", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 ); #endif +#if defined(MBEDTLS_SHA512_C) if( !strcmp( "SHA512", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 ); #endif @@ -249,11 +250,11 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) case MBEDTLS_MD_SHA256: return( &mbedtls_sha256_info ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: return( &mbedtls_sha384_info ); #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( &mbedtls_sha512_info ); #endif @@ -307,10 +308,12 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) mbedtls_sha256_free( ctx->md_ctx ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: + mbedtls_sha512_free( ctx->md_ctx ); + break; #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: mbedtls_sha512_free( ctx->md_ctx ); break; @@ -375,10 +378,12 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, mbedtls_sha256_clone( dst->md_ctx, src->md_ctx ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: + mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); + break; #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: mbedtls_sha512_clone( dst->md_ctx, src->md_ctx ); break; @@ -441,10 +446,12 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf ALLOC( sha256 ); break; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: + ALLOC( sha512 ); + break; #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: ALLOC( sha512 ); break; @@ -500,11 +507,11 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) case MBEDTLS_MD_SHA256: return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) ); #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) ); #endif @@ -545,10 +552,11 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si case MBEDTLS_MD_SHA256: return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: + return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) ); #endif @@ -589,10 +597,11 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) case MBEDTLS_MD_SHA256: return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: + return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) ); #endif @@ -635,11 +644,11 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si case MBEDTLS_MD_SHA256: return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: return( mbedtls_sha512_ret( input, ilen, output, 1 ) ); #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( mbedtls_sha512_ret( input, ilen, output, 0 ) ); #endif @@ -844,10 +853,11 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) case MBEDTLS_MD_SHA256: return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: + return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); #endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( mbedtls_internal_sha512_process( ctx->md_ctx, data ) ); #endif diff --git a/library/md_wrap.h b/library/md_wrap.h index 83a5ba35e3..bfe6537c38 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -76,10 +76,10 @@ extern const mbedtls_md_info_t mbedtls_sha1_info; extern const mbedtls_md_info_t mbedtls_sha224_info; extern const mbedtls_md_info_t mbedtls_sha256_info; #endif -#if defined(MBEDTLS_SHA512_C) -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) extern const mbedtls_md_info_t mbedtls_sha384_info; #endif +#if defined(MBEDTLS_SHA512_C) extern const mbedtls_md_info_t mbedtls_sha512_info; #endif diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index a49edd89ea..2605179c40 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -104,7 +104,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) case PSA_ALG_SHA_256: return( &mbedtls_sha256_info ); #endif -#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) case PSA_ALG_SHA_384: return( &mbedtls_sha384_info ); #endif diff --git a/library/sha512.c b/library/sha512.c index 75306298fd..5b7bb0fd6f 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -126,7 +126,7 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) { SHA512_VALIDATE_RET( ctx != NULL ); -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); #else SHA512_VALIDATE_RET( is384 == 0 ); @@ -149,7 +149,7 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) } else { -#if defined(MBEDTLS_SHA512_NO_SHA384) +#if !defined(MBEDTLS_SHA384_C) return( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA ); #else /* SHA-384 */ @@ -161,10 +161,10 @@ int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) ctx->state[5] = UL64(0x8EB44A8768581511); ctx->state[6] = UL64(0xDB0C2E0D64F98FA7); ctx->state[7] = UL64(0x47B5481DBEFA4FA4); -#endif /* MBEDTLS_SHA512_NO_SHA384 */ +#endif /* MBEDTLS_SHA384_C */ } -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) ctx->is384 = is384; #endif @@ -435,7 +435,7 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, sha512_put_uint64_be( ctx->state[4], output, 32 ); sha512_put_uint64_be( ctx->state[5], output, 40 ); -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) if( ctx->is384 == 0 ) #endif { @@ -459,7 +459,7 @@ int mbedtls_sha512_ret( const unsigned char *input, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha512_context ctx; -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) SHA512_VALIDATE_RET( is384 == 0 || is384 == 1 ); #else SHA512_VALIDATE_RET( is384 == 0 ); @@ -503,7 +503,7 @@ static const size_t sha512_test_buflen[3] = static const unsigned char sha512_test_sum[][64] = { -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) /* * SHA-384 test vectors */ @@ -525,7 +525,7 @@ static const unsigned char sha512_test_sum[][64] = 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, -#endif /* !MBEDTLS_SHA512_NO_SHA384 */ +#endif /* MBEDTLS_SHA384_C */ /* * SHA-512 test vectors @@ -582,7 +582,7 @@ int mbedtls_sha512_self_test( int verbose ) for( i = 0; i < (int) ARRAY_LENGTH(sha512_test_sum); i++ ) { j = i % 3; -#if !defined(MBEDTLS_SHA512_NO_SHA384) +#if defined(MBEDTLS_SHA384_C) k = i < 3; #else k = 0; diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 49e078407e..8dcb04fb9a 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -395,7 +395,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -410,7 +410,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_CCM_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM, "TLS-ECDHE-ECDSA-WITH-AES-256-CCM", MBEDTLS_CIPHER_AES_256_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -444,13 +444,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -461,13 +461,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -526,7 +526,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -541,7 +541,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -553,13 +553,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -570,13 +570,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -605,13 +605,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA384_C) && \ + defined(MBEDTLS_GCM_C) { MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */ #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_GCM_C) @@ -715,13 +716,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -740,13 +741,14 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) #if defined(MBEDTLS_AES_C) -#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_GCM_C) +#if defined(MBEDTLS_SHA384_C) && \ + defined(MBEDTLS_GCM_C) { MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS-RSA-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C && MBEDTLS_GCM_C */ +#endif /* MBEDTLS_SHA384_C && MBEDTLS_GCM_C */ #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_GCM_C) @@ -851,13 +853,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA1_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA1_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -907,7 +909,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -922,7 +924,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -934,13 +936,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -951,13 +953,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1016,7 +1018,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_CIPHER_MODE_CBC) { MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1031,7 +1033,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_GCM_C */ -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_AES_C */ #if defined(MBEDTLS_CAMELLIA_C) @@ -1043,13 +1045,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -1060,13 +1062,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1104,13 +1106,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384, "TLS-PSK-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1122,13 +1124,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384, "TLS-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", @@ -1178,13 +1180,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -1196,13 +1198,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1231,13 +1233,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, "TLS-DHE-PSK-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1249,13 +1251,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-DHE-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", @@ -1305,13 +1307,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -1323,13 +1325,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1359,13 +1361,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", @@ -1393,13 +1395,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1428,13 +1430,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384, "TLS-RSA-PSK-WITH-AES-256-GCM-SHA384", MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #if defined(MBEDTLS_CIPHER_MODE_CBC) @@ -1446,13 +1448,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA1_C) { MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", @@ -1480,13 +1482,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_CIPHER_MODE_CBC */ #if defined(MBEDTLS_GCM_C) @@ -1498,13 +1500,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384", MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_GCM_C */ #endif /* MBEDTLS_CAMELLIA_C */ @@ -1579,13 +1581,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_PSK_WITH_NULL_SHA384, "TLS-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, -#endif +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) @@ -1605,13 +1607,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384, "TLS-DHE-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, -#endif +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) @@ -1631,13 +1633,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, -#endif +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) @@ -1657,13 +1659,13 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHERSUITE_WEAK }, #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-NULL-SHA384", MBEDTLS_CIPHER_NULL, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_CIPHERSUITE_WEAK }, -#endif +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* MBEDTLS_CIPHER_NULL_CIPHER */ @@ -1673,7 +1675,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1681,7 +1684,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1710,7 +1714,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1718,7 +1723,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1747,7 +1753,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, @@ -1755,7 +1762,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1784,7 +1792,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1792,7 +1801,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1821,7 +1831,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1829,7 +1840,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1858,7 +1870,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, @@ -1879,7 +1892,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1887,7 +1901,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1916,7 +1931,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1924,7 +1940,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1953,7 +1970,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -1961,7 +1979,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -1990,7 +2009,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -1998,7 +2018,8 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ + defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 75faf22adf..fbd2013e14 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6462,6 +6462,8 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf ) static int ssl_preset_default_hashes[] = { #if defined(MBEDTLS_SHA512_C) MBEDTLS_MD_SHA512, +#endif +#if defined(MBEDTLS_SHA384_C) MBEDTLS_MD_SHA384, #endif #if defined(MBEDTLS_SHA256_C) @@ -6819,9 +6821,11 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) case MBEDTLS_SSL_HASH_SHA256: return( MBEDTLS_MD_SHA256 ); #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_HASH_SHA384: return( MBEDTLS_MD_SHA384 ); +#endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_SSL_HASH_SHA512: return( MBEDTLS_MD_SHA512 ); #endif @@ -6851,9 +6855,11 @@ unsigned char mbedtls_ssl_hash_from_md_alg( int md ) case MBEDTLS_MD_SHA256: return( MBEDTLS_SSL_HASH_SHA256 ); #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_MD_SHA384: return( MBEDTLS_SSL_HASH_SHA384 ); +#endif +#if defined(MBEDTLS_SHA512_C) case MBEDTLS_MD_SHA512: return( MBEDTLS_SSL_HASH_SHA512 ); #endif diff --git a/library/version_features.c b/library/version_features.c index 75431b4e0e..275aaa630d 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -462,9 +462,9 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA512_SMALLER) "MBEDTLS_SHA512_SMALLER", #endif /* MBEDTLS_SHA512_SMALLER */ -#if defined(MBEDTLS_SHA512_NO_SHA384) - "MBEDTLS_SHA512_NO_SHA384", -#endif /* MBEDTLS_SHA512_NO_SHA384 */ +#if defined(MBEDTLS_SHA384_C) + "MBEDTLS_SHA384_C", +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) "MBEDTLS_SSL_ALL_ALERT_MESSAGES", #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 10fc332aa1..e962ddce8c 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1390,11 +1390,11 @@ int main( int argc, char *argv[] ) } /* Determine KDF algorithm the opaque PSK will be used in. */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); else -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 2bb34334c7..caf9894228 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2087,11 +2087,11 @@ int main( int argc, char *argv[] ) } /* Determine KDF algorithm the opaque PSK will be used in. */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_384); else -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256); } #endif /* MBEDTLS_USE_PSA_CRYPTO */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index d9e36078db..d85f658900 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -290,6 +290,8 @@ int send_cb( void *ctx, unsigned char const *buf, size_t len ) int ssl_sig_hashes_for_test[] = { #if defined(MBEDTLS_SHA512_C) MBEDTLS_MD_SHA512, +#endif +#if defined(MBEDTLS_SHA384_C) MBEDTLS_MD_SHA384, #endif #if defined(MBEDTLS_SHA256_C) diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 07bde15728..92f36cbb50 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1283,13 +1283,13 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA512_SMALLER */ -#if defined(MBEDTLS_SHA512_NO_SHA384) - if( strcmp( "MBEDTLS_SHA512_NO_SHA384", config ) == 0 ) +#if defined(MBEDTLS_SHA384_C) + if( strcmp( "MBEDTLS_SHA384_C", config ) == 0 ) { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_NO_SHA384 ); + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA384_C ); return( 0 ); } -#endif /* MBEDTLS_SHA512_NO_SHA384 */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) diff --git a/scripts/config.py b/scripts/config.py index 489760464f..fc0c370d44 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -191,7 +191,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions) 'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS - 'MBEDTLS_SHA512_NO_SHA384', # removes a feature 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index f5de7d9cd2..f8b750a885 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -56,14 +56,8 @@ my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p'; my @hash_modules = split( /\s+/, `sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` ); -# there are also negative options for truncated variants, disabled by default -my $sha_trunc_sed_cmd = 's/^\/\/#define \(MBEDTLS_SHA..._NO_.*\)/\1/p'; -my @hash_negatives = split( /\s+/, - `sed -n -e '$sha_trunc_sed_cmd' $config_h` ); - # list hash options with corresponding actions -my @hashes = ((map { "unset $_" } @hash_modules), - (map { "set $_" } @hash_negatives)); +my @hashes = ((map { "unset $_" } @hash_modules)); system( "cp $config_h $config_h.bak" ) and die; sub abort { diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py index 61923d8559..8690f225b8 100755 --- a/tests/scripts/set_psa_test_dependencies.py +++ b/tests/scripts/set_psa_test_dependencies.py @@ -56,7 +56,6 @@ CLASSIC_DEPENDENCIES = frozenset([ #'MBEDTLS_GENPRIME', #needed for RSA key generation 'MBEDTLS_PKCS1_V15', 'MBEDTLS_PKCS1_V21', - 'MBEDTLS_SHA512_NO_SHA384', # Mbed TLS modules. # Only modules that provide cryptographic mechanisms are listed here. diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index db898cfa97..e82f7cf3ec 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1331,9 +1331,11 @@ run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 +requires_config_enabled MBEDTLS_SHA384_C run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 +requires_config_enabled MBEDTLS_SHA384_C run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED @@ -4302,6 +4304,7 @@ run_test "Authentication, CA callback: server ECDH p256v1, client optional, p -c "! Certificate verification flags"\ -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check +requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client SHA256, server required" \ "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index 755a43cdd0..3b153df865 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -106,7 +106,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"sample":"4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55":"CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85" ECDSA deterministic test vector rfc 6979 p192 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"sample":"DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5":"C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E" ECDSA deterministic test vector rfc 6979 p192 sha512 [#1] @@ -126,7 +126,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA256:"test":"3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE":"5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F" ECDSA deterministic test vector rfc 6979 p192 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA384:"test":"B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367":"7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A" ECDSA deterministic test vector rfc 6979 p192 sha512 [#2] @@ -146,7 +146,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"sample":"61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA":"BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101" ECDSA deterministic test vector rfc 6979 p224 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"sample":"0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953":"830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D" ECDSA deterministic test vector rfc 6979 p224 sha512 [#1] @@ -166,7 +166,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA256:"test":"AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6":"178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD" ECDSA deterministic test vector rfc 6979 p224 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA384:"test":"389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4":"414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB" ECDSA deterministic test vector rfc 6979 p224 sha512 [#2] @@ -186,7 +186,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"sample":"EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716":"F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8" ECDSA deterministic test vector rfc 6979 p256 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"sample":"0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719":"4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954" ECDSA deterministic test vector rfc 6979 p256 sha512 [#1] @@ -206,7 +206,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA256:"test":"F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367":"019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083" ECDSA deterministic test vector rfc 6979 p256 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA384:"test":"83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6":"8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C" ECDSA deterministic test vector rfc 6979 p256 sha512 [#2] @@ -226,7 +226,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"sample":"21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33BDE1E888E63355D92FA2B3C36D8FB2CD":"F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEBEFDC63ECCD1AC42EC0CB8668A4FA0AB0" ECDSA deterministic test vector rfc 6979 p384 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"sample":"94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C81A648152E44ACF96E36DD1E80FABE46":"99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94FA329C145786E679E7B82C71A38628AC8" ECDSA deterministic test vector rfc 6979 p384 sha512 [#1] @@ -246,7 +246,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA256:"test":"6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559F918EEDAF2293BE5B475CC8F0188636B":"2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D51AB373F9845C0514EEFB14024787265" ECDSA deterministic test vector rfc 6979 p384 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA384:"test":"8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB0542A7F0812998DA8F1DD3CA3CF023DB":"DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E06A739F040649A667BF3B828246BAA5A5" ECDSA deterministic test vector rfc 6979 p384 sha512 [#2] @@ -266,7 +266,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"sample":"1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E1A7":"04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7ECFC" ECDSA deterministic test vector rfc 6979 p521 sha384 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"sample":"1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67451":"1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65D61" ECDSA deterministic test vector rfc 6979 p521 sha512 [#1] @@ -286,7 +286,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA256:"test":"00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D8071042EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656AA8":"0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694E86" ECDSA deterministic test vector rfc 6979 p521 sha384 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA384_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA384:"test":"14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF6075578C":"133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0ED94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B979" ECDSA deterministic test vector rfc 6979 p521 sha512 [#2] diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data index a3170fdf7a..c14f904710 100644 --- a/tests/suites/test_suite_hmac_drbg.misc.data +++ b/tests/suites/test_suite_hmac_drbg.misc.data @@ -11,7 +11,7 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA256 HMAC_DRBG entropy usage SHA-384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C4 hmac_drbg_entropy_usage:MBEDTLS_MD_SHA384 HMAC_DRBG entropy usage SHA-512 @@ -43,11 +43,11 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-384 [#1] -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C4 hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-384 [#2] -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C4 hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-512 [#1] @@ -71,7 +71,7 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_buf:MBEDTLS_MD_SHA256 HMAC_DRBG from buffer SHA-384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C4 hmac_drbg_buf:MBEDTLS_MD_SHA384 HMAC_DRBG from buffer SHA-512 diff --git a/tests/suites/test_suite_hmac_drbg.no_reseed.data b/tests/suites/test_suite_hmac_drbg.no_reseed.data index 8a726bc335..4f6061b8e7 100644 --- a/tests/suites/test_suite_hmac_drbg.no_reseed.data +++ b/tests/suites/test_suite_hmac_drbg.no_reseed.data @@ -719,243 +719,243 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"3d99f9b7ac3a2fbe9cf15d960bf41f5588fc4db1e0d2a5c9c0fe9059f03593fb411f504bb63a9b3afa7ffa1357bb48be":"0bb5ebd55981a25ba69164da49fa92f2871fd3fc65eb30d0f0d0b8d798a4f8f2":"288e948a551284eb3cb23e26299955c2fb8f063c132a92683c1615ecaed80f30":"d975b22f79e34acf5db25a2a167ef60a10682dd9964e15533d75f7fa9efc5dcb":"ee8d707eea9bc7080d58768c8c64a991606bb808600cafab834db8bc884f866941b4a7eb8d0334d876c0f1151bccc7ce8970593dad0c1809075ce6dbca54c4d4667227331eeac97f83ccb76901762f153c5e8562a8ccf12c8a1f2f480ec6f1975ac097a49770219107d4edea54fb5ee23a8403874929d073d7ef0526a647011a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"a1dc2dfeda4f3a1124e0e75ebfbe5f98cac11018221dda3fdcf8f9125d68447abae5ea27166540515268a493a96b5187":"":"":"":"228293e59b1e4545a4ff9f232616fc5108a1128debd0f7c20ace837ca105cbf24c0dac1f9847dafd0d0500721ffad3c684a992d110a549a264d14a8911c50be8cd6a7e8fac783ad95b24f64fd8cc4c8b649eac2b15b363e30df79541a6b8a1caac238949b46643694c85e1d5fcbcd9aaae6260acee660b8a79bea48e079ceb6a5eaf4993a82c3f1b758d7c53e3094eeac63dc255be6dcdcc2b51e5ca45d2b20684a5a8fa5806b96f8461ebf51bc515a7dd8c5475c0e70f2fd0faf7869a99ab6c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"067fa0e25d71ea392671c24f38ef782ab3587a7b3c77ea756f7bd496b445b7a3ce6acc722768ca0e03784b2217bc60e4":"":"":"":"16eaa49510ffad8cc21ec32858640a0d6f34cb03e8649022aa5c3f566b44e8ace7c3b056cf2a44b242de09ae21dba4275418933611875841b4f0944a8272848c5dc1aad685935e12511d5ee27e9162d4bb968afab53c4b338269c1c77da9d78617911ed4390cb20e88bf30b74fda66fe05df5537a759061d3ffd9231d811e8b34213f22ab0b0ddafff7749a40243a901c310776e09d2e529806d4d6f0655178953c16707519c3c19b9aaa0d09fb676a9d23525c8bc388053bfccfbc368e3eb04" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"9f76503e84727297bc7056c7af917a1c98baa725295457db4fcf54ed09af7f15f39c46142b85a67b4b323594b7e97bde":"":"":"":"7d6a8bc5a7f057ceed6109bfac2486f80f81373b6b31d062aa1fad6d9eda5874867b9ef007ba5a92ba8f3fca624bfd9f7ee5770bbeb0391394fef783c16a7f003c06e5469bab03445bb28a2111def415d162e40472d3e5ae628c5c63170bb19f741c79a5331c883c12bca429f518bf71b14683a071b6c6e1e55d8c7a0f3942bc12a103556c49ca173e498b3b4a15027145cdaeb195bc8a7e1aa82ebdf6ecd516481a4d21f400d0d71b5894545888fee8beed80d3251647947f5abc4735b47fd0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"e242e5b3b49d87289fe02840dc742a2a6cd9490fe2cce581833dddb1edc0d103f987f5de5c68cd345c81b032ea55f36d":"":"":"":"3a858345dfaf00defdf6c83114b760ef53b131fbf14bcc4052cd948820eee78a11cbbd8f4baa308e1d187fced74cbf019c1080d9efffd93fda07df051433876d9900c1f9ad36ea1cb04989bb0c55fd6d01e46923f3bc8887ac00ebd4710212114165355361e240b04232df55a81add3fb363f0d4c9c5e3d313bc7caac7d49dca8517cedacf571fde9686ae93d901fb9b17097a638bb9899cfab0ebc9d1f8a43c2eed7c9f326a711d0f5b9cfc5166c9b561824cbd7775ec601ca712b3ddaaa05b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"42cc17365f5ea5fd22bdc4ade715e293064d6794d82bed5b77c4c107a73de1f76d759e4b191ba01e0ed5dea788ab018d":"":"":"":"de06dee8c8fe453aa03ac2546c39f5cda12412864d52ed5cbd0d4905dd226746d50d1af9fd3e1d90de0f16295cb7f6f4d3271ef00564709df4b05eb9f8adc0f8e8522b05b9f32c37d8526813898b9f71db57fc8328e3b79144482e8aa55c83934d6e097e43ec6d0bc32edaf8c0e6ca449b2e8388b32b286e2d4f85266b0605fb99d1a647565c95ff7857bcab73662b7218719189d792514edca2b1d0cdcd9b6347e132ef4c323da24ad5afd5ed6f96d27b0f879288e962fa0baca3d5b72b5c70" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d57024a230b825b241c206f7b55e2114461ecc9b75353f12ac1d9ad7e7871481fe401c320f74afdb07f566ea500b0628":"":"":"":"e8930bd55a0a5a6d83a9b3b2cde7085c2ae467ea4a2e65ca303697d492ca878bcb801769eb1b7ec564586ec8b36d350e192c4fbf03a98be0ddecf56d465914ba353ed7734d19a680fc4593d9234c4ac8c23b7dfa1e26b013f590cca43b9fef126121b4842496b11dea3ef5e981cb357341f03f92a546a62609236ded6f7d814456acc0596d555cbdc02cbd47dae2caa1897831ea464225922c6600a8bb92e711653067f83b21e1df054309858948c11a1399736fc8391c5b0fc35629abfa5650" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"059ded79125b2d56d9d52bcc950bf608d1a2373515dafcc81efb6588005a5722d8f5f4181f9f2a316c93fdfbadf50e75":"":"":"":"db65d2000632c3d7009c227e99c210e5897f4d7edae608a242b5a4f17708613f8c19a4dd65d6bc3ca57737c9bfdcca068288eea49440af768d1fc977c32b065bb71aa3d8c4d77c9e8e8a6166f332a247978a6c41ed253a1b68ad934a3416b40344a681de28638f00b0a0ffb75514c3f62253372f809906043de35e4805b8e962e5eb957f04212835f802b2c0b3e76c7cf239c89adf31909cd6224d542d929f9b20a10ab99a7c631e4e6188fe2ba8f552c9c88fdadb528679fe950431641b8f37" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"4630406b475b1263b6078e93e5d4282205958d94eb97d1e66b429fb69ec9fccd0dd9982c338df935e929c42fab66adaf":"":"":"":"5d80ec072f550981bcaac6787c0488cc470406249ec80f4bf11050630227f8b5ac6b3b369db237d7c24a0980dffe8d3abd9b64fd4efa492349bd4eb6902edb94553546110227d7de5a864ddae8b9fed8de9f0df9c596e39de903fda323ee6f788831452eb9e49c5eef3e058b5bf84f61f735a93e042bb9e458df6b25f42a6eb8fb03d437cfab757fab4990c721a757eaa5e9048208abbcce6e52f177b20dcf52f1fa551a92b68bcdb01680855b8f79131266378cd1f0c2a4141c9675f01d1e48" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"6ea9c6f784f12a9707ceac8a7162ee5381dc893ee139f8f4b4d93db266829db4ae92bc52ff860d8ecdc9fc16bd070130":"":"":"":"234366f1591cfe244956f9496cdf446e0d390ba64beaa066945b1b4c5337dded2619dd2bd0133a5d612bab7c251ab79e3951cb134894c422553fc8cc7b3ccb29c20adbf52dda35af779142d7efc735342db2ee067649fda25f3e8a74f8e4f6620cf5a17cb943602609cafb85bdf482873efa4c74928cc0d69444b72aa6bc72694a3a21c6a721aa4e0fccab0a98aef375a37a3e8a15dccad13b6d70b3483581004642d879804aa00cba207b51affca43490bb98f67953265574366ec3829e67aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5c13056be92a7f71236fcfef460298acc8595dd474310727f5ccb9a7acb2254ac7226f86349e20e2aca737068ab0f2ce":"":"":"":"16d415eddefa4dc295a64adcbbcb8c6fe8c8f123c6b09dc08a56d723cff5978cc120fd0a68a2f4c202c220db372d3128ef52385d5786c12dfc6e60ecfc3461a09fa80453e2b1b6365eaeb4df602d192aacb25ab6b4a59689d4bf8d1c4c42a32779f62b06baca6461f154cf40901f5787c1aa2bf67cbfe7546ef5b2bdff20790d8c72d077d48c59c92d1af90a90ccfcdf643dd9d6cee0b1faf5f2f35cfd01d2077ced5e2d013ec1e09336dfab9d9e51ba9a3a2837306213bca2d79abf8dc3282c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"38f08a099fc2d405c32d1e0f867e5450d5ee0d53783c31de9ddeae46d962999da01f13a43320c715612cedb920cf12eb":"":"":"":"079ce7a5b540cae96c2883e95acde3039048a6c45a2d259cc648639e7205392d91fa3ee080e615f1e0741a0e536c9e05844651b93461bfc547fb452fec61f853e1bd6e08eabd0cf1c5f84f85eca9d42b53d1e5bae51be5fd35189e4f1c02b843c6361fccf4ca6648bf30a23ccb8ebc16fcf158746eb39cd96f19d46707c001e11c4e0e8ccbc89fec66c69fc92843b6bb2ee1cc7595b65ba89ccaccd6130a8417faf705e8e203e90ee64ae970c409389b5cd0ca80a4e40b642689741691b20621" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"0863c868c32442a1a64095a71ab6ae2f9e61c119b58dfa4f34efd26593bbbf68bc407904c43300452dd4e61df47fa98f":"":"":"":"585334828cf531828fc7127fee0c926f85b8e71e8522ea921296dc62b83a09a00397cd45e0664d0f26fa24edd3e3d8ecef8fdd77ab22431d4066f0efaf3882c97f179a7060efe9e8cba5d8145bebd502c0e09ee791231d539983c08860d7783edb58440d193ed82bc77c27723381a0da45bb1fc2a609f8b73b90446e39869a5af5038aff603b44db9771113927a5297fdc3450eaa228e313afe43c31b0a95b476c5ca312b4f589f809749481722cea9990c02b647976aa6c6f02ce1e5e6ea6df" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"a41ad223e41e2bb9c131ec945ca310600ab00c51f6e4fcddd803bd9ab9be8af5483373838894d32745a81ba9d6967751":"":"":"":"95ca31a7eeebdd2348cf1d43411d2c35faffdbcaed4052d50cf92f0e9d2e757686b72d631a56ca98b68215e7014cfed943abc1e13441c1d660f13adf2188d0975154e1b42a592a62a43b57f82cc21a428873a92fda83abe420efb5233140e4d6c7852cf81e85961fa5c606c5f33e06077f414b0f814cbbe50cc606bffbd474364e608825fdaaf5e74d862795539be8697e2ce05d71446881e3f65bb54ed95e941586988f6e0c34e1beef426696e9dbd9a214013d826a8c99a2a686d8402c583f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"62a26c1327c0ebf8b40691fb4c8f812e81f5474b0c7db70aa9424110fee3a05e41c0cf2e87210e34d0c6bffc269bf2ba":"":"":"":"6e20a00df1af37e6cc55e580ba21335111eb375395343618df7d630b9dc234496e3964cd45c5de34bda46a28964f6148704c30925feeaecae0574038434cd33c1dd943207a8dbdcd72dc9ecb76a25728b3c2a8ac13c1de3a126d7d43a46e12e0d0ca8991469e582b78ef6aa691b5a0e3e85cba7d7aea3c1e8e031674e85f5af36546eb2a0a28d4ffbaa316a9a6c944fce291cc0c235e8499882eb62b22b548ae07cf9430329e009f4443cb94f7a14e8661166b0d681dcec867205abed48145e9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,0) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"fd54cf77ed35022a3fd0dec88e58a207c8c069250066481388f12841d38ad98591f9c02a1d205cdbcdf4d93054fde5f5":"":"":"":"f6d5bf594f44a1c7c9954ae498fe993f67f4e67ef4e349509719b7fd597311f2c123889203d90f147a242cfa863c691dc74cfe7027de25860c67d8ecd06bcd22dfec34f6b6c838e5aab34d89624378fb5598b9f30add2e10bdc439dcb1535878cec90a7cf7251675ccfb9ee37932b1a07cd9b523c07eff45a5e14d888be830c5ab06dcd5032278bf9627ff20dbec322e84038bac3b46229425e954283c4e061383ffe9b0558c59b1ece2a167a4ee27dd59afeeb16b38fbdb3c415f34b1c83a75" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5e919d353357671566d2c6ab6e1acd46f47d0c878fe36114d7fea9fecb88a3a27efca9e3d1e1b09d7f16832f3af75141":"":"442f17cb3cb1482a19729bfd58f46f6ef16285554892c01b0718968d6e011082":"f9557c93eb841bfd7b5d4b71da928efcbe3f55e1870493ef90d16eb238380d65":"36902134f1989cfe7eb518a56c06aada98997d9bacd04aee21f879a57b515ca3b5e0c2d5fed05ca1a8b054e8c46b389d9d9186feb0abe8e2e60b3a267281cc5b4b7341116ced35a0e07bc2b0330bbfd8b07f07248fa6d8fc5c9df13445324162bdfa22a91ba71453ab123c92f91c70b8bd540b3b180b11ab45ae2c59e57c7c43dab7576594959a96eb502d182267c86576b1846ccee1a694cabdfb42e0c8214192efb502926fa3c27eed020b7cc8866a5af9d838a57e78bf7acd230e1f4d8361" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"7a5d1efc9b7043060cabd67de7fe22740bcd6a8ceb355d69f118829a2b3c92006a5633e613f8769c1114b1822ffb5408":"":"f2ad962d992434468681c644587639901ff74e2bbdd8761961ec34edc4a0c36d":"75aae0d1bca9484c89fc4de3d1b34275ef0656775f3f8c96f2bbc50401aaa718":"5ca21af4b399db38f8b74a406aace69f994691f2765bb9c47b240000152739e059b163cd007de5f28bba17e485fcf9ff6f41f76e93998510e302282cbdbde09fe8b1a96187e57c9a3df94e2e748f20026476ca682dfa890b478f7a21f4927f74f99aedd9ae782ba10fcda1dc34c31b4f784722e01cc4679737276f56df23c5bd8c6985797b83c0ccde2b4c7a65c652745de7fc8a235ad7ed0f456f1e7568b2dad475f0bc46f02a7f35c05cfef9d0e2c773ff895e291a2cfc2424b106096d8864" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"611586ee40cb3ca4a9238ce112a237449bba5422ac9b18ea53480875334d8fa026da9d96c4e87f94b2f9a7c261be3edb":"":"2f835c336a3aa0019b0bf940c24643bc8fca58c9cfa6509aa9241de9e0e1a046":"1911a59c5f2568860ae71e803688889dc44d14ffb0d93e324c39f32d95c1c3ea":"27bf42f50476d8a2cc23f455e9ef477cb8e9c90f2e97c8a483093ebf55b2aee02e0356cff919e2ec9811b42c73498a6c2b96aa5b761ef7e715cbf66ad2e3ff8a6c92419dbf2e653ce70a87b51e26d9f607eb25b45b91f947d0026a38977143c8bbd94076e663b9cee35505b48e453e7cca83e540975ae8a53f26390aa63aaf1e2669410cc83427eea09428776a2d520eebd170602c52dd491c98042018a0372a0b39cb565cbe5e474f927f91515a6a7444fdbe1d89d8ae2c2482a0deb8ff236d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"85b1e5da599efd4a20ffcefd4737fa3ea1d2b14be33861c2a4ac3ac2a49d3947b14cf18f4ff426cb6345f1a7653e9630":"":"cf5bbf98d8577077b0b84475dee0f0e9aa95eedd1d916507b5233b688bcc856c":"b333ec111e1e7d78c9ac916e420704832539d2db46aca3bdc4732e8ce72b5e80":"4773d32a9fba37acc6900f3ac70f6978ff1e40039d6e3286c264fb7fc59f1bfe0188c7979380c8922bdd0e363c8e09a49faef59ea85a9f0e400b94c74a8a50687e4e51e25266eabb86276f22628d0d2e19c5696cd221a9b80f94045d001ca4c20dc916ca0ff22c93a41fc822912dd7e247927fd45982e94d3d1fde77cbe78beecba830b753079326ae33274f13fb7cd875e85fb5e9e703e61cbd41bc4ad47d7b4d14afc873a39dd810ad8eed95adff8dce3adb7659b7c1d4e3f62403767940b4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"50f986f6efb413fba3e8e0beb84d4948c2db0661ab8e064d9fee8b3c2f0a910fc35d37512f88bdfcfde797a21a006e01":"":"37c7b08222ba63f2136bb28f5ec09b9a899b56371615be41bef49a0b640590e4":"4a1e34a5d60ca08e3e6c0f1b86547ba2d12fa293275e7d75f83a0b846daa48df":"e27738c6fae66125fcaf4e725a0881d5a450fb5b02a55057d6cb7babd91d502c4f4a8431a83352f47ea8e5fd7e815f5080d144318a1dcbc755e0b935785cd5397955da22e3ff633b34a64ac72b2e6b7c51e78ff553731e6e8da911d147a6e05b36b74898cac6d3171bc8650e445ffd19ede2aa8218be17671321c186465d852dd80d73290546b88ef7a978b41c4c549e9c7fc6ef86e47084778fb5aed5d41e794ee0e700b77c0314a307b10df69daba605f3fdbe2dec708ba0b20d6b650befbd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"641dbcbf99b61437c2bf65a13dc3e0324eb940335da123870d9429636dfc82979d0cc913c73e8a6321fc3eb9e973c0aa":"":"72580c11a87ce6b4207908aaf5bcaaa1bd217fce3e8bc0726568c64639b70767":"cf9f4527e074b72be735558dcaa1fc82f26ae286bf944b49649f769bf6faf49f":"345395723d048c2270c0eac990498689bcb862a4996e82995b4e7169e671eb03bb2242c4669c874c1aeaffec58aa653c7d7431abd1650f0cbce8cf5db8316693f3ed501fd9b48c1a44b34f7878aa386d65afc31f94f908a322b03d06c2a1074a03bd2b579cafb0f7cee6d6934588ae1ce9e4ed37b03737c553ca19af4b46b5e43767cee2e459ab91407df6cfd13a6f186abdb148b85a5f49bf92ac6674fb055c7fe123e9355a0d33de281c03a56f91891dd496dabfd6eaa6fff6c9cfb4e67c44" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"b9c305ada943a64a2b00494e869f9a640173eb1c2518dd9be93abc3c93c7e6b5bd0627a199d15f77b188824df00d5997":"":"ffc6760f9af02d35666275c074eda03f53dbcb5690580bb25768a6566b328dfb":"f26f436a820ef71597b75134b8d9dca6e9a6afd9b429222a4c9c878f3b92716e":"e5413a234859511cd837312bb31aac4d31962c5f7f27aec47417f367ca99b8400a4287e60412fc356cb40d96ddf5cb801285ebca42b2f6fe4a711451c1574174c58dccb2cd3342b7092a196ac7d2881a08e7f5de939ccc8f4eedc8f867c81aa88655d96ae50f618279d5009ba2ac4b1df4e63030cc0ec3541b6a94bd9a2ae5d1fcf4d847114a783c997a7c6b9d549010bf7b649abef692cdea3aa8ada14574e0f78b7fcbe17b587ac14980e40264d6de030e429586593d5ce3ae571f95454dcf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"9875dbf59b760eab9998bf3341847910526d10071dc179f96081dd793a6001936881e7f39075cd382293a1aaa8c845d2":"":"1196583a99afe1d377b344585c8252a0690704b8f7a2b7582387ec91a60fd7e4":"20147a88e0f9f1e8caa8cb14488c9b5c38e5520a36ae913b4703d15af27218dd":"c808f6f296683d26208359a766fe61bc70ee8b6ed9ffb94ce269578fb5568fe2358d603638324b63b29bb36ae71a542e38ee69a2b93ad7e4a887a27a2852cdcd541a5fa6d0c8b087aa1185bd5788256e7d95c2aa2d5c11407b7bf762f416b01d8e747c45298f875200a2e67679d6d5ff7a7c0e50a010690b1920df1baf0afcfaee7ab0862004e23b5aa1ff47b8273d503bd74a54e7b39ac7e6d6fb0a594d30531cab8a67b22783470a65f24faba1c231b3ba45efae9f0be04e2338529cfec008" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ac92a6c791aba0406d6ea8255c3c0901eb711a424501c2c2c847076d78bdcfc3266b7c3bc578c7501daac6dda8366d4f":"":"13379a77d84a0c4cec95e62ac4c8a98ceede0d89b8bd317352a95300963415ed":"04d47ec89a3e1b7f22580167331225a00ff258da72446241a6c09c517ee4d48c":"c2e6528584c6dbec436ffec4075fd3aebe953fdc0b46b4b225a3c2886e60d21879e6ccce3746d881f6d80e33876afad439ab9f68fcc458492de12811fbd57ac49d868754da19279b4c0a38979201a588884def5677392dec97cafc94bccf8914d9f78575711bb6f2adf4116db91c8b54e36e9ac2f5e01caebd300acd7bd45eada69d20f1b4139013a8a614069315a1c99137a6f23e38f91c210e0c156c6fb498056e823dc41a05348ab43c2f6f4ce188d4e05a13d38f8025731ac1670949a040" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"63954ac7a0f989a458d2b4a6b7013dd66683624584b545060bd03a57b92822ef422764bbbc35fa5d40d34145afe44bec":"":"7b25d875dfb03333cc27b9d4286d00a85ea5921f4b8a4717b957349eb3509053":"8b70d28c5c80086c0cbbd01337ad45297af271d4bafc764b0fc5705700cd419d":"297752e61c4ebc4e1c68391335e2cdb49b0f19dafe359e451f8158fb7958d32a98455a852002d8f05169f438816ae6fccba1eae4d1fdd7a1176b04831d7ce892f711ec825062ea1c6b12144bbd3a0aca7f92520ebb87ac6045d2ac3a4a74fa559926f0daceb59d44fdb39f5fc3b877f34241531e863c153286f3f1b2ba2db4e2c8e2344be40c2a7a8cd01daf168696ce19f83ddb64d50e2313e78c5dfcf077f25e5b4d6f687279119ce856d4131a63ad133cedd020881939bf70f82eabfe46db" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d0944e0a3f3604a588271c8eb65913ad9b07ee2b29620f8106ca70ec10aeb896bc9b2b519c77fec5fc419e953ceb0be5":"":"d58593f2488f0a292ab552dac006c94b20ff500dd57af32be808921a5ee251c1":"ea9e579c9dca67f07ffd67d2483ec1fac3d2ec22fefff73c7ac9f125888d7a4b":"ae736da6632a7d8bdcc9e279cb7d3f9101a8f7dddeff253277d1d99b45c76a1a5c193334e912c3dfdff1bc389b209c3b29359a4ca53765a1e40cb900c6055d8a285cf63ebec79b46019efe95d5199f215f11961f3319d225bf3d60734fbfbf3593ab105cec2a17e308af469b3220ef7f055675396d289e6f4f8009881c8a2b4e9de88d53ad13e8bed8b38be6d8988f615b4590fde3d91caf50a86eac3fbf29924743145803978d261132b5975a9f108499250314e098e57c56e2f9327307cff8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"1ef53464bc7a441227a27ea7b5c558dbb3f509aaf880213cdef7e8f6a1d287c173cd5b3148d46c48c83c5cad3ccc1f50":"":"b052a66992fd8a8cb02c593edfe4766fcbcd3505af29d698e1f4db398acf717d":"37333448311c2c6edee19aadb8f1036cb60cff2a945c1a0ea087713bff31e915":"4ea7054659cae1cc178ef431aebb64c2c8dda3a965ea940a84c00d9790e2e3a33521395cc4d49038994aa4c7dcaf0b52b44375d93b625ac2281991a85a5acebf3de552355e17b3528faf39d392fed981400f28540f5ca64a4d2eeb952c88856c8f7388a49611810941b46b1000ee4a8aaaadcd39944c4abca9110fd6580093f9303f86a6e129d56b5aeff5422c2261af33523cc6a174e0782e13a026c003c17430b8371bbfc3d51c3e06fbdc30769a278b109238bbe383cd5523053fe589b72e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"14148d69d583d4c1758c307e0eb0b762511165823fc54096f9da5513e87df53b96a7be8d31b8a38f24a82d846b0e13ef":"":"e05f81f6402c52dff5c221a2f191155bb56abe160ce7dc8a6bedfa029195a612":"214777e3faee7d953b5c796675e106d50cdc12836b3114d14447ae91cea3c1db":"eb0497b32af8a91ed3959c31b079b8cc5c39db3100913332fffbb6b1d5ebbcdc97d6e67c934f3336197c9b730d80995a7d7445e36cf3047cab22895f244cac803eabd001eb1ff5d5645a803c41ea6dde6c972b47de0372ce901667d03e2e02aa0a5aea809e0bdc7430440365908418ce6066c24191ace05d6a797ef9b94409989cacbb9d9ec31f3cf0112b72e1420b47e0c184a8aacc214d55a0d5e0869d09303e4014de0430c07380006ea75984e6c32b06067d7d7b931e2b74666b4b569f71" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"27d47020acc3a80a55149fa0ef43f684843ba89fda4bff1c29d20baa2b21956780569b7fa0c4078d9ff71a3790f1be3f":"":"c03ea0b88e2f9b53f902b22746bf4dde09439c190a7a638e3cb990d86739dbed":"3ef05e71487cdbc209b5ab6e808e55f0a93bcc02df766b01c1c1ae5875b1023e":"3ee49e2a58d800d922cfb66284da84bbb5944c85f194d95f1156b673392132a430e47ae74f1ed7c1d0e632d8cb604c88777437d8f37e7d0428b834555a96800540bf5bce6f430328fd328baf4b22b7f8e663c1d8583bc0119248588840510e11203cf47dfc4f6cdf8344170a341fbb7d93999ba86be3fb94d9c03922fd3d75e3fd5b42365aa62606e352676b2a0c51fb030d8d5605e8ac6bac2b4f8417d8e060148e3d4ba67b31e5e704d866bc87741ba877d12b10e8a9b37f3feca908fe1fc4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,0,256) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"88b6550d49182ca7321d8015f780121223a93343dabaf21978ee2818e7bce6591d32b48eb4642069adcaa5986224e6d3":"":"809639f48ebf6756a530e1b6aad2036082b07b13ed3c13e80dc2b6ea56e70a04":"3395902e0004e584123bb6926f89954a5d03cc13c3c3e3b70fd0cbe975c339a7":"4a5a29bf725c8240ae6558641a6b8f2e584db031ef158124c4d1041fe56988fdaee91ca13925fee6d5e5748b26cc0275d45ef35abb56ad12e65aa6fe1d28a198f5aa7938fca4794c1a35f9a60a37c7360baf860efd20398c72a36b3c4805c67a185e2f099f034b80d04008c54d6a6e7ec727b1cace12e0119c171a02515ab18ea3d0a3463622dd88027b40567be96e5c301469b47d83f5a2056d1dc9341e0de101d6d5f1b78c61cc4a6bfd6f9184ebde7a97ccf53d393f26fd2afcae5ebedb7e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"2cd968bacda2bc314d2fb41fe43354fb761134eb19eec60431e2f36755b85126e3dedf2af9382a1e652143e952212d39":"59fa8235108821accbd3c14eaf76856d6a07f43383db4cc6038040b18810d53c":"":"":"06051ce6b2f1c34378e08caf8fe836201ff7ec2db8fc5a2519add2524d90470194b247af3a34a673298e57070b256f59fd098632768e2d55137d6c17b1a53fe45d6ed0e31d49e64820db145014e2f038b69b7220e042a8efc98985706ab9635451230a128aee801d4e3718ff59511c3f3ff1b20f109774a8ddc1fadf41afcc13d40096d997948857a894d0ef8b3235c3213ba85c50c2f3d61b0d104eccfcf36c35fe5e49e7602cb1533de12f0bec613a0ed9633821957e5b7cb32f60b7c02fa4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"023f5673dac29f62245510d0a866629c43c64bf35a0bad30f1270050876cfb1ce80b615a5a47ecb51217a46079e11fd3":"a6f797b155d6da01f5d155cb7291442e1b82d4190e93e279fe5b4aaa7d04ecc0":"":"":"507b824443af5db28f746229e03ab00c73cc3ee4956aa14b33eda00dd2b9b645c132dab7dcdbc659c8ba0e1a3575fe7dbc7cf9691f9b714acb1b33bef96943003c992f661e04fe9e8b9f648f4af9a58a45b08b8fa7fa3704e6bdc289abbe14a8c7e1747a52ac916c31ed079de0b900672e658a201279824d0d75ae35dbdd43aeab915653765d83e46f347fcb4fe3321fc28abd2d0d26a662661582ce21b6dc4ea6d1b236e9692a83c8ba0fb299157b80623ad4f448d25d57f537b10e5e30f80b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"96b5bc16ce0d101b90d54da6c4b3d85a70ee19d54cf4cde3d048afb5f758a6b52ea2c10c16feb71cedfab9bfa9e462f8":"2ff415e2432d2e6c4279910a5e56c0f5354a5af0099132d891943b4a8901ca6c":"":"":"ecebe717afe6dc08dbff3ed626bb06de0f9784283b70e378dec19d4fbb50e61b7be48ceb69851b2bb94641aec5027d53d314a96500a9bbb38a87c9aa42ebeb96a23cf29a0fbd5e48b399daa1b24dbdc85223f24b7d77332bb1a137ec709d27c008c709696cbe44bb2fc19fb10a2fad4ffd8a9d89492a939f2268d1557f44b6a64e2a57887830fd8bca1b6306aaedbd7f3f476b827995a1ed121388497edc7e639c87d092f6591a45b5647c6c091c15ed39f594b7fc4ae92331f96dd8e17be970" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"364a833a283a3e0b8a5b681daa50df96d806d4b54828f2b016de5d88597e6287d98cba8fda464d21aa1cfb7b26b9b226":"35b0e7534014dc2d7eb0f20ff78a69d5548d0a64122d4936a6ed177fb3ec66a6":"":"":"df4c799cae37173a81c545d019ffa336ef2c039a5865af425e5b60bc3d7202f4bc1aac5a84022bf4088061abd5c39d0fb047ba80163eb5dc8b9dd515948f16915832c6f76b45acc25b9c01e7f70955c0eb51bf50f00b24bb8e7ff53bd7c051b53d8b1a837a17a00355d7eb21e43b2b5b249dadced37d06e7047c2fd12012705a59d051afd26245ce3a59acb4b996b718c7dc1ae964bf12b1db02fd6c06ac2fec6ee5deb02c2c830110e9bbbd3c778a136b646ce2a0738563555a89409c56b81e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"bb4d38c775acdeed663256abb747ec25182bc16efd0de02cb4b05e4ad4749c92be6f1e856e423a8f3bfb0c0f27ad8210":"21591e796b7e68e7913fefbef4872af9c062f21c8023c0dbf47e040c3aed3733":"":"":"12575776e1b9f54b0fbc39e85a77b6912160bace4f1e9f049e3a1c5bcb452cf9be42ea10c028c3cc249401ac236dd3baa53ff327735435f4869d3289bc9465ccf15f826e4e4fff099986bdde0d09bd12e3caddcf452eed6ca1206ae4561b84770a9cc6e962567304ef79d8d3608529a3b5e4067fa83c8c35a06f1855da5f5ea7eb106e4c60181d12ba00cfbf7eac60bda00571d95c45c9d75c43b42e27a238aa5e0f02bbd96cde59a2e572934a99d05c399ffdf15c65f173748734c51999a29e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"f9d041d24158f480600c3747cbfd868c3f7e9ac7f74b3760eae5320839e4f5130f8477d88b1d914c0d8b375d089a4c83":"b148049f4093f0032c7f105dae219aa9e3f70487ce3a6b6ecd99429f66be5406":"":"":"84c58bf473061da92fa8d56aab3a75598428f18dca504191a51746eb5fcad8f784eafac5ea81d636d579e330baf7db95c8d706432e9f585e84da090c0eb40dcd819bf10e0d5b8600150d186f732af50b431c596c920eca742e6555129fdf5df96b44005083d7a33087b150d63529bee4b6e1ed4189ae2d93cee8dc671d47c0e74ba04218dfe273484a4bb59a57743ea56843d516ff2c72ef9841996d31b0d6c5beef367a6b44cc84cf4d403a06b40406e4c9f47da401e3cf31412694e6164dcb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c18f511ffc3479a59357c17c2fb3d1e0e6f0edda4c8b567f2413323c2037f2fd140fb0cf33eb59526d8c0dbd216939b5":"7387aa3b0b3d92afb29761d3d5ea16e32a68297b9ea6751e1d54c8612f6351c1":"":"":"949bf03868563c7d1498c69c327686682656374b2efdef6342e69a388229c580ca2217a9332d3ae77c2d1223f5dedf4b34ec50b79d5baa7283168ed7cbe71c6c3c9193bbe01b76e011c39d2d462017c2c74b7e698fa2140e16886a9ec0fc6c36decbae37537638ccf17777f1cfa49d2c2c7ba3aadd0a1565d61942de94aa6fa16ecafc2dafabc9082f23e75a0e2f8f79d1c0a15ce57fef7655f1a4fc6fc4d4a694bf6ca9e333959f35ad354524f614905c6a52ef8f524cdf01c5fadadf207772" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"6b09295110384eb56726f61474bdc532fdace31ceadb5fc23d587356cfac74338ab6f9d89394b907edb646650865a3fc":"7cafcb4db31ab411c396015b8bbbc990607e08bd1cef3337dfa0e295ae024f9e":"":"":"e51bc5b3a6bb2a2667f5d62c2ff9902dd07b566870b4c14242627da7581449ec985739cdc2bb5ef036033fa798112ce20df06d46d61aad7121b8282fe7556bdd363cdabbf47184e55edd85ee0b7b0be17b9a7f822f4d8906465b525c16385d0899b6c27728ff2a600870aef65f58f9d3777e8987d86e59fdb69cd232e7289fc75cf2174304137f988a17b60c57af84cd8e556aaad458f511fc0b3009516435c0c60098f35fb6a4a90d90bc6071d38000703ef57cbc19d6b78a0f797f3ba044c9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ec6d0f68240f5c47e822d9088364c6cd03ca53808162b4f06f5956da65290946f4d26653d079e50604f836c1d798243d":"b40b5737cc76c5f6d1df0f13bfbac7e26f92aa933125705b6197d9bedb11f2e1":"":"":"207833cf65599e1406ddaf3452f060c872099cbf7483f1f7f14033490f7258ca5fd7f5339f914498b6e61fa426cb872c880a9fda9b8ba590cd8006b990af7ad412f60c8b2ad969c2f9cb0e9d005943d4dd2dd7af9699046ce89d6405597716d43b9ad54641c2278b04b2bcc5b8ecbcd5e2044e4e6ec5a628605fcbd67249e813bb769d7df01b60404d030e69e9672b4fdeddf82a22042b83ca036578b69f9a0ad9702bcf95fe846705b49b0a0795dfbc4f671e0158ded6242bd8f8fbc2410c46" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"df59ac224e4ba1b6dff348f17bcf9c5a94a3235a54f2799a6cae29d8654b79d18b09b444a28a7d537e1a2bc89e95abd8":"14a0a91e0cfd63ef5fcbe2e8c7a44bcf5769c9f95b6c50bbe9d3b48b82a09053":"":"":"656438e7738d441b9ac116361e9f26adc0e303da7889cf559841b3e44127318edd356051bd0b3ecea78feb2b928227921a0c183c9f56bfd11ef31b28da6c78f3891d8ae1804bc158fa56e8b7a1a46be4954de493ef65a7f9beb46949a323a04e944034db30b19cebd8b70bfc155882ddfaca1bd5acb981c2c1b3e0862c6234d13093ddbcdff15129d586fc24ea2fd20946fe45b467bbbc77a6b6973eb6ea02994607c657eec29e4c4b3915cb730db056babf1779127047b401e25f97f606063b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"8da1ad6810c1d6b7ead210e48f51c370d4520547a330a4d591e61a9847aa043463f69d1b237999fda9b5697f1e7aaa07":"291c536dac72409e31e71cafb1b5f55c14421b2c7a44d792cfdc663dc8f62692":"":"":"c2bff571554c26bbd4442fbb3b0f8eb4db09840337658a7425613e0fd4f96e60da39b250c3a77379a53325a56ec02248c4d67fb9154e3b0eb8972a3109aed531eccc027705b267d2b9c037da79860d76e5e980b5b30b7ea588fa221d24d973f6d4c625de65123e91613a1528cdee59993aa827f319a759412f20aad6c50fa79a3debeb346ad92809470daf228cf344e09f03c839a28d580a2b3d7050685ef51e95649aba7228a2f0c82a2dfd89cae6ce549e8b27fd46f02feb473645765018ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5e8d6571f514519de6c4c0a7cc5b85df616735b8dd09c3bed2377499aaabb296a9b2c94642da10e8fa737cdfb3129334":"6ae29c71b76fc48f14a3d731a0f6f276f73e7672eff631dbb1d22b06463bb236":"":"":"5cadc1264314fb4bc7ed7fa74bfa16aefa624bf2fd60c992d0cba10429c56e0028ebb430b1a1c6662a9b3c7f6de244ca000ae63db9570f1aa3e7ffb1e97a9d848021d8e632fedc037712a29abec4063b9d57c60738f0af0b1aab3844b03f7aacc65d38bec91a11b7c3bf8d970f01e00fed9dbbe9e2e499a21c72a7c5a22864125133ecb073a4c9f6d9fd46024f5c1ee7fa447209afa6ccef1f97ae77ca67fca5959dde209d2597f87af6e154408579cec42c69fa9b7cc075ee3e37ee3d91ad9f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"5c9481b2642855fac8931eccd1bd6c5a05b560a55f96d37e865f057a95812d81fe65c84c96a990eb7a302b58de723cb4":"b6a61b9a31207363d62c0b88f1632290f4f18feb41a6dedb85b7450ff9157016":"":"":"9cc77b68e1ac23fdd2e2a6ff697053f816bb48b39b1162f7aa3fdd2dd1867f68b13980c9e5989d4631b7983248501731326bd7bf6e967b3dee7d2d5625d3cc2e198623af9f77f86103491ebb4aefda5c333b51557b8f643e6d6c593fd7e27e4bccca13140f6129cbd024de076e4688567fd7e41dc7b2bd0bd9b3e966d5d3c461502221b52b001a4d2102894da04172efb900171a0eabab1fd134217580cfc33a0a94edc0bc132af91d048c6f5ea4e34ebc9686a99f81d19118ba4da63ae3df7a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c43f883d0adc2b56984d4a497a8ad76813a01df5a0ba22b53144763b65c7bf3f6f722e4ceac59966a6e44ed898e6109b":"769bace2c263edb87101743673724ef67a935e1ae9cace87202b6015d20fd9ca":"":"":"ce61480953190453247d091838dd80117f7f85a7e9a1237c92edf10cfa26b423735788b1e89f33625480d9faae57112ee62c8e4840475a6a738018ad3fd4a77efdd8f15ffb621c429419b6adb20431fd35f9d62fb33d500b87beac4856aa4971eb89710576b609ecfe758f3682dd316e7ee9d6560b444c2446656c8941dca7d6eaa70fdf8a70f18386ee5d4c86738bc261c0e8e5f509dabffd0425a86858ea3c71de5be98570dabd80a37b4f7f954002727c0b712e58693603c23130a45e98df" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,0) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"d083f7f8c65374627ddb51582b3a39e2bf074508d5f28ecce25787f386058de8afafaf2ad7e6449308e176be01edbc59":"ddb4ced192f52bdfa17aa82391f57142ac50e77f428fa191e298c23899611aad":"":"":"b978826b890ce8a264bf1ad1c486aaf5a80aa407428c0201dd047fa1b26e9ea9ff25a9149215b04c2f32b65e007e0059a8efe11481926925061c748678835c0066f596352123f0b883e0c6ab027da2486244da5e6033953af9e41eec02f15bebdb4e1215d964905e67c9e3945ec8177b8c4869efc70a165719b8e1f153c41744d44d3c56a15822d522e69bd277c0c0435fa93e5e1bc49bc9d02aee058a01a04580a6cad821e9f85cf764fc70dfae494cbfa924eab0eff7842e3541bc29156f6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"c2feb900032f2cca98d3f60536f563d8ac9af5fb2e90dba36c371c0a1c58cf5e4a60f2be0fa13b8266b715be8aad128c":"8e6f9be0c692648072d19c750804b10e2ec313c8013abd363de7a467787859f2":"72f54ba3f8e71ad69a040bb8493283acfc8815f17dbcea220ecd68372a2dffae":"adce8157ef60482841dd2ac5ac512bf7649120c1dba81ea75f2a70b7512bb6f3":"e76e4326ac69ddbc6b2408c529b05a96425c65cc65671601191238e9434d2a0147f3a25ce9b6818774f5263c92459bca421d2b492f9a9c2971359baaa1426d6e2c36d8924f39d02ee2fb5502c4e0b206dbe9aeeacd508abe6c055d547b5f9f35de4fdc9c05a2c63ad699a3a7e265598b8f40a8a295d7376b88c49af9edc790b8a5ee221e19877616678e2a5135d7b3756109200439d9ec8bfe0cc5f3c334ca9c022ab9192d5d554dc7ae76af1dc06d814427f46a7cfa2dcc62f4777d07ebde7d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"ad500edbe28b9a4338b55451b81c652797eb48fba753c186ce0aa9ad02a84ea2c995b7ade6de0fb4ec97bcbd61b711d5":"5770c41832a4cdc4039a8c332a4b45e7a7b2dabb678ccd2e56452aabeab14925":"d8d5516d158b41cb9d66566b88064900af78183f765f2f72a19548fb797377b2":"60a3a01a72e6b3f33a0c236db08237e7d656bdf4bab1db57ae23b7305569dea5":"c5ac3df66bc664e8bf84c758c7926992f0e8a03cd3f3f5fb8277c85b4da526601e8131f9d205f35594e101a86fb83ccf4c1e98c8e609062256701ff2132e337cb7287f0ee2e8fe3ef11ae703d7efe52e63cf89119ced05950c55aae6c822b6b0a8e1b91b537e5bb2de165a4b5b43a1c41fbfd65fff9bc5329d303caca84f5d1fc6acacee622623ed5dde36aeda0816749557c924d6ed26cd80e456fd0ae2146477ccb63a203fe16ac1d0eb2d12b6a2cabb21d412422e95f2df8ccdc23b4ef0dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"51a29bac53961792077e88ed3603d33bd1f51b3fdb2b5cd1ea131c6f643af65de81eb2e260396d2a69b4184c4eb98a15":"72e5285b92c4ea4458e8a2159687cd46e7df9c1f4513d8b72cc88be41c2e1522":"16a69f7aee34c567595f3d362ccbdbb7b9e9372c4b1729fbb80d9a089eee31a4":"825197262a43f6523182f0a91005d70b17d81c2bb692edfd02ab988130c7d5b9":"f63f531c242a295d7796c3b4844fc74821af5a53e0e7ae822cd8a7f9de91e6164164f3448fd7d18feafb97c9500e0625d501dcb3927e6fb39ef65dd9586d157076436452bd3066cb30d1f47dc0a3ffa5f2e9ab4e183018b40a82b39b0d170aa21b05600eefea906838b95456e04cf046808030a56951d2502c5eb6271228905ed08549bb171d6c0408d88250785f42e349ce1d9e74a6cd0360a008ec804e7ecdcb4d1fe24aa5a18cbb65f4de1619a29c6062b409a386ea6f43e60adb9ea3dd28" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"b30ff9c6e5b6bd258f1cea0fd5ef9adb81fbec233ff2fab01e79b7422878b2e950604e10ab80ddceb9d2b968d0d37ba9":"e8acd4b380aace0b27572057eaa947e10e6b49516140139c74a1d4f472221dac":"1d2ded0003521e2ba6a4a3e732e0949c1d858fdf0925fedd9cfd7f603e0e692a":"688ac5e7b4400d962c106fd2ce712a1cda6a0b8ac5196ad727f9b882329a3d5a":"c5208fec1d67517311a42bec07782ceb247e9c818e4f5f3bd160c9e53d462b61884feb278cdc8f64e22f59d27dfa98d3a90da8c7c5ba28ca40bd0d18934595a376553d1a8a19de07a83e2e9db42748c982cbcbf4a975c20084ea9cc6c6a41b571faf66b364e4b7e4d32efc80c30b219da1c02a1ea02f6922adbc31a057f999605a2d827f10907835c2bdde4157d7bf2906a0ad27bb72f113c6ec4f23631a2b8517bbce91b560d90d73fbf0699bab21da23e27cfec513bb5e375f50108197d664" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"56715dcbaa4f5bdbd157bdd950d1c1b46c1f4f8d7818ab321d72c0ff3c0a928064b0439f7bf021dcdc7febf2126e5432":"cd5547991b525f7795e075a59af1701375175bd760db99d316b91463f87f7f3c":"b2e4f02f1c14866f538eddab402356ff3b405abbb9154e88b98483a83be70f7c":"b8db321ab30285eee7f9e377ad62def6caada447d00a4ec882081daafe2ec009":"7ed8c2be58e3553eb65508377d63d7f24518d1a7235dd4c740bd987dd8bc1c1e3ca97a69a37dc9a270ad88989e4868e6cf8e4cf01703c0b1eb6aed8c3f8af431d819e68b6947ae134d360d87e33668cdef0e45e11f5cd79329ff95ed00e4a6952750f1574f489394b5fde3c6f07311a1e5d9c4e070a0943ef9d4a130a9e4b0a80c256e96ca5042961766874898ea0f772b78d1a33e866351a4eb425b822b5ad596cf249bce8ccd6dafb334b71a503fce2c8fa3fbac9943910ce5ff02ebbedde8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"1c60a31760019e6a571e2987e57e19adbc1accf3edd44e501061cbec331b197eb68d0fa8fa5e3071d6f8b7c9c0a3c35d":"d4d84dc7311096791dd9c9d7f2cd291071f877afd86b9644427482d09ac9df64":"6473f4430398d7e5a2d218bd05e6aedac1e317269df3e4705d56c22d6e7abb0f":"379649b56a46399b9ab5f3880e1a73993a58cf52821d3cac87890aa0e6322a94":"d34152fa12fa341d0326a525aa838558630013857747f02634d24e9deec2da12f52fb405e7f1b973dc2d982d26eb2ddb4b49c35a9308b06809171dc990a4248e6da0c329a259f495247b9fa8c73af06604db7b629168e34081696a043977dd29a3c0362d5895f9aac24bcba58dd74078ef6f8d33eac864f2e6cdc479da3d224bad8099d011e914b6ccc3631a7369586e18c71a4087de0d47a7c29a09c12438c7de2d4b47768f47685b742c25b860e716c31e2afe4ce6d92bc2fb9f34400602f9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"eeccce7f7edc52f0e2559250be36526cd1839151a77c59d527f66fa24ea4d86b3fb298c8d72b6a0a8e191b60259d1fc1":"26d35895723ba3d431991a0e6fb2154ae5bff7e58609c926ee3269afc5cd631f":"227b9a71a6c17ecbf627161fc627f8f6f1a28ce39772b7a3d36064e2cc6dc4d5":"eb59f780c5a955e1355dfe15cc4a4e90a6ec75584e63bd0de734399f47b95070":"78ac77657dc56b23e617a9b38168da945c1cf52b6062c2b10f1d7a3814d9b9efa5545da050b0db5a65a2d2d2e02fa12e97eb970fa8e83c524bc809d675e0db35c9762323f327f1edb9b534ce16d02519750b41ebe51f747e9da43fd1afc60e46c7aba72e15cc7a22fad19ed55189f287a14737483eb6b32d966c3e3969d8198f01f2ed841f20d7d2e156d6285a29e07f6d7fff42bd575806c4092522b03e0d1b8df0cc88f5b82d24a7fd0feff6ada03a60ef2541a4ab041a49aa973c7163bf94" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"86f8104a081c9565dea5652f20145a068dadff125debf818262d8931cec6ba937fd5b51affcebee952fb67f29f197267":"c7ba5ff828855e6e78fa1732d63aac1f49701ff7ac1f3506e97941f998b4e9d2":"6917bca15db53a5359e5c4d30ab4d37fc6a1bc660faaf2e74864cb4aa52e0e02":"eea8db0cfc04f8de14d6053442b5b4f8733f822df4be5966a0de8b0f7d2036f6":"562b8b2fa3bb15cfc3f7e57f309e31b13c790c928ad6b32a005f5431c28576c5706c4ac0dc2c7a4435bebfa06571278f485932bd94382efcf727b300b230da9b9e9f377d2659ac75dd8247351d5ed8185effa0f255a2a2136e63717e0265d561a34c75ecee1c774c25e33fd938696825686acf9a419c1da3fa1ce8f695e231087aa0927dde6ab487dc61291ad4700c5c608fab1a418f6b30ff97b8b8f01ef8164287849a77b21be5d11d82d0c19056e07d59a30f6c576705c6cedcb9f22d3a8f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"0db6f73ab6d31ddf8f78d76961310d68f081c9e6d5985e1883978c2dec48d9f58875ab658b3a8b795bf464af9470a90c":"d886936ad36549a10b5dc5d6e21203abd75ad63f826794b4adaad45a70424c5f":"76993d3bcc32546430efa30e3b30acc34c7672b6e18c7e2e9a1f1cc26f7f7a22":"54c72cf3457e6f5f6b35dc14167fee9383c44c867f233ec9d81f187bce438c0f":"c3523894d273c85d605d39f5b89e3388afad8c20787897b903d8db7e3de7590340174be3abd7598daba7806ab934e0feca02bbe66282d469ec01476bad5ccba59fc14cd9549bf4af49641f4326b1052b179c89194d21bec0501c97ef2c24aaf045fd348b765910fe92c0039612e37baad2445b57d9db6c1e550adf6688a79b117f6b7a37e0209d89f194a1bfe1ff2e3b28f0454b383af8872f32322bd5313a3c9ca48d33eab7c3807bb98f8f402c43b99b2176f0b33be08c7e84c86b26e971ab" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"3b1ffbfae6ec54a175a80a33c8768fb60f2af9ee2b8620c4e800a17fb9241ae47f77da414f67b5d7b24dd100355d2afb":"0d50cf61e2020a909ba6e36ba4d0a394579d3e4377cd4bf0068967e8d0fe7a78":"5d4efb3f6e6503c5d85a1c43398d0441ce8aefafaabe2f6d86988a24e033f502":"cfb6156a1b139abf21c73001240997ee1a8cad91a4bd777c0372c1e8fcfd3fac":"d3ef776c8d77fcc5e947bf53e0be11777e69c7dce138f24c1a3212d1b6b932580371479b7619fc82f029d92969628f810b54a8fdab8eba799e750945f3545f6a96226bc760ad736101516efff5d8581f5864b38c29885d39843a4adca17046e1e388c890542988797b576da64804eb4101638328d3f8bfa398ffaf83cb7290a2cfd39ead13290ae773a8958b33914ca02c8ff6a069aa25ac8b36f6f0f1dcd8f1c5fc838083a64ae7ae11b85be3a9fa80ed83949b622002e91776273fa32d6cfd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"19767ce1f18aea366539642fad400a03a675b2f3c0b1cfd49925e535b2c2779043c5a1c57ef550acae733729516aa62e":"6bfa882c1e895eeffbb85578182653c022a4703091529780c075cd482809b990":"11236df1dca3de6e3e3a57d2741d1b77f15f45b05beb47cc500100b31188a42d":"98708a88fafae56c4f6fa780c6c0e33ca8f2592983b5ae607146cd6e92204416":"b6514a3779dcef2c9ea0ed7ddfa808d045c5907314c358302ca32b2055987a38ef601637cdcf77b1b8f7eac479f8f18972013c2e1a6dfe612e8a586dc529ece486505534c0ff3dc0b2049a0e46d7ac504a1fdfaa9b08d9fa017c5803415fa391ba7eeb576fd6ddba4404feb46e7cde56e090dd280be5edba7d6df9c5ba7d3454bcbd4d443b08fb51a117c1d5916f225dcd6c1c3fe2b2880f4d42962befe3ab76bdc086e29381dd985206e3e00ce722c9c040af5ff4cd4a8183b446d91b310845" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"f63292bab50668eb14b83975422a0c853fe55714a9edf9d8a817ba0b2f26ec40063a86ee3c79c694273342a02f68ecd0":"3c525956838e26b77b8cfc37f024ec398ed825076dbb749cf49a7d868c201e6d":"d9a41b47c3bf8743099dc8fd228f77dff01ae304761eaf57d751e11cf094bef1":"b790c37dbda20fbeafe9d1339a1151144253bdfbffe17ba87240eae49c606bf3":"3586b63315020b3ba1121314a0fa6c66d57de0ec44abeef7b7325e960832b7944cb0a81a747ee5c5d3163001536d3e5ad2ec869b0e5ceb14aee2e6915073619528c1421b59b80254dfc3cab0584898b0bca72c76ae25f52b7405b9dad38cb2b841e1d6a34fc5b277129db49928b2f6c0dd22900ee786ec128164ed12eb324b502499f1c5c89be2101901476b39c56034cc293e320e63a3e019186d4eaf9a098136e8c0ce7f6326f84ec95992dde2585ad3945a9534aa2954b8c15a48e3324d76" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"3df74683f298ba48648714e384989145c1b84246736dc275636809d64c75ff603056e703c435eacf21c0bb152d9fc2a0":"371217ca2337db03c4d06714624fa11f90d5dc575bdbe12a457c610be066dc2b":"f26b9cac8df57a33e4b5868c36f2b9322994a98269dcbd7956b93d147dd0aa27":"0a6db86c3abdc39878045b8fc2d5f0f77a8e298efdacb4cb9f74762fc23b96fc":"ff5252b7a39460a73094b9d668b53d1932243caa885c0ecd850612fdbe7e46cb275d079bb75a6b050191282ccb11ef255d52cb763618c4b624560d79bb9a5bc99319783de43c152e7aa7c4cd879a75869285320a9b749c897bf07220cc1bef1edc494bffa6ab93dcf839dc15f6f2e508b9e216e2a1786b75abfb01bb7bdeda722b47af895f551670f9562d9f9b78e98ee7ea5c5ca4f836af5bf153925b2aec055eee8164edf3f7b72e24b1203cfae1834705f74cac8c6043a3c2abf6bdf28fc9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"53d70692f0f4dbda23d78660f0f08c7e70ca94441f1440348f76108874d13ea14652725abd1a94d315364416c90e662a":"6deee916ad660811cf05b5652f32df4e97f544ebb57762617359159cc9a425c2":"acda427eea1c8c6791be6e4d2b60be30302abc84d5c5a13be7d510004b8710c9":"d27d7f598a14205c45788665cd062135b6b65547d3188959e38ab675401d2b62":"f77f9de60e95da3f1d0d67b5dde29b31df59ce980ebdbad7b5e0a0051fee39e1d6fc4311f21efa016039bb05f3b009b223be6f2c007b468388a8a19bb468c7b82cc93dab3e160b2b72fda1240fcceea01c2638e9c8bd2d1ed9ff9b55bf69fba4b6ae8e694c150896ac6233b75567993f9a9adf25ca0f0835b9991ff4b8d3f4f1a3e4c5f9866d98b7a75196804f996492a61dbab5bf72f87658e2300a1b0777ef7f43ffe8962f6b6708d2d91dcdf6b430cfaacb3289f74cb0f67370bcc9af249c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-384,256+128,256,256) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA384:"85186650694f742c3f5f228f943788f05602d4827518908fd09a1fb445d8333db2d65f376d48c66eb9e0498999e1ff49":"499928c41841324749143be9cc769899c38d6f6e6933e56898896fabcd802931":"9574ca51f21865c2fb0efc75cc9d90ec5e9c43104979cd64d00ea5544ea01c96":"c0df840a18d7584b62c70b2f057bf824168edb673cb517cd9dac89a0fc80c9b4":"b31e50202f883a8563cf129a0d5f8a33abad79d8ec8a97167ed7fca778e5892480617cdf50b5e51547f7ec1bede35020a311572c61e33e9c82968e8f69586daea3dc19063bea56503f8ca482918d229949acd6f1c52cccdc5f7f4cd43602a72a5375f3aabfd2834ee0494823beada2daeccbed8d46984d1756fe2207ca92186b506115f6de7d840c0b3b658e4d422dbf07210f620c71545f74cdf39ff82de2b0b6b53fbfa0cf58014038184d34fc9617b71ccd22031b27a8fc5c7b338eeaf0fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-512,256+128,0,0) #0 diff --git a/tests/suites/test_suite_hmac_drbg.nopr.data b/tests/suites/test_suite_hmac_drbg.nopr.data index a1400e6a9a..81c946c2d0 100644 --- a/tests/suites/test_suite_hmac_drbg.nopr.data +++ b/tests/suites/test_suite_hmac_drbg.nopr.data @@ -719,243 +719,243 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_nopr:MBEDTLS_MD_SHA256:"1353f3543eb1134980e061fc4382394975dbc74f1f1ea5ecc02780a813ac5ee6cf584db2447afbe2c8fa0c15575ee391ba60219332a67b95d90ec9de6b8453d4c8af991ae9277461ff3af1b92fc985d3":"345b0cc016f2765a8c33fc24f1dcfa182cbe29d7eacbcdc9bcda988521458fc2":"6964b9b9842aec9c7ec2aad926d701f30eec76fe699265ae2a7765d716958069":"6a03c28a9365c558c33d3fdc7e5ebf0b4d32caac70df71403fd70ced09757528":"a58546c72a0b4d47c9bd6c19e7cf4ab73b2d7ba36c6c6dc08606f608795ebd29":"5b029ef68b6799868b04dc28dbea26bc2fa9fcc8c2b2795aafeed0127b7297fa19a4ef2ba60c42ff8259d5a759f92bd90fdfb27145e82d798bb3ab7fd60bfaefb7aefb116ca2a4fa8b01d96a03c47c8d987fdd33c460e560b138891278313bb619d0c3c6f9d7c5a37e88fce83e94943705c6ff68e00484e74ad4097b0c9e5f10" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"096349506f3a7653d54db7ec1d09e93413edd175b6ddbeb00e56752a520ac8fffc7983b918acadaa71a67e1624f1b5024260a0495fdaba58aae41df82505012d480c8e4f751fd7ebc39f9becd694b2a3":"":"":"":"":"f4c7bec0c26cf3892d214549ac6f3d82f34c6966d4295099ee56166e879a70ecae130251facda351e903d877b6c5eab5153ce87ba6c7cf8bcc61cbd14cfbe34cf1ed43678aee69cd87b60e6bcb6ff48ebd44ce9e31982d8fe20aec34fa51d625f845f61056575969bf785c2ffab4dcc754f13de63423e94bad8d5e166d96a62a602d3ee4045df162028b89cac45e6207d9097f2b3ac0ab17729251985f276f1287f5c56cc9ba1a79fbdbb291f3a945fbfdbd63cf13b82ec91f7b1085b33279e3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"aece2087b713992ff49d3bf404dcda18403e015632ac03735fed29102cfea6ec1b574952687c9bad0e9aedcfc1da568be632162a83c802ab94f32bbd87f6cf4af1f2703f4a02af7d60e22383a770b9ac":"":"":"":"":"c0344807d5e3ea29fef73afb2b83dfe0aae186047fab6b603d8608df49476be18bf1f0f4707198fefa18804404887ea3c598d887e938440e1fbb8ed0a1a330cff84d952cc6405b12e7bf51b0c67d5e4896006dedb44637e393a97925890fd5176252f69d43920043844a91d0840844d89b8715052cec31e257c121d3fc0ee807b84afabee59624a00703f464b0079f12884a6e888ae4959c5423604f8ae2e6b57f4428e10b680cb74cf20417380dd5378449a24ef95d9438b0fee386badee962" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c39e77d579755aacd454ab7ca6528596c397f28bcd5467cc7e0fb47f398e875da83892a840381c1bc03b7a223e92904a714dff45759124fa33464a97d7f0d7fd2d1c6c21663d31fe80abdad59458c228":"":"":"":"":"10f8ec63a550c31ecdaf2fb1b373f71f18d146ea033dd65cec2ec0b73b55bb6f3fbb7136dd045e09c4073247f093493cf26b6683bc9ebc98025f75fa405fb8deecbffeb0236a33f0ed6c7600d992ce5a268c86085adadf68047178ed89d93d739351f892723d8d6e4f428946e4e6dad1d640a9c11de23ce9b793324e31dfacfd367d86855a28cc544f88b8a91506753fa061cefcb9d77bccc15a23a84dba644089ee03db8374fee91dc23af6672159b0d2db219ffd07390b69879910b5c336a5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"d2e8a25249ac850fd3b01f62cd1eae3dd94d38e724f8e2644b7bb510c37f203890242b11be773beb202e9ee93899b60a00ebf08db1648c8750b14d7b784cdf0a6d4e7cdc816469cbdc3a08d6d32503b7":"":"":"":"":"019f74eeef674ef100ba4a1835bddeb925fe6fffa97113dc00d7d8c0ed486a73e831561ae44c5bd90e189fbe2bb1bfb84f3e82ec8809699ee8c2fad80b464b6b344999c364868300c1edb065ae86109dc29516f2bdfe2a046ebc8725044c382d93990f1cba185f61f71fd22fbd076d727de32a6c1d2f430bed491c9d09eb6ee669a1dc4f8048c7be199c7cbb5aa4f14d1423c8a54763869f5dee947f776ef2543ebb88d3004739089efd86b7b22327ae952747068b35d4b3d86cac1debce3e41" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"cffc6c44279e641856c39f14ed35440ea2f149c77459106f960caf910af21c109067c0f9445320adfc0aaf0c86120a38584747b4049588e5d93569fcecd358c51507bed59f96145bb8db6bfb4ade3a2e":"":"":"":"":"928d6d9f9128b0af64028d5d2e94414af9f8dddd353e4155f42a5d08f3e530930e01ec0dddf25d65de7f49de702791372c71fcaf5f20bdb24eb999752bfdfca28525b16308d46cefb0bc3b260490115778161db2faebbd687b940ba098e3d5be640565b81ed9d434b6861fbb4cf034ba77380562119aa3164dc53653d4e82ec84cf351c35b1b668343faf17f172eb4c0cc3999d7d24aaba58dedf11225336b5bd747825d2ae9100cf6da3276f26cec198e52edf9194162483aa4a45fa348d0cb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"3a1f0474c279548c086de9e12ed754c49a0322e6631f7f441c8024fea654bb6ce245c357b13ae94064d1b41c23e5e0496199e8ac9d535f8d95fcf85fdbd31eb33c20793f35075c412ba7213194a873fb":"":"":"":"":"954b58042d028abd00f7ce3d39fdb61e0cff6c40391ef8629e87101915771b8d0c7e24292751aab1219645743c6f54306866775e28b54818c759a6bf807c4982eddd4be5e22fe35a303cd503d122cc3fc5cffe50b03117457e2efc1fd91a9768964552116811b0e65856e8f8256681c722ea2652deaa2498025e84262a3fdd78bd33bc36c057e198327a33232ecd36501a0acf997d0149b4a833153b710b90c8722b232a574d22e7026a89a4d9cc3506cc9942705a162b34db9f49301a087dfe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e5f4fa500982bdf8b023788f9a5532482b29b12e8ae776111adaa617a958ce8977873caee6e82c5098ae77287bde1d8295b8aa125923dd7f8e05df78adc29898836be76df7c5aafba6493b211cbf8b94":"":"":"":"":"5b3fc1a7ea418debe79994bc0a8c86f487ed2f320c34293db950a1a026c239b8da6226d1dea509a0fe76f5a811c9391a622343324c293a0090587c10193a2961e358d1e71c269827e0d44e93d87984f47acf5b4751c8c066156da1c44662af4826cdfb5f7cf98b1f0200d3a0d7b99fea7f1b17dee7acfa5baee8f95ae4e0bc050bee2eeea7c09baa729e6e02ed19476ba3f8f5a8c1660de0353df8723efcd98f5fcaa56f6eda77f2d15c76d26989aa998c4afdc53ffcde47dafba8fe5818e8ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b9444339a8738df6cfe95b6dc28980d02799b2ec5c8dba9ca98fa8075621a04172b0c9e414ea33c8bc4b3beeb536161cdb9a2a516f3e87bcc9f92ebbf4ac1a900559756903b72c4c1b5f9082d8b341f5":"":"":"":"":"09465004f009ed378f440c10fb122a265f464d373e7f1a1719c713f6bf38d28fb5447c269c127a0c10081533a847c0e19f4b640be0b1edf84d95025d56679e5880922f29c942e7284296a9309b4fab1b5bd9957d470db28d3d36a3585fd37573e8e3355d03690241d6f7211d8c6b054a813ba25f9cda76202d3270bf12f66d2e5ba5a946c7d28dd22d55d34a30a040aa9782d1e494603143d436cbb0212fa0df6d1bbf4f19818b99a68d9cb062aaee8fa05636fc60a072ec6e5ef24566c6b96a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2aa822efa22d4cd65359107c46309033984b8e9c3ecb1b77078a09ad9ec746ef4f64b287bcc3064867b678f81ab209db3ee132a11f8c9246ce0a3d6deb3345f9b15e4cd048289991c64a21afc46ac98e":"":"":"":"":"7b79baf0126782bebf1794fb48633dc69ba88d63504d27a206d974854d446737da4ca1fc5bbc54368966b583dc441b105bb30b3be19f2778ed31564acf333b7c4cb1727480aa985afd80396866e10f6da31287cce07358d6308e56e3bbce8613bbf472aeaecb27e66305e34af593c8631508cf7d2c512df7c9b3ab04a4ede436b9d2e6919c03a525dceba10afbf6e8a641591d09e8a90543f1905b08537b8868337c774c20ed47df32d115a7f3306d808bb82d06bcbdc81042d0a16a3fc8d0b6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"a32ac0aaaee05d57cb3a626fd26854ef08a3ad42a3c688ec6a9f9b67bbff02f86df150db0de2e3612cf106d9f158fb570901e1efb12252666e7a680513cf22bc0172c4f8c0d8b2eecfa1d471c10c9ef8":"":"":"":"":"8271bd7aaa795b58d8f741bc207332335a68feb66ac9c3bfd5dac72f20807029f555c3bcac629d228c3a77d596d99c5d545a8dcdd0a2fb2a5eed5c3492618dab4f763ecd7c6580817c6a7acca42d81831bfc13f38ed56ed42055877c7f31dfad35a73eb2052f6f9183dfc89b5926680dc2aa85995d42a0c073c881f1ed332794a784553493bfd842225030e0056d76e52810236b17f6f067d1272372395ffe9c2df3145cc65ed2c6f2f121dfc6c1eb8fa6132b44ee0373c7c027af80383d4a7f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c586e0f5999f107281dd5c7ca1ff88d4617b4fd1bb61313895dd4bede875c27b5b0e6c5ba15e8725eba8fa009406aa3d8b8b66f13e07c8918c0f3f55262debfbedfc641329e1fcd6442c245626cfd206":"":"":"":"":"9d4f4f688406d8e57d96369553ee39267a9df9020d7fa78b39e1f246675b70a8080cac5aa6967e78c55071241e20a9446a82507a215a6c5faa3a2ea3c05c12905558d98a8eef90c8abffe6cf8b874c5ef057e365fdf179438de6a78b4dcc075b41aace875a5dd35a44f2d2b17d6ef6aa91f79354931c4d487142f7ac2120fd78caa6c7ff5298729de16c0e8285d73a3c6a95ada99f329dc9aa0924b0059a6585853296789b7e1129432baef4bbd2240a8ef7b19046fba104a85d43aee0ebf021" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"bcac6c2160455e7db38a9c94ebd329c1ac043b6ff607a9c76a86156974d30251b4f4b14e6cf01d407cb426ad61608d1599a6b7ba9402756bea2709cf3b162cbf040d0f5f38fc4584cb9cf4e6a7bb3984":"":"":"":"":"37d76ebbab0d4c8354086a5c5edd5aa6314a4770749d468b9e5d3454f2dbc9b25432f2d5d9f4b88bea7f9835edb22f8a7b09bd604703870abee1160369d0575bdd3847ee5fa93a9fe9aaaac0d436022f94d1b96655ab00feba1f40202425e51b084e372249fbc37f49410fc9d4d16173a9bc29181b62e342a8835f818d2647c45b6ce6c5b6f29add13d57e80513f767339575671bccdccdc9d093dbd72c91ba07d81c58ab5256b6744a94f0e75482e3848de891dabf384322d1419814cfe1590" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4b667d35a481779ad919956ca06e07366a974738c09a5685fa23b3fcc1a54260cd39d725a7f2661ea86a2d57cfcd2a91e08419476bdc5534df58c6c3b077d3acd27ace0472f91854c164de7f76a9b1ac":"":"":"":"":"c82e5e2fb08171c233670e9e5403b07c600be4e91ff5b57ae284c4d733139b56ece720e82d3f9ac185e37d0f44d5281224cb5f9d230dbdfcaf1756389fe752575a2764f6ae775d0a82f2eb1d901ab04b59b54b5fadb2acc9b9af3e829ef19571dc416752b1bb0935ea2f3ad69dc452285c2f08412b11794134ba3bda0a10425576e88ea7b069b74b436aca93fe9dd1dafc78da1227b13d70157f60c9bee644451f8765e4c8badddad6c779d6b42d4e8b5ba65269186b04c38db348ab5f7a4146" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c0db9453f84c2aa74bf93ef21b9e7802bb8995f6fa5e634cd4064ca2a0075319a969bad1345bb5432df63412807a646d2008394d83989cb4a506990f59f8da80e6b3a1df3fb8d726639d59cbaed1562f":"":"":"":"":"120bc268ca0d3f55d5aff5b360ca4d29a4b8ec5cb624f9674ef0a67b90bb70c238b94b2bf804fe74ca18f8364ff8b1e50b2315f8aa0c3fea663e93c80544284136de1d162e9078e9a074a50b493bcc7e0c83a0047199164a2d32133db57abb05b751a357abd3ad5298773be21c534f98645e94f0935afa53729462acbe55993b7d801bd6b0cbc8eeb5a1c5f0c0d690702f8de0a1a78dcca8862538201fafbefee55cd5be62afa8e5111c89f1f68d0f1760cecc86bf6675cb09b20e097bace037" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 0) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"31836d292cb46aad594171e76237a3422844f62fb14d0cdf63ba587e73501051c7cbb280d4b46412e10927c9523bed1beeb5163737db7f910e444e5d5221c5469655fda4ab7218e63e1451f461b4fc70":"":"":"":"":"1cf3b49f28b791e7c81706fb1a870f1af134a0fb0d2aacfcd6e446caf0a91c04dc160f080ebd5503fb7c16ad9229bf0a7bffcaad07329d5bde4576870758a4bffebb6b5c309114688db8e59a55413b4b37689df38d72bc5358291bbcc0b05af487a33934ce626efde918d0ed5f2deb75a17bd8912a31dccd783354477fa850520c3b97b56c6d2b9e4a05d49bc36e6683271f2322c9a546fca88c502187a5f4a2035bf5c527aa312f16c357c37162d722510b52ff8357490a096692572cfd8b0f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"a0c341ddf73d9404177a5fde32cbe21319c318f35cc9afca9ad41a3b06e13491e843cc6afdf2bcd00ce77ff06ce3d8a54772c46baf142e569ecd9131d6185af3575bb62a41cb646bdcae8a7a9fe60cc5":"":"b83491ec1bd89f3fc84acf1aad6fbeb8ef6ab949f41adc6d0dedc53722c171fe":"b76cec3d6300ecc4a02e810296c7e70bd9b4e7121fc5e971cbb94337980fddbd":"2a25cb0ecf913749ad46b585c76097739a14ca7b59f1f3ce4f79bc8a4afd1378":"98c01d4527fd131cc327e9632104d9eee10407cd73ab607228d37b9b72ca2c987aa794804d505d072561ccd5016bd4189ac9e3db9187822877dd533347b5d2071818bb7683312e1e8806e9b73b021777f7f878bb7d304ec58ce92e5e36d3d05a7383dc77f3fe6eb84b615f3f290bf8a43c34ef5478a30a6ad616157c9d7dd046aa66b522bcef61c9d19382c32425d38ed3fc049e73035af1e8b97388de22c4dcba0bdc09fd36ab7eb3f67659cbd92b8d7f6d74b56fc8daf17068c65fb016e29f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7817fe880c0a4224eaed0da5f3962727e4b3be567021d37d3b6d4cd779274378f1cdab91c4e7c1433dcdcd0afbe4b43c32a2b5ffc520ac3721bfd5352fed023d04439c176288521319b5e315b6e5e85a":"":"c7708c25003e6587fc8c8116c500d37299f5d5ffcad3405349351d4fed623874":"45f88f2df43c4b9c3d829b7cfe61904ddf658c16043271f01c5f06ad3ec7bc32":"883cfd717ad8466035e6d3f3c04813e21657ad62eeaca449785aeb0836ac94f8":"6e0633c532099ebf0b10d4ad35d78a48b82fbce37913e655484ae40e29772a25630a7ab37f1d0ecdce27773a2ce88521b171432c07c02269df1822d2b6cde0d9f768375d9c60e688f497fb7ae262cdd5f7e8b84b84411d619c36529b41576ac456a240ed94d750fa722db874098ef7200c74c3234a3e5f21fcbc2cb5d50c4297d1e70901b8936964ccd242098002f4c8ed7dbf49de8c2a924c737f248d46ac1469f676377ca52cba12f28d9b534504d6e8423b5404b7e14de954b4225bb53551" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f2bb6edec000982bfdb301d1d88a23ce840e496a4f595a662e4127571264f1d7e9e283c567f11e7e266459fa781c6fd95339015836ebd69aa42857010f44e8a72b81f501c96931fb491dc1192f6f6a27":"":"ecd5ea33146cb74a707eedb8df881eddb1797cbb7b16c16f8d741d23795774fc":"d410d6e2e848f2241ee45c9870064ac0217d97f59a8e80f6b5107ff0e4240bd0":"8a8c58fde3b8c9711757cb17e46587d0c5187f758d64478e9968604af0367136":"990b1f68152b3607f3011f8d04ea33a3e8fc479c8a6eaeb589133569048fe1284ab44d51bdcf4f0cd4c8d64f4c6337cdbe5f4f497ea90ee4204845bebca2ffde7831cf49892829322644c4e20a45a9885ff619bdf5e79ee53c26f47072e20a46d2b108d180d6ba5859a696f472bfaa80b2fcc7eda374a3f91ac0b06c9f13afac1af244a389cab4489d0ee04a0598f9c5168f39b40e7127dad9f20d69ede6cae7683b25ded1cf9d903541fb4b0a804d7c163ab068d22949f28a8f4e853e691e51" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"6968f5b87019b4cdafcc9f3a89321f25ef5d8d70fd0781c9e3bb01b3ada18c8b61d9142b639aa75f5f9d798ca538475d09b121048e8a0cc4b2286efa12fa8b4b959938261a1ec8e607526b7a27931191":"":"fbe6b8af6685422eeeafc32327a99104b45ca5602513aed0a5c6235328e8a7a5":"04f137391e27caffecd4413c775117feda27cad839aa900ff2af47c700034b08":"f185925cc180e556a0703a5956ab6d846121f9d9cff97f65bbed3bc44904cb5f":"c8bbe16192bda74ef89d9859b248ac658896bd40b5491c90e923cab6815ec3d2126c62410370f5f44e01fbf1d1653064aed835604d5fd0633c8b71cdde6c831cd91d69e420db83e6d5d82c26c47a11f2ede616a2885a884835cf2142a6ae4cabe989700125df12902374bcce04f3fd78f034e50398d9bcf463dde6796627820c75a7efee82fe4e16375af57ad3154973042e0a92110ef745f468377f6cbec5fa1a1470eac80408f8e96d37248b100ef8476c2a85cccdfca5696ffefeeecda9e0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e8e99ffcf08aad8e50386f5d079d79d3db783a74165c6126b42b3140f744a7c723541930c8c772adb62981dbef8d054ecdcf1c30228904bd7ba31798bfbbd64757aa251ac9a1ae8c20a050670feac59b":"":"546e04247d6cb5212a57b62f99e1cca767a5768cf79296f45f0db24732ba6368":"fd45f66c8dede41387373c38674605f3e075c9b7cfc66123a5478b8f8e3ab276":"39911a79c6edbbc805a50d2aa018742094177a8e216d647c64428c00169ab2d6":"871577ddf34b29e5caf132aa82e1d2f1586b76e39aab62acd02f6d4440908a772ac5f6fd48c5f55f1ebe0e76221ac46b834a8a4f5dd9958721ee053ba3aef1574ebd980a5da6a94693662717ee548af0f921421d1afb814e4d1799d351889d2a1bdd57570a913e428e6613b16e158c1cfed038f6578920d60db73dc10a40da9bc363a0206b4e7e49670eccea866efd9a05bc237042cf052f2a4140f9377e3c6792b88ea06323fcebb99c643fc1c3653758d6866cdb148837fb0fdf77de1564cf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c7774e199b5a8c0b306ca236163249044ec2153dc89bd1c1459cfd40cc6069fd1921837aaa80f4dff34a97b4dd7e94c0143efa24f34924fa52abb4275a63cae7048a7fbb8b76300fa8d109f9561f1699":"":"1f437f758512071bd23d091c2b1ad8d51b99acc663e1d037fc5421092cbb1a45":"c622ac1071b50e4f899e4760cfed476adc013b6ff95c9b7be671f79cd2487ba5":"f973f45f75fb0d68e0bc5a723a72e722e6c8f3fea08d785141c78786da5101c6":"9475c697af430e94ed396c707bb7d5ee5bff18405131a0e898ed38065abc28ebdc1dc33d767c4dab69c846e3350bb414ef2d43798710958a6ff3e6b55de93c2ac31793a1dd4b07379e364ce72553323b9bcaa8839cbbbd347b4a82010b78967219b84c6fe9f9285ff741a0036aba6bfa7dd0d5a4ffc1936341b0e2a31082123b6d2af6740cb3ff43bb4a87ee74ef7eb06030745453d2ec225c8f31d214f1dead0f29af01ebfe90d2f8a8bf5e031242ebfcbd136b3e3db1f63a46f69a26d6159f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"898963d0237c58e4b7b6e894ab271555407d3ae8c1c4599f5f5490ad5701984a6e5ddd58d311b547f6fd2d4d67addb4ca6b86839b83978baef72b8cfbdd0cf180518af0e32e52ad4a73db460af05e187":"":"cbe5f14445cd310aecc97113232a0121ed2082f2c4152b4be68448f36c91b1f4":"efe0ef028e4179ae10b378bcda3d96056ff21d94404bfe022b563cb6690ad563":"98cf6a771c05f904b53ff9b12709d20bc3f1821385cf27ace7a4a584e73866c2":"5682b6bd667b45dcf16527a817852b52a7f5d0fa8c962f3dd3af63e7e71990da92b75e9fcf5de59b1565f525a734e978ba74dd80fe89a2e527960ce4207b9ca514d933676ad93e6dff5d57314a45889637a623eb7832854c3897faa511ed6dd246d2b8280e7d0524647d4bf7715b5546e0a9a1dec246b1680adea2eecdc354fb3122654102cd0bf94ac9333caef3fdc369e7649653352739783d048e08e8d231b332fa1558745e2ce89dd76d1dc442a71dc3d5eb7d3481558941e261f989b097" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"426bfdd4ead656611ce49bfd9f213843c194bb6863534ebc258415148f457e6e685fcf539922aade348a2af678038610af676246632dd70920d661518d4dc5221381b2fbf1c2f3bfed01cbb930398095":"":"971785b18e244d03e25b9a80c2c2204f5bab6dcbcaec986342450eb9b376bb5e":"5de582cba43a610866578604c9f2a542831f41c277d50b324f4edf1e2e5d498b":"46e4c325d2c45e00a3c17ab35115b5370abbae61337eb2da4e6aa91f951f55e9":"f2e8be2e994b74a4945fedabb167778523865ed27826f9c26ca2b49bf32af1626ae62bfeaab13e9bc52a081f365062a5cdbed0872f6479cfec5a5e79171d97ea898e8d10ed71203882d1d7b7d28c5d59b8872985abc628e73622f616c4c0904ecb1e4518be8b4398662dff8806c3f43750cc9be95aaac2a4730f40323d63af157d13555d043c4d0d7cb53f202df282fdfc5544a234f71121e893814f4bfa926351c5e9427e90f1117a3bce7a16f0e08cd06c3d7c458f9d07ca3269e015733aa1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"ddfb3d1d93e977aecd08efbd71dd48168e67658d93596b742670ed7c8804bd3e730d34a80ca1fb4ad2471ee22461bbda670337d675a17721ac63c3793153830a26b1871b316a3e10e49c555f44719577":"":"390c53a5ec1db52996eb042f9a76e45f0bca76ef6ea31b4642f00658342e601d":"b5436e880c15f03c3bb846d90f3ee5fc5bf5393865a112a4317d724738f5dd25":"d193f932af858698ab086bda36d04dfdbfaf487fae4298b38fef97bccdf63f38":"bdf9e1ba1fbafdb8f4628098aefae4810ee7fd565d0d285ddc3840f8e24a9985c2de57edf5a511079ba6c952c95c626e296fd62f3579ad03db536238fe69158317c9c26d373816343505c60a48e07a00edff8fbfef0ce69ed176e5484d056af02a270bb6fce7bae0b223bfd98ad359d53b159f3295be3fd630a568d2363121c7021ec23b14693be48f5b55e06be3d729c2a80948194b1266da96317bc592362809409a7666d5c168125b99de26da741f17ca52d63685ee8d8260d45764fc78ea" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"457e49a71da81a2a08bb19b97ba8e62ae4b5ad4ae64daf758a83a75506f9251149b2bd7180f69b9217346f8165b7cd8f100e0b1066e2877f5e5da21b037c2bbf178611dae627d9beaee64a9d0186462a":"":"c3181f694695c21405588f600ac33871b519e2b8e3b876424b32753da483d6ec":"68e717410f99ae13712175e402b51058b7625b7da27224414b472f9622d163d5":"f2cf13d05e853a13ed47c5d0eeb9c0416688050342f0d345ac1bb21d5ae675fe":"fc23aad02870885394ca831b72201d76cf736f08f6132b12178e8e3b016fef8d3bbb849e5d935ab732054ca701154e7d3e87d1b51b7392ccfaa19c4ad28638c67bd149ff67a93c09ee1fa5c2ef7bf9d40844baae79169e52e9990c93f099e036b63b000fb8ea67a13167b045c8f9163045beabe0575fef00b89fd90390b0124961698f4ad8884a1e1faf576de7a179c03221402279b31c93136b9436f9a07b5a67b1c199e7c6cbd0b5f53ee5bd0ef845243077c6eda0e021ac9219f6db5ad503" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"79e96cc8e77d8fe72cd6c66becb52753cea28bf71680fa541f345b83be79973db4081201bf23c94d1828e9ca1e825ac18aedc5ceb87a4c1b0c333c88d97e0f12d61b338e5ace5e15f71283d31a1ea90f":"":"4304ccb2666b227c92e2b00659ce0b34dbb53451591e32914a60d6e6cbbbfdd6":"d6e74777c02252b0613357b9a582f4d8cd7e436daf1674a663561b62d8ee7143":"0de123897d5f090b52db88e4c0f9fe736ccf27c134b0f5eac61b200d15e07986":"55a369d136e2d903c179472eebfc45ae236994669c46cd318401bc662f38a1f714f78ac9f15c819d2bd876a7af51e6caecff3c650a3e661e5d137a354cb16aed5b1554545bde08c10baaa5bce22284083b43a6dd9941a37f1a18929ced61181c137e9e38c79d107465a5a12f2a2f37788c8e398ac48b2be944d6dd3562c05922c25569c26a1203fdd244920e6c268028dbcf6807c05bbf1559969981467a479d7117a91f210118c1159749a1dbce4d8a0d5f2f8232c5152cbaa6441865ac3a88" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b37180874dd4a7e08b1256966ed5845001b0773b5136956dca7194cd12a9d9e1f1dd35534f579307de11c1e64875e9377081de3095d83ced0ea3df2ee8d5be4daee545b431dc908bc10efc04db16ab4e":"":"d3c8aa88cc8d5b59af3685177cf3826cd675854deddcb9b501c40c4288cd9cdf":"6783f5bd86fe178e6a4d303342374ed32853925f143a5ad083c04a9c298feb99":"4774e5d062eda04b680d717f652d87bf5cf635f597287b76fc35e2d5ce593d08":"e478d45fd3eb6f4c398a0ec84f93ea6861f00666753c143506c5e417100077e2c4c9ece450d98c9372d68aeffe9e57ef9176d4084f9c6d02479b516942dd4792a90ffe1e4e49a8156bdd872f1f05facc06e71e581f919cd94fb97208515ba284fcd255ea6f1d1ebb7d351e1ceea1cdee631072d3fc3f4ef9d5fc57a9ca98c88b81003d858cb5be0a3520c34e52d3beeadf91388ec9a495b1fc7ff7a6799ab0af211abf52c15467274c04bd104df14033df000d8624acd253a6c954c0d89b7238" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2779f20c02d086d30d53dbd6e7396a35e677214650e39f2ae83077fad70c068005faef347e7f73efb53a92f0629e012c7e1246d07b4e1bea7008dd8ecc7546e3f0a6e0e950e083373fde3fd994e114a4":"":"55edb840b85b391d4f1940be52a3e3824119349c780811c570d2c88dbefcea16":"e83ef56f09f82af4dd91a0b887d3f182dccd973435b74b7b3c432b39a61fe720":"eb9f30f2886d0486c5240f43104e426b36aae0006c4b9c64dab1bb713bcef7e3":"68c3feda06172a191184e0bb77a8f3c9096048bf71ed95b20cba1b1726660900d7d9f97b7ac648c76b50b921c28eee3d401ba81c8a46fabf82301fda8ffe9d76bd93cb275638f7c2088cfde88620661eb844cf953cc141b31e946338a0203c8ae67c2af1330a53251818aebef893010f16a519fcf22060a9aa9c597f3409465cf3c9ccf753db8c0bd3b465b028adfc447e37b5129c17ae9e8bd01f762662c466491fe57384825c163ab8a26d67efdda01b053c19d3bc6545c3661f2ad1df1e33" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"71c9fb2eb8cca98860f955a8bb3669c70b6f5374256da23fcbc4ffc2e90bc0a043b8ecbf1cb0c7b65a2cb7a47211541f2675512138964d0db8074727158bfb4f0d3c093f1e2c2bf697a48c2ebd27153b":"":"13b1d552e2c8c84f66961ac8c919166a248bc62fb896cff0b8b001cd7e147bd7":"27d626121ef579d9969809762c77068e4573af44b6e947a2892337a11404c133":"456ea206c38662750af39aed5fe0a39760f4dac85b83d7ccbc335f53a160a0c9":"464aee8af42ae68ee776780113805cade246b83a698c34bf4c92e5d81f28829ecdb808884bc7d784397f2b2f8c76a2e3517b53bcdc7257f44ec9357d014af4e8ddb44df98da72775567356f363fb85885f8f22505e5b5a80c824b4a0bc48029e3419d3d2f161b1469cead730cb123ca8387a2c8276635a91d0dcb2220797ae2702468587ac3a70b927625f3a6e2980d6fae6fddf4b380ca0d91eb4aee37b98644bdeac345f49523a241ca392972da02d70364f9401c21fcf39eeaf414a09fdfe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 0, 256) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c9e54bcebbbdf44051e80b91cd10c87dc24267923350b6770406551a5069ea2255201f3f15bc3a2e4caaf0b45510f19db299a41db8d56ce993ade44323c455fb1a3f504124c35a9e907d9765e810c939":"":"2819b3ee279d57145ea1020ebc77c46031d69524a843158192e081f2ac91512b":"269ac853ccd332fef61330af7e80a33791ec44b6cbb83006e5ca0670597b35b1":"fdf031b1e0a8016bdf6a6ebb533dddaae1a3a5b14b9cf52a1a8028cc720b10c4":"a1c4c1d6e72dae5e4714bddf4a1cb8d01cff8a3973b12022011270c0de7ceb85ffb6a6aedfa54d0521ff33d748fdef8f29c52c7c414e692a30dfd0013776b58f58421605369c83d4d891a19c782a2d036f9638aba9e24b0eacdee87d4a8011699b638c287f0a12f11ede86a946be9c00d21a31584a2a0da536dcbf86e2df63be9a7b771999c9c7a6b748de713b7da757de2d731a8d980b75136b0fdc75ca7aef47cd36bb9370c5ca0ef81b9a04fdc78698720f68e5d54e1a777e557a1dfb4c22" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4d95f31b9606a5f6d04dff1d89b50becfd0882e6cf51c1c5d24ad843bc12d977eba4582c39d793a63eadb63f292568c7fc4270e6c9aec83186a20819a7d35e7f1155ea108794302d593c53ce9d25422b":"43bf6f32b3b5f580b54179e4102d063536e7c47681d6de3cfe88fd8ec66e4873":"":"":"":"e991d000b24ebdf838ba11f9849591b0029feff33604bc4d71acd94301f8d045eeb1f81f3a101a297403a35859113c099939638680d481c86067f54762892f82146f61cce7bc2c85d395348f3ea2aba6bb3e59dbcf8e41a81918b6cab304d44ea1e32573cd6936f38cdc11d3c2f96290cc27b0dfa3bbbafa9394acdf2f4435170b428563427c4b02ed25924226edf8d5a5eca4eec4aecf98ef2e6f75caa70bdd84877df2e637b7fad621c6170ca5bd86e21d0bb01cc90fe2e76353a9d5687bea" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"1378443dfec3c03d36b16bacc480edfcb1a4a509c17cf4b35787dae3bc91ade6c113a1e0df927a4449ff9e2f4f1cd9a27b07f57ccd6777f6d6bbfc9655f0676d7b4f91712efd43315be7c7f30e51da89":"f67cd35afbc96756499c68a5ea19991cd1ad4880fdc13afaa817608a141e9646":"":"":"":"b32d9838b3f45e3c4b3ede1181bf0aadab96d22790d8536f5913fe95c3ec0179dd1c7ae69430bc8c68f4f30105199b785a11adf7abec007d18abcee2e65df5a211adfda35fed8b9389a61d2fad33fe020119e72c782a316f17f8a588239567315bda461f5f4518a1aece4d0ae028c153d67a8d4ce620e571faa0403c56bcaa864822e4d8ae6d14feafefccbe879ce4baeca70d436218e0eb3a62bf15c018fd4cf66a50e3d9d7cc9e4744e29e9c945eabf03a6a2c4ca57e582b60914417da57f6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"69e9396c58ed867eb52fcd046504922e2e9a9b059234cdd3f0a09eee9fdfd45dedf5d3860b25115f8a3d0e2f3f543890a23a5aa278f836577956944a098d18f05900d1b076d30ea745be745b9efc0dcc":"1b6e1bb613d199a5e6f1b5c2ed041cf6f6633e2ef4d50ecad89b28102bf70554":"":"":"":"ee09f7b24cdc6b51a8212ca00613633c1a5f044fa921bec31baf679f5ba66bfd723721a03e0f260a44ad5cc4c580080667a781427a34c3d2fdfaceb4b040ee675491c4dd0c0d13abbe81336384806e37f2729e7fd080fd57011b54b664d58534c831c90d182d4d955676938d484087b0086d2bf2737a912afb66101575ca2bc5acf845f4970bb1ce4441eb667d5096319d6282714a8a9708ef9964cadf596ac3e7b1ba18fdec7e2e22f5e6352e825e965a494cb880aae78477aa3bcba9428107" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"d2f390fde0b50ea4afe6baf29a75e698fb0275c04c481df03910d238f4e72c6f63a6231df89123c2dbecfe0cb0313db34288f4143694ce2df2484d20884dbca097e35c3fd8ddee5273b53c1149bf5070":"2bc38d852d1ddee2e89b7174032d96c0b97f955e16bc61716c5c64248eb6232f":"":"":"":"e62346c72ef393a2904e982158992df4ccab03142c41d8d29c1454794926c48570eef34bd021d44cc9106401e9cbce6ddbb6c92257e89a787499d7f7a2dd527833307e02f44645ddbcb1303f1da95382c89805c76a2f12eb13d2b0205b7ec0ef21f596c98af608a2f2a2c5e3534e01a23ba25bd5fcba0481482e1ec8138fb1c86840060919d7620cb7b879d1096f64aecae1ea085a793a9f4dd665449ce73cb3036dd5f2a49138ce88c461a0a9e2f0c1fb8338f5eea53ab0a0ca8a8df9c315c4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"0cf86ffa1456c453b53305353ce43ad3ba44ebf4c6943cde8613cdc417ee9f6e759c0bf4676f1ebd05c519eb84dfcd3e379ce61016e48cccde24753878f7d8fd5da72518253b2f836f32e5b594d54ad6":"088c917f84679641f491aaf105eea0f02d0a8ae0b7add69645d1ef304c74b417":"":"":"":"79e71d9a974cb88d9022d35997032bb5fbf8f0daff411467217837a836aa44c493f868a333d1ebf66689895b53c9e01d58019dd1da2354fb966c88d2d6adbe66ac0b8901595a24dddba609478ec36e497f6fb6b4bcaa88b1e9a9c87088f66611446e8c2873e89ee1006b6d92d2eac54714fc6481e7782b38ed4b18d5f9714ae6a544110cb6063c8a9964c52a7026f52af448783c3427092e0339efd7d1a8522848a2faa8aa19c21363a537766c05505cb979269c73ee90679feaef8df13b6506" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7179c434bffa377d9b6821da9571667c8b962196f7d8aad062e75b6091a34a454e8f4d14a60fb5253ae373cf50edca93b8d2eb2075076ec8c7a42b7adbe7723a6ba8b51a55fadb16fc3a6fe9da020482":"bc1c39e646afc1bb62685b746007148494209a419b733e938c1a5d02e2350860":"":"":"":"3093a2e1f502d44d8be4f35b386774162f0e10870f9cd34e3b9d4e77c7ec7cd10cdfa0bf8228be96cb5741f069440a6b6f9ec155d88ba66b7fa84959c53d3574bf1cf9f1561006c776223b881dd396e9e9830af2c1b5f7457fc45e823b411c5c2ba3b11219aefe5508f75cbdb5e40edf6b1f61453541ac98dad9ed502bf1a8afa79604261c7a89e78cf2941d520e0c10bed18820da6c23a5ed1c0dffbb04cdcc9c3284d400644e9365c995d8c99eebf444f2cb051bb62f231301d31ea815c338" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b063333128a6ab4f433f151ae8aec4283ab6d1cbf4a69447850fa1a25930ec0f4204da52752a9bdc788c5cee6d8b92e1b8530dbe0c81b1d34037ee53f20758d5750d9863ed60c762ae2a8b4c973acc22":"067708b24df7a34811993d5c65d5348eea73e6c6680293afab5804b4328e7a96":"":"":"":"5f74a1d199f30fa22f2020baf036fc61b1cc2acaa80b48ddff1cf85fe5dd200a9afbd8bc51dd1829636fa335660f36d5d2a516e4c38e8ef0c3cad979e79e7e226b820634ef1d76ae81bc3e3807913eb0731b2e959c43afa83feb1d8da31dcdcb3dc3a4cf8f454c4ec41bbc822e58023f0d797c844bd8f20034b31d99579bff142cf53d2651d7a31b212d2b9d5705b048860d6c4e3f45ef1bf2d5e46433fec593b9f68be8b1e928ea04ddc4ce2fcecb737bb8f9d054c2ba5060fae5e5fc21a650" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"e23fa0c86c8a7b99ba0d3ec3ca47349a57798c07587b666cc4ae1c9eff83b8cbffb49d1910bf05db3c7d0db7e27285ae9f6b4411d84364b27a66398f5b0a897ee2085526d3ac4f65e70800067d57a51e":"7ffdef21683a75484f6ac304801c213dc8cb7e3cf0f94c358a2e1ccc9969e834":"":"":"":"f952956cb8c528efe2c831c67b69e8aa7e79c013161497b9c55415fd40c7fae778a6fa82109a40dd72fb2f4d92e1cbc47f52d055485c99d893fbea1cf28dab35be1f162494cb79ea45c44a63a1685217cd3733dcfa88bb6de65c68f2390e479c0fcc6b398dc5498ac93002e7e7f360535d082c8e46386611075665060845c4f8bdee38c23d2f90d2b1d78217e865ecfb6df02498db837fe581c43382cd1d3a508b6dc052ef7c4d20349679db8d8bf8dedd763da8e5df775d133970be062a9ced" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"4889013333cd1e2b3b8c4365bde690b66e06bcccbea25f04132a0962f13a7d458e823f5ec0ea091a07065593ca44fe49611602d165a35aacb352206844acdf41dc2c88b63b36912ae81875bfd3e098e3":"b4761d82a93e17d8a0a461ec8205932edf218157459a25a7f26ceddb59992192":"":"":"":"72aa3601986e6c970b8c2253118b8381264577e391e48bddff0cceeb5101975391a2c731f5611316b255c2a6c0554ed6cbf8acbbcd8609e3f99c3cec38aa060eedb863563442b7beb78f35221736c608a933aeb0d4a7cc050fbcca351cf780d42c5380284a6163520a80896ee7f71d2961d7629d673791f8fac10bd01d32d95e8efbd65381424c378bbf54b532a70c285d98bdbb559c9f37d6eae889b82d5006fba2892ae16acab103aff1b247711ef92dbc6e516c92e388fda4243808f95170" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"cc32ef3ea3b0db89c69312cad56b1ddea73ba4c302b85ff3c6605d1899a96f49909c6a54d98baf096ea5bd46abc2535309676d9d6bb9917271bf8c86c8852e29bf3ff5b2fe56ac094fa35dcc51547f62":"cb80942bfbcd8f112ed601cb12a5ca52cc0f280522db11da92ac6c76be3932fd":"":"":"":"2c972cfe1537bae42ecc46b1b41a691350f6e63c202245347e91602b93a4cbd5c8829e5a4f63f7ee0e29adb69386e8b659dca2e6000aa03beab132db6dada8dc35ab68433671cf621fe4593018b1eafd3a2191507fe015e2a5694fdfe2c3182fada71d18c5fdeed065089862249c5508f055ebeceb9fcfe5d16e4479dc17e2b59b5a0aa31cf21fc6b5925569b0ca63d1a5cd268a4d409f1039d902556236fb06e61c1c054ed3798cbe4d8c2a7b2d18206212591174cec9da519fb876c583a20f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"142bff9332c48103221359040cda6632baa92cfbd1ae7f8b3d0e33d6a8193939d9d20d17fdf6edd1b3ca9ff600fe965746b0ba1b61e9aa5141edb77ade0f191b87f0b33c0f3620801a755dca02698883":"8dbbcf0c190783122aa6da6e05ec9d82ee29f8e74e59f8fe6eb9492fe410df6a":"":"":"":"2537a8638d5759201cbc225e844208c1d08443b055fafe23329aed5eb2d814703b0fdbd0a89c2d62f8f4ea7746905b9bd90706b734060c96e4e406675576bae84317bf36d8523babab72236b71fc6087dfcfcbe765de13cd1ed316f495e3bd08d780cd6a58849c929ef24b41e9561868158046ffe8d2a89d169ba31331611f0872c6d075b9938e5170a3b8612f9ecff4743c0db5ae365fdc2678ec262eed3b7c337e65dd1ff24a867574ee460bec7c374fc6b3fe9b0eb7bd9f5507ec5988d313" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"821ed44bd793a4af223aebf52413ba5e0e231b2029b3d71475ac028d8c10f86d2382eb9c62bab540be847e22344704d339b798248d0bf2990c0621316e3c98ec07f05bba8887783adaebe8fcecc48fed":"8d2c8cdb2ddd6934271941f071ea47dfab869a5671dff9d424b916c1ccabb02d":"":"":"":"a5fcf13e4a6b9829ac30171920478a7878aeda658803f2e314f9ef8cf42c9c1933cbd8dfe5053abd30df644ca062070662f4b7e7851d28ff801cc4b878523b4610891abb29c095a70665de1199182fa193439665cb19cbdb00aaf3fd0fefaa2278194e79ebf652713a28c36f2cdb83f96c8eb1e85c9969381b52bc3444e8ad5d82c94964544b3e6649ae3f532d25a2e370e9fc8c77753239f130091c43720ffcd2bbcdb70a75223cfd9346091e8c056227f66648941552efaa5a0a369291e9ee" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"977bad4c5d1d16a2439863af8bb6fdbc206ad0bf20c4036c044645962c36e2e853f0d702a54b70421a509c25de124f27e330eba581fc82efca522e43956187c9ee4f58f971e4b91ed51cc8aeea26fdc3":"51cb91cb7ff1b39e18aacc0baad20443522bf869f26d9d7182005b5cb1d018de":"":"":"":"df4acafbe4f28ee47acc5134ef665a50deb68de9b3c7e075b26d5731049f13ffd00cda05f612f20fd901ff127277f269c069607442ed9f7b41892711a72b83ac592048bfb28ab2c64c6b9f5eb4427450f4475b1c04dd4665998b638d06fe8f463e2f07ff46073003132b66a5d4d19a65bd08230d1db0234fbd09a98864f8ca824e7a0ca9f1d1662027a60c7e95382122674d88224fb192cfc129952ed6515912aded9c72a49a39a00f9f9a16abbd361b20a12b5f3c4de54012aeb1b42f6fa3bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"3116ef07685eafff1c77f185fa840bb5627fb9a5d79f72f8007cdcdfbfefc56bb1769991d78e9e48fca4c97b01d720d1d3ea6fa6ffbe2569da94b6bb36cd34d72c37d0218b3d02c391e0653e286b24b8":"f138ca3ec867cb7ed7d5fdb0868d7470de5f802fdb941dc400ad524d9032e23a":"":"":"":"59f01ec06c97a49cc5de469cc2b39c28db7612029e0e24e3c2b24f92c0af2383bfb9a0dccbeefdaec4bbd2607dc582ee7eaae6a4ffab251404e3c59c95e5460ccc8d8dea4db73e924ccd7528708e1b6a9d62d485c93764686f93df6fb8a9ae86bbda1e038697b5485e27e0bac9a18126bff1e7b104401306cc424e783f55ebe9940176d7123ef58c9460e5fb8311f745fdccd39ce552547adccdcd853bfba87aeb87dfe8ae72080fb7b3e5c4718e743c9f576d7752e3db1fdb29f160bde115f3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 0) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f5ba27c487a40dfe342fe18e7f9c72bebc1ea229c7634cce87defd7aa11448e3f584d1769f3e76a017430e6e9bae6bb6c79170925e1156275311d86d4a03cfe3dfbf85f80bbd70ea98af76220833a0be":"34fd124aad5a10b852b2fe8481cd0ec46dc2d02ed9583f6e282a4c908e319024":"":"":"":"977fa5b70f4ca3c04b6f495de3bfdb4b8aef93bd14c82653e30a00a4678c602aa889766ab7caa434d9c15bd68bd14e66cdc609289a691dbcb391611be66c2056f8e675de5db9b2e2f15e5a330d00a8886eb8b8eed4076306d443ca292d783fb056186aa86e1dc9f18a113e015e535dffea954319cd26e5572f4173766207ed7d9b8b2c42a741340c1850a07139c0b358cab942bec51b159e50f5aa9d8fbe7ca9d1d2127a98fbf0f8c3094bea4e3039f7f7ab083fc9d050e29e7d4cc2d3d44caf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"c4868db5c46fde0a10008838b5be62c349209fded42fab461b01e11723c8242a618faba54acba1e0afd4b27cbd731ed9d30016b5827dc2bfe4034c6654d69775fe98432b19e3da373213d939d391f54a":"135132cf2b8a57554bdc13c68e90dc434353e4f65a4d5ca07c3e0a13c62e7265":"a0bbd02f6aa71a06d1642ca2cc7cdc5e8857e431b176bcf1ecd20f041467bd2d":"93ee30a9e7a0e244aa91da62f2215c7233bdfc415740d2770780cbbad61b9ba2":"36d922cacca00ae89db8f0c1cae5a47d2de8e61ae09357ca431c28a07907fce1":"2aac4cebed080c68ef0dcff348506eca568180f7370c020deda1a4c9050ce94d4db90fd827165846d6dd6cb2031eec1634b0e7f3e0e89504e34d248e23a8fb31cd32ff39a486946b2940f54c968f96cfc508cd871c84e68458ca7dccabc6dcfb1e9fbef9a47caae14c5239c28686e0fc0942b0c847c9d8d987970c1c5f5f06eaa8385575dacb1e925c0ed85e13edbb9922083f9bbbb79405411ff5dfe70615685df1f1e49867d0b6ed69afe8ac5e76ffab6ff3d71b4dae998faf8c7d5bc6ae4d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"46c82cb81de474ae02cccfac1555d06e5dc44b6ef526e0e28356ffc8bc6c0fd0628d4d942834b94fc977609c8ec0a6392c0693130c6215d55e37da43d67def719051e99871db68128e245217d2aa3230":"5de51e3f49951bab36460724a63f046e75f6f610be7405f55016c93a59f1890a":"5dbb13f5b4eb275cb757513e6b8af6fefd7c9c9e0f5304fdd9b4c0968458f22b":"3ebceff3232e75c6beb79d97c78e93244a257f0772f82e234518c50e322630eb":"dc64e5a1fc7b32f0294db138dc131946e5602266f4cdf00037ffe513a44ff83c":"e3480544036a3684a88e23ff41a4bbd810f827021ca45e800aaaa36ed0b9bffcbbcc99a1ef1f1528b4bfe39514c7a390ba132d1681138c4b1b9f1a0fa1758837dde35d0f6c38683ba47a904937dc5ee3d3b75f909e5fb6311c6cda5e1121edc774e66092aa1dbde83e4680ff95c0bbc2946aa4d46770f247caa7b71bdefac9641ee99700fbd1e560f9f7fbd462ede64e009ced90c44c6ff03b890e16c79c7b8c959a27defa6f062168891977c637ec22ecfe20601d499443f1fb0ecc7d9505b7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"df8053def0260ae71f67e197ae8b547a228e9b67ba7909fc1cb3adca51058b15f6d5951f0b60c972d139b75dc44a3680127a84799fd7672e429f20876c175d135e5f894edc7a4da334eb8b73a334be61":"26890036a9b17d8e805c38568630e1c196091faad546ba8eb976f3aa031a8905":"40ea6bebb0cb94b7e527787e17ef9f7d3efb889fc1e47e49893ac5c4bba988c2":"090271c307b43b951c20ad3f081d2838df0936a4bbdc5eb6f2e16b1db482b1ac":"c203cc1a3af668e45653bab6b1aa39ba0669491a06d00cd39c97b777a8bfd4d7":"0d68d903c85c0172419dc9f782c5d67a0b3367d13cb2f734fed95c7fc082291edbf4fa83354c6588227e40bbff082be2dd276c264823a8f31ba18b00955d7a1fd612a2f37d824bc82cdec972d3f8384dfc78b51dca61e815766c877ef3d2113704c805a250aee7b55b849af048feb3536fe73ec4f0bee97006881d5eed8ea38ba1b8d16a3bcd91fda749b77d688997bff09f104a2d8cd8e133ea4aa764b237787358dadae1c25092cfe09f79efeb8eb6e20c39cafdceed90e602f221fe6b1d69" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b1a1b468e1d59716a23fb028e295588f17be6a79e589027237681fe9ce354860b1cc33918a64c8be171e595ee6a3b1ef46c2ef21df2815528482ab4c7a32449b97ac75a51dfa1c7e67a763f17e97bcd6":"77e5a3eb6ab38419f84b57997627c6bea79703c95bc1cd24ea73eba2edbed540":"52aa0be951816d21a2ede89f53913f6d5d70cc580a1cda8a49f8e49a6befa909":"5bd8e4ac61bdfe752b5a66cf2e048e812a8aeae8e20c3c8c43f31180e4b18303":"af5eab21e4dd9443b1b16f40413faebdb0e086991dd3c53c8a51bc434348311b":"d477404bcaf0ed53788354705f0fa9f46c4e2bef2cd94932b614b3c34e0b0c7c28d7483075c9745bfbd4e31e587fb1db77d557fcdfd3fea47da3f01e42635ed3fd87cf6c98a2f20aa833a1bb74a15b158e47841cebe53e4d5d8c85cae78ade156e025a7737aa9197b122e73a29ce0a881c7adc8ec228f4c14e56c722acb0165b1595f010266151801812c031efcee4a7739876777816af8baf4d29496912a012f1f33c07107b2db5ebd681722dfd76f3a58e9d7426e7fa75e326eaa416c5d820" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"098b8c107fbf943bcdd2199dfd15f130a20d518e95dc81988748e1f0ecc5c45f74622ca2940807df86fb05f0aab4727525f19d1d3bda1f70825f3e1fcb18d29e8e410616c105fda9324f4617af39f021":"220bbf23394c3cef156f683d05739b76f37538a0d360600bd52f0076425b5f5f":"af88f076ab39db1dd0e7002bae187965cd144382a3d1ca7b1ecd65d346f7c090":"bab9d09dce5073d11fcdf9539501dc998b6fffa8a0716edcf583a7d7385ff41c":"caf8d4e10513e5ceacad6f9f145a6f79e5c245aed4965ae85e2e7c5914f97510":"f556494b3849d78b06ae75571f0b9c8c108885fcb041dbd7892bf639d8ff6c82e19e8ce2d5aeb58e8b964ce4f75976a0a9c7f3ec8373b83150b88d6c58ff9b810124d4ac62d955aa64d194afef2f77de6994642ec86cee40aa7a5591e99a63edbd8bbdb22fc3c2506beee6d507fe34fdb4d4f525dcbe30b5747ff920a13f9e230899ffffbc5615e994ee96a1bfd8890cf607379be1a39d173662d0967c9dfea33b14d78cc8818c2a1956197f85e92bc11133ac4f7657f2db20eceecae8ca636a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"f54e9df92752d30eec01c3756d569bdb39abcdedab80b0aacac76ab406723f480bb359a5fc6c7aeebb6719ab44114a75afd340af202be3ca30e4de794b826237105202dcff5d1291cdaf266673275825":"b69f77d5a08850a13f8e6d06847c4bec181ac0f6b720be3c06c0b67d44843c6e":"40f14c3340e7092b898758ea3c36750943acac7fbb6a83f0df3392f7936749cb":"5bcfb0786c447675032d2a32b304f25737de59cd07c84d3875c45475b15797d4":"656ab204e2c1834f346d89c37a30164db414827d83ca732c71ec71efa8182c28":"6eb8f276a8ff516f789d94d997f33c2e40b227776fae0681c83fde659462b72d37cd48c95899530ca072bf2470986ef29dfb193be7ee9ab3f8cde2317c9bf02a5f901ccb62bb665bc3a109eab7e3910888a522c765eb49b11d1ad0fbcc45abe3841e9bb4fc0e73188497cffba54f3ff82260767d0f70ea1668f45192e6719102e75aa5cc43084c50bdbd1ba491bb61ee9e5175092c1f50d56bfb68977a567e41c1e05d2d1523c198ded737079131fb12dcf847219d71fbedb5659411d7aff2bc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2cc330b34c976c859936c21e2ad88bb60ff153e41131567f58ad34bff5c9cb418939fed56356af7fe215986a5d0ed8e9a078dcb1d3fcee6b99714eea3bfcefb37a344a69d414965539ddce9df239be2f":"bf531083f35066ebfaeabd67b82d392ef6b121e7d9603a5407c5bc74cd596023":"51f223dc461ac2df1c4877f65ca876d635d50939fa9dd586c176d8ab73c6d605":"ff9d6807d71ded1305d9e2cdc811dac2d73746b001b53ec8a5509c4ce0a07efa":"f5222c8966659974dd8a7244d2cee588b6c9a2700f338683fff9ccc45b6d3807":"981abda0e405c976435ec7f938570d911e5bbb32add52a8b94e528486e9dafae139eb15cc2b56fedfb9e4b2d10dbcaa5e6ab985be16c62b9b75a037684986843a7a0e3baabc34859253df2a053dcb0352a0554fd2d4530de0251b1b852d1d3b6e08548e215902ec8dc46ee89f3fc262c7a35aef8216b3def65bd56f0482a18a329f96863afd951307740fd8653d333f932940e2a87523afbc162c5c1d2bbe16f33a4b0ee0ec75bcfa6aee6d8348265938738be638f78506ab731d3e9ab345551" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"b4e5aad9bf4fb03ded64e4bf40ecc6fe2214049bd5889a5aeea0bf47be8670d329e6ed04538dd6d207767c367406d482ba7ad29231fd944f00b8d9b762935b93819ec62e0ccfd48f619ac40c9c208304":"67826d2bf9651404d5df4db84ea64dcab10697ecb90c68041f421452109af3c3":"67d6983465facf33369eebe0be12dc65fe736969e8f41478e44ec25d461e4435":"65f97c99140c8c9ba2ce37710b06f822cc0eaa03589157a3b575bc9c423afc3f":"19c37886d613d24b0592ea0b3a465ec8f8a9229abde3fb5e0122032e1ac8dfc5":"05777487bc152260a852e1b31a091f8e929ed22d8a652a77e4391abce7efcf0570df3d466d56dc51ef14bbc55309c6831655ba97c6050e563083fd1f2fe65b43d0cf8762ef6598d967b473b68c4143287f70d096a6ea120e3c07f2a95b80b393ffeafac2d0309d349bff017a49b9ea547a5776b5c38b9e981ed0a4825853cafcdf0f17269b9df6189fabc30388a383e3c28949625ef3d59a2c371ef416ace8658adc0e0b0104f1acd4b349b91b660d64412168d3c9e29680a5e324e4d0ab9258" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"27ae2120824f3d416bbea1f987440c507a4f01fed08a1be27e6ec16390c92c4f8dab04203543caa3981373fb991d855340c29baf439f23bfb599a5eeb95ec2059af24dd86c0825957ea8392ce3d980f1":"cd646b0d1971f249f4c4d1eaa17e60c311d813057e0b71819a503aa41e5c6b21":"90ee2d0bf06cb94190e6505a75d12dd77c266497dc99c5f89bde60be6789099e":"7d82b50cdfaab9b5d23fb6618b59dd28cf1a83c77ff2993d9f1edb87ed7bc388":"f7f728d8ef6af8c5e77cef1e837030a6aa5c12bc81423b0ecb07a2db95a32a28":"4b25aaf436eb600a103d3fae8e301d2755132b3de3c8b4c442129a88ebb3ab20c4d3a54078ecc4197994ff04bf0e460919978d47e45c7d10d76a1e63ae34624e2f64125ae1bef304efb1af688f20d8e212f6df4e11243a49177e4b6456010d784d0e4a94e75371a75c4050b27e48359549f8268dd2a2290ebde22282d96b2f38e3f06103dafae5f54f0019bfb013df39a76482ec7f878d26ef0e34c9c21e67fbcc3412aa0739e875da0e9ea1340592144eb232385fc7e605ecd10fee45524718" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"dbd5f508e8226acb957bbc4914ab13810b9b5b2b51a1b55cd4ac60f6b6d4c370963448fd323968c27d97e005b1a079c9e3ba151887006c56593eca7809b23cb768f5b3701b456bdc85fb5672a81db2d9":"0cda5d501072cf482d3c56c49a3c929b423f6e15a3e835888b3a9873647ffddc":"d3f38ca5c0bbcef46976c6a5965a8493f714aa2c8a2c817576cbc0bd6652beb0":"20014421f9af259892f017dd5392cc973f103d4736f3866e66329e5e7704e0f8":"686aba6c9c6c221b2b4a7de766963e4d9880676e7e6ac8e644dd273fcee519bc":"b720c7c56e10c9e436036fa8e1f1d1c0c0b7246c28bd36e5f3e88f988684b95a01127bc64cbcf12b9689f718baa52042b0837fea791391ee2ae42e54acc571239e5b654486a025ac25f46f10280ecdc65ed098e65e07dc3870b17af8bfd58edba026dc12b4ff04830ef132d07dcd7c62f67172caf2620a204869a81e39809db7befa25c5ed8a74b6d306c21cfd3778180d444bd99314a430ff4ef6b7061832df9b82603d6a0f646b398e7dcd8bb33a7926bdfa085a450d3de68c1e8cb2ee4524" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7093224d6bcf0915eb75360ab4bb789c15834a371baa24deeceb33f86e8bfb46f4e34325ddcbee671f9e45f7887c1481238993ec4a309e10d3f8e3952c840d564644062534f985a6b4e38688d2c800a3":"e7cf1f32ba369cf5545ee672cd6746ea9a336de7039ecbb25419259eabdfa44c":"bb186a460387baae27c11aa8c65d6ee003577eac47b259254a933f82ac683250":"d823535ed974b7ff9f19dc38b9494aa99f88143e3383b5a183ec00c925bdfedf":"56548af797f4a07ec42273f895822d877a311bf1f8dd5c96fd8449732a13a921":"159c6923fb71f9670db4eef12dadd143ee701bec9b0f76b56e9b1b8c473eecc3e38cf06c8f3b0c3d49580e49caeac0fd48da5f53d0d3e9c829c253fac4e4f09730177a63e0e759f043169e91459c9cf959d2230c7b94be168cf4fa02588d78aefbc855d55e444d671a69d274c66ad1851c56c0d880416bcbad08523cefa2fb384dd0f9f188e8a601ce0a92d42faaed0a299d6a9c86958854712427b35e73a0817193b50f3557e66d64ad80fa9ff87427b7de5b7e6312d1d9988ba77be90d4cca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"ea96f8787458e505f5858e31bb85b6e335206f6d6d04bd9d333029193bd2a04e5f85ad152675ecc090119aff7720739bdbe34551ebbef10e822cd29e9ade1488c21fd9e798369d585d6f58168d509d94":"ba45df1a14e23361201a467d2cfb7a3dce3128069a8a59a9a388b8e31c48efb4":"d551272e5a60aa1232fcb4765e853de2ccec08941acc75188eca37120fa49aac":"c1b34347691ae9f1bf6be396e8b49aaedb38307526627399fc10c48748c3a7bc":"722c0efa445262f5800abf75e43d9daa44e3dcee7a7528f7313ee52fca9f1803":"e2f873758c4e71704d8545dd1eab51206ac11dfdb00dfd1ec9e53bdc7f6b57f5209727049d4d781059b0bc4b6091c9bdee947127b8c8f03f1ee5f3665720a4f6c6777682ef1937719052254aeb97e3a17b6b552bcbc9154551a7ed41d837a27b6c37b426508409b75236cc156dad89d896f25c54467fd45f9698a11c7ce01bfb1fe171e4d33faf73a30c8992c51a838e9c0537354371bf79146a79a6d42d4e987b9773377fbf384979690b2c04c332f22567fb0921c3e33088d3b011921fca6a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"92ac19b133398b7d8ddfba3c6046421b3618923241097b8f68b6c7430b6d232ae9ad8f864f358afa7cac72bbc4fd90f16ebc9c15913c11094bf7aaa510e6241face016a99ca08de6525a570bd1741dc7":"0517ea7410bde64edcc70df48f3c87f578b38b8c7087def16031e52760037df0":"439c97f62d6b7aadac64057c0003a41a44ee549f60afa92797ee7c9aebfc8164":"669d42f9901e029bce7584bbd22a13a74e6f6ba50441a2633773bf5ac745122a":"8bf3c1a08b2d8459df96d6abfa90725f1a735809da78bf99f7fded0230771804":"3b832a7f1df591bba571bf7662914b0e5a3b34d38228e377e4e7dcb4b9cb396ac268d71fbfd2e1a5cff4429feba36f55c7e45cdac49a5fc8a787292011c61f4f102bb9a5d9c8fe1cf047956f21c74987d80968d2e4cfa29bd92a35cb96dd372d9baaed8d31ba3462b42084dc1841a4042311abfe4b3358f56c9e0c69e233638d3be56d0d269cf110d5200759eceb63fdf3b0ad25937857d129b68f038fc73a842046cc7c45292d6ec3766aafbc22f1491774624751f2c50fee830e24a34a27b5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"7a346bd6d853803d07844ca348f3c4837fce3e3a727f712223da248cd82db6ed4a9710cd8b9f2e7b593cca42da7b1a1285a78d0c764b24c3e4b21d25919c5400b4adaf0684c787326c19010728bc6f94":"3e8de39ab206ed166b203c97103059e6a9317d47f7a76bf4511829cc2e27a4cc":"327976aef239b20833d36b7f352e8e6570f8f325b568975a661b54b8ada49128":"9419cdf1c59abc03013d7d443c734aff57a6d97c870a03762c50b459d38f5e09":"f2c9c49c76bd683d42dd9de9d45a97b78710f39f2ee482e877e3b0844647f9e1":"24a83991f9455a0410213cc138696cf4eece7b2caca0a627c6ce023b7f912c115768ab8aad0fb10e35591d370e0372fe020823365b5bbe713417bc2f050cbf86fd626caf91323271eeebd5f2aae36fd0aced63779565604ef2653a0770fe4e42649eceb6089bb7662ca3d744fe178f5ac5bc20ce7a90325497f55ffd9b25c59a6b82f07553c080f0c45fed23ce47d972605a2f603b72d09d608548a04031dd2bbae9ff898201e4460479548d70b176e917ff3e3683e49f3330cfa77a25cc48fe" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-384, 256, 256) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_nopr:MBEDTLS_MD_SHA384:"2d8fb8796d8a1764f8c824c55b880c53d2205559afbdf1cecda3dc2d05bf001e6252076dac013c7094ae72ca80cafce2cab30a160ce49dbd646710bc429c163231d73fe0e121f8cef8c02f70598fa853":"feea8ae0b299d5f79315383d938bcf9b536d11e036b28056bcbbc7fcede21cfc":"1a0fc47fa95cdafd2036eb5314e0f56266e58abb0f03b5e679638945b1fbcd58":"30707f376333df203eafba7fc52b40d8f1d97521a71d579c8b8457ac1328cacc":"f179c19e45c4a4f3cad8b545d116ca29e45f322580b7fc9715313be53f047658":"eaf7523b910b653a305f9122363d96e17fd22ccb9b6158cc42aceea40c34eac73e496827dd5fe4312f102ba6aa7aee934d1f41609bf3e14c29aa3aca210e3cabe70744a09f4c180f3d1ddf8be0b530403c5238761226f2c2c7ae29b24439afd65d6d5a0aa8daa11abce36df02ce61d352ab08965122e16708731d72a9fb5de071c20c6cb039273498ff1588c901d997151edbbd41870031ee337b38233edfd78aab389fae2bd280e4bc85d1bd6655269c3359753b17fdac502c3a2e871149fbf" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-512, 0, 0) #0 diff --git a/tests/suites/test_suite_hmac_drbg.pr.data b/tests/suites/test_suite_hmac_drbg.pr.data index c5a62c9a55..8bd5e4f4a6 100644 --- a/tests/suites/test_suite_hmac_drbg.pr.data +++ b/tests/suites/test_suite_hmac_drbg.pr.data @@ -719,243 +719,243 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_pr:MBEDTLS_MD_SHA256:"ef9292f4a7a67ac4d4eba48936391bb45f8810c2ab02ba424cc8e4add53d1c514611e3233cd8cc8f6d69494dc336cbe1cbc67c17520af442933a235c6aa6b8f98128c66fcdd77843ae32e06b7a31689c9a6a3c540a19081bcbe850278d50adfac3638ec8cf85148a0547d28d0a7025db":"f4a8721a2a873f8fe94e4b3e137e866c79212f9c14f89be156c47a5fbb9aaecb":"b38a6628647a02c0de5b7acb939d0d1896c9c730106c8667d810bd4866ebaee4":"366370899b2a0d6f049e7d820061599a675cba5d3bc82ad747fa731bead8efb3":"1947d468ae4fa4da7f45cfaf32d62a4369796e532f1b03b1495587e6bb95d8330f5b7c962a9b0a2b715d9def79194741870e5c47d15a7308843e10616b891fc9e5cab7db901e0f1efbe1217dd627c71b54c98cec0fe1b25a84caa56f0bde247a9d9183587742a38825234b6b6cc808afde36ef5e17bcdb2c72c7645949289369" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"51ec4987ddacbcf6348e4a891fa571c6e3aec02879eb0181a121a4846344a687cdff9798761875320256e5a59bc94663faab8864cc0bb1e64343c0b978fcc0d6e84d0d17c1c1f4093fac3b4c01837c6b37d189d7608f0c335eb38fe1f43573e0c525093f60ef618bab297b8a4d9d8c16":"":"":"":"ade04730059471b1829bec8dfbb0ec708be7b4e77d688ce7cfba9ddde059a52f969407291440aa79492f827fe1a2f6568989fd36b4fd84e6699152536bff15388af319fb306f07de4309eb92ba3da5f7007948335993698d398bac42029912bec6ba39226c2bf238733b5081aa0a2ca392a719385184be619d9ca56771d8e3716a46cfb339f93ff48abe406ef788db2ada45ab5fcb7f689bd801a5ccad855b52cd4bf1d6e338f2c3eac94ce9fdd0dd06632d01ded3753e87957e8569a67eccad" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"f8dfa70524d46f3545db3c687fe85a8ea35e32eda470b4e14b8b12f4e9c6bbf6c08efa9ae1df90ae6f14b895c342ae07b5e8d563199a141c34e709c6e743260b573f88186f40f800c4c0ec9f9fbeba49f103bfa2d62d7ed8fc9ff88cb1ddc5d4ca4d074e0053c069393d70a5b3f1df3e":"":"":"":"05f4e609b085d28958f5702eb7b99f2e0c7a80f095907abd5b7329628aa6dce2e2f8bdb7a2992261ea414e6434dc98162d02c51936542218a31c6072ed55c9ed83c79698de7ffd3835d5e4d0f3a0c2a70bef2b6c602d1e0cc814c71b2fb1a001fb83a0e2befdec7e4749629693629ea2397b299cdf491415dda446817dd7d28da431f95162de83d917f9e9325774e2f7ef02fe8067cf4bac47e2f61ba235b532af3aa95a6517e9f1286e065ccf9b3eefa6cab4c940c83ee9a11da55ee21c8d06" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"7ab7da47ff7a95ebf2367de0a25c7885d80931447d2f5cc73ae7f66844910e481e05f53ca993b0266b7cde89960d681a3d3c568d9a6e35347cf52d2e0ff7ad1142983fd7d2c848674315ed3e009adb7154fde1f2d90019cac210dbfc06279d48fc7c2e900652b5cb638c1260acd896ea":"":"":"":"f00714df243103f54b4c0c516a7a631431dbefdecc30c09e8e834f09882100c1d0276273568cc6352c3028c156371389078236afe57d00edaa226262f1a7f6e0011ba48d4b8f089cd257b6b7cfe80ca2bbeee99635c277254546d4adbf046935791be21c48a7882ef6cb81f7bccdfcf9bc430d21cef1d788d4f4df6bd6ef5bcbf48e35f116d482d880f597bcbcfbbf68bc77f591bd7346d7a1085fbc1c2707c17bb288ce6bfb0a78a54731421762f18142975b8b3b79dec0d852dca80f1638b3" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"40e83cb1fbbefb44426350916b0995fb6a1c5394f2fd625774459548cfab27f2f92e2e889d3deeb33dfd6c40f610b71b70387af8d70768c52b36bb2a59f3ad9a16be98c726c2d65af457b2f7d81c75fae82523c977cbdf6138b1cbe5a9b3ad402ba197a3009dba459d3f534ea143e5dc":"":"":"":"52cfd4a4741b6575578a1b7aab91a366341cfd483799ca08b851bb0dc2f2bf640e90c1406fd09fbf9166bd55d46aaaef38e0449b7187d019e68a3b98a7dd9cdac63ae9c966db4d901d37cc147835d017915902621216bc1835d70dc2101ae50e0541f796bd6bca2e53260ba3353e6aa4eee56f80aa329173e347d83d050ddeb465d8e1aa5450e6e7eb515a92fbcdfd8530f04fae3d1a41b13151a4827f0634d6e80424c1e934ce0e2077f5f31fd177e9a42acfcaa67d4043fd31a8ec72a39e6b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"39927d4fd0c3eba2044002e65b60d3994c3aad0c705bce2e9e41aca30a7c2f03e7b4968d8e729e868f5fd57b49a4b862b0bd169a4e2d77bd59745e778ca6fd762901ae3c0fcc48a0d6ee22bc8520ec450630055b3b66bdd2dde9f5215d241fa266d24342b50d42e2db5436a478c7ebaf":"":"":"":"96194dd1b6ac5efb3d4787bd1fb4c9cc32c29b67ee34369a7aad9a56f64f53526e9207c1d4c541c6e0df4960c54e10168284891841fe554adaa5012f325b3aea79fa4db8c36e67a0f914d9ab361d8ba0b3d6ca4904103f14a30a90dd6fd7c3f679c272dee7f01110f7229f4f5b6ed152a0149dc5a7185bf637d10899bca417cba8f919a2800d8a72d5575f0c174f98f77a1afad850334204e66156eff4572a6703aab50b850a8df498d1d96b1e2bc1ac34aa4399f3b13e97b4989539ca78e97a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"ad10dbbedf980a0c33576f7606e14785b2a903788b9b7cb4c29cf74a8bbec877999ca28c36c835b60680bab9005d8e4f341b97213fdb6a52e783d19850906cb643bcf48c291cd186ebcbf0a287e459d1795e29ffb0c7c84b0f6dfbe219b4f85d9fb893c0cf9134263a9e6a36c76d02a9":"":"":"":"5db269714c4ab774c2eb14eb95e9b60c6ccaa6e90f9f879e295cc007069dd231894cd8fe0c09bf748e26940160cd0cad75dd2e305ed1f2527ba857c42c3d0662d25cbbcfe342910498ced309cda1894a1186ab935fb614646d299ca56f86defdd0a0f52baee1b9b9be05df85a05c225475a7ce1cc58ebc488a4f57fd1f983881754dcfe3bd78cac529e9945c89383e331f0177e721644b3a8d82deef548d161e085cff59645a345cf7af3f3582bed5b81c7de7a6a216403bb88804f7d16ceec9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"e9506dd05bac4750f5d5b43e0663ecba6444455ab6f662802897a493ca11ff05f76045b621004f4a88fc6b1ba859ae795e4846f17c3b1c127a8ef16d32381e27eeca77ec062a8a8f811f5dd7f90737147f5fca2b7cc89009b0350292b88d1de5de94e1e82bd5f7bf2e06882a925977ce":"":"":"":"abc3d68bb9b0d29655ee2057a60e59fb84afbaf9c75ac5d146a9856384022e4873a6abb963d8795ded5ce33f8df9275f8ae4c3da0037973487348645415ed51458529bd7c4996128c943ddfa21484521fc645723802318ffd5191e957ec453a8e922d48b1e83681c1463a03c34175a5d610f8f3709b3044f45084f901704547e301f9807a7d92036e08a3eef791f67659816fcb28922b9b52e2a4a2e81cb848f9ae579cba346b0507e91f26b70d199acb6da5d3544b8caea762f6f30178636d8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"f1f00ebb7cb4bbb3b0a083a290d4d3cc4db53aa9eb3f2feb1d428cf6d8104bdc56b2a30e75782693d7565c5d1ad6edd6cc22967eeb5f159989c2ed7fdb62103c055456f5e1a3163bfa034c502ccbd9aa75385d4777d03a82606a890c89a207494d082becc22efad8fe69c367fa9e3350":"":"":"":"6b75aa14c129d011191b9016b089af15b806a494e8e763a7fe902479155704e1a92eab48ce29fd0f1e9d5a2014757c3cda6e021defdb91c796cbad709658edad6c8f7ab6aebe978d507459198e0719eec49b1926a7c4e33e34e8e366966e0e4e7f3ce0aed6e51d7804d803aab57257ff1250ae8b76bfc48a505d4600bccdd992d564b39c3519db0c7dd26f5dbabdf3c098735688aad1af8525e8a6a343835bed094708b78faa300c08600e638e6f24f4b2b78df0d747ffbb9521cc6786b9c89d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"1f3bade86f64dc0770dafd6a4900f61baf003c6dccec496856b7b08cb99db8f371f1c9606602ad397e0c757f56ec6176c04e832302fd6fbac3519af6d2cb9da5a85ee70efc19c7350145e904a7fa9d3199e1f6213999ee3bbdbcd1200b4dd4e7a8f112f3a37865e494bf8549349e9e78":"":"":"":"1a420c51052534d5d77347ed5751e44817824ed75467791c9717875dadcbceff2ffe024952958d4718b2b4028af83ecf363d57349a36476c0203fcdf4952794aa66b3692e7b0810ce060601817ad0794574b1ce12d6a7b6ec1d0b1e0acb2a6c453be81bf2d17e1fca7dc1c9ac5fe4a64069285a8cb9408051ba5ae4dc0c8897b4a216109b22ec56aace995a453f28dd7d2c38c7d44739b9f09ca0e52d62f204e7f4a09c3e231c8cdaf54f941e8d5565b25155be21cb316417a4c005f7e834d0e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"1b288c94a8aa7499850d7bf82177024f20e8ccd502b7b0f529c47185aad4eb82ca1efc0104f93cc35885e9894671b9d74fa8237f5d740fec09e90b88bc75124e564f1f198081d51c950dbef6a6ebb2b5e1aec008d8a5a4c692f6467c740f5026807bafc0710dc8e9197aee4372b429cf":"":"":"":"3daf72d94056e6c7138787004f40a4a0c81a244c8aa14c332675e977330b63315916d8fe6ba8f0aea5a22def342d4136d1d6c787b3a6c6c05a44ee1cf9b2d8911974974cbf7a14ed5b83fceb8dd8d3ed59194d3fb6cce579a97244091731a4c1ca1d6e4c9d2623a41de665ee3c8236e0da8710208cee948f248329781f40f6f4b4010508c219755b6df752b9523ed0c9644b17250bbc88b4338c688e97e952a924da894fc986f7e807fca4477be94dec993cd6910709d8032fd3a5b97612cd65" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"1e1837b46486b6e65713327240bfac6c618e817787c277b995c92dbe03b9b01de8e100b303ce5bf5048dccfce4d240878ffd5ddcb6754292291d1a79ee1e62b6da6b23d7a83d0fe9e84757dcfa51d05709d54142b42dc876506876b136b6df34b485c0c129581972bcbc674b893ad61b":"":"":"":"23c258b93d4e9943783e88b244a52cde6747d8d7ff28b77e2ddfaa2edcbb29eaf41dc75cdc2c5b581b3a59fe20e705223bdd90e786f6c6498330ec9bd7ca7303e53c0b21abef1497210f8222850ca7f01e0af4fefd36d82e711fb17f581b951e949876a5ef0a212fb73af4d32f6bf9fe8c9e60849fd2311f3b5cb8a4abe856b3dd629fbac41e6dfb502d1894088fc52832cefff807555457c03ba7b7daaf02830d9ff8c9e8ed09ddbb68d6530af0cc5ae9383acd34c89ec189f5a97abbf3ed5d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"67b2a6e09bf31ecee8fe9c719491baf3c6efc0e27519155f99c94667d727420265254ee6d34c6b9c03414452d68929812f1d23aca44adfaf6b02f519dfc3f034bc32c1b763a129a97c7258e5e77ba69d6eb459be2cc96fd6150b6040babcc406143bdc2c1862c7bf6607b4be95f3151f":"":"":"":"d0f71e56e975e443bd7364eaffa9dbfb60a82bd0ea6405de0b1301911449ae6ac0dc8792acd2b0ca3e68c2abb982362eb2a7a8f95d2960579f9932070c9cd7abd57a36759b2c6f12e20dbda8a16a17c29b70f5bb8db0efa9451d9a349b9917b7bc39af6c6be8217e0a6fb52e6a4c46dfe41e6a9cfba84335d0254cad07557fd7aa3fea185c8c88a921ea665e410067395791785ebdf1793038ceef6c590e64af00ac4ce69ac3d0b497feb93b4fee7d55cf0fa40dd49ea748b33f038b5097578c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"379d0a38c8897a6524d6a59df4f09ba975c146be7a398c3cbde8c222fcf998102e98223b81dfca7fb5bc92b164afbaf50f58b8df04889dbd69acd59f7d5ac08f81984910ee20a4d58c51512a3ed893d7b736da894a0b52f75c5208d14f858dfd42290f4181b7aa249097b93fb2bceab8":"":"":"":"166f643609dcb8951161ca15b3660759b69da616b45761b8cfec01a8a7f51a0bb1cf256c9fabe69b29552f8e861cbb3160b905d24845d368a17ebf911a839384c3b3aa6c8dedf1fde12384ec9535ab9d008728978ca58ad88780cdc3d272d1dcf2059b9bdc0d2311812fb1b559e31f8e5a89efcb2b33c705555ee0efb23d2c4d312fe02b998eb78af85e3839963afd98c1c644ed4493c3f1af0cb210e660748cadcfc9ef85fa3b5fafe345756ca34e7b7f88d3aff8783e92da00dbead5d51f89" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"96041c211e97d480d149e75c876886a78fee171e0f395a952a0e873af4dc22b46cdb68a60dd1d5753027e544643c5764cd65e202eb821804300ea618e8ff9785f3bf2fbf1b1048cd4450399e2f642af38bce41df8fde3208055e34d356b1aa1b0180673e8507af2035f75e9fe629f979":"":"":"":"51475ffba32991781b17e38ea58b08bde40f03b64824187b9506153f41c233f34dbdc52b63cfc71b120b4fe6c2866d11e9aaf44f82deddaf998caa56a4dd58a6ea2e8f5e3c4ec7fef73e5620cb6a77313a4bc0b135c57d18085010a4a026059c2abd4b6d2048393c5400341928f5ee6c5a063d679e185eb9be2834a1009d03d298b9abb09f993a8ede54bdc4d9a95c2af5552aed9fb02cf598a18b5cfe6c811d1ca4ed764d0756fdfcb5d03aac1ed80fc86595539c105da6b66a00a91caf44fd" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 0) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"423cf6fb44605cf03e3063bceb92c156e38c5badfaac35593139df46d325242c84908baef2f824bf3ea66e74bb4127a0c5650c33f68b5d33502b1f55e06fe2c1169fb34688a09291d1e12e5390a73da125be4cf15692e3e6ad0ab6ffb22cf3f77b00333517ecb2239c9b81e59a72d087":"":"":"":"41f335cf727ffec9ebfe7cb348d11cdb4e5e49a9a047d8342a6656e5d235219a5d80715166698cc1f16e34f743811b820e6ea55c2bdd0db1b97ea2269fbf60c739feed818282f447bfe2bd0b9a7c479144f0016703aff450abbd87a50e5e5af0d2d9469175542737bd116de2a73acbb74d9f0077a227704f271fe0696f071914dcb9c0f0191fee35eb66248eb17991b538649457d5d5f9d4bb9cd81c33a14d2becce003c143c9cfe39ccac51048ef169f6a22143eca721d04f6e147749a44a75" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"0b2307c32f34d3f3c3d6887fb17ff68b01f158ef07438a41cde27d2d6725277f33f60888aa32b9b7406f78f47bd877a1795496f759d693f3f8bbd65cb5b2562c4a8d4a717b6bb8eeabc4d8f56118a97d3787d3065f1e20e6d71a1dee563fdb2d56561128fa83d8602fe0da3e89b019e1":"":"16815bf5482abc969179152f79aa34a04c28d483e6ac81aae14f7e0e051a5662":"938c363df2740ba9ccd39168f9bbcd7d421566955f141e13ed039c4d86195392":"959517e0b27d461d678ba2dd528bfb7e844f7bf14a15fb176efabb3a5200ff2b373c7c0683f095798951dc7ffd62b172ed814954c44087fc7a6695a5a275bc8aecd3a2ca8ed631a9ebf5e1d1c515542c67f31e16fd3ebc7e2333c7dffcf385f0d6ebe16b9ed42994be9f83d0cc1e2b3b5773cd2963639ac74ce64a311ac0726014bcd213818cecf5d562cd1c5e97be4028f64400cff31fcd587a004cf60f03c6f3222e4dabae5c4bdef8819670f77f9227eaf55eba5238f90c4bea4f03588b66" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"062f2aa7b48c983c1c6d00d06aa523a67d4e86e5bd266451bb286dcc5888f0f4940c3b022cc76d68e1706d62fea84d052a019b921335f69ed5dcd902632116759b68e09b531de276c9238faf3a9802806750454a5260bd808b796cb12116354b9a7ab9ce33f8dbd40ae7e74a07cfca02":"":"4a217bf136c3894ff7a3ca07eafafa286fafc8a827328b105b3a8aff28e49d14":"e433460e9414b21fc3d5e2705c08a21a36acde4458e24b78dcc51199b97c7a9a":"5c980247a1fa16ea086d54084281c5fd114777ed21478beee9edb175be7c4066b197065da5f4c15750783039eb4b5e2cd4ccdc2a45c49ce535f03a36657f218fc616b3e8ef0c84b78b0cd1c57477242bbddbbde098be573e20d6ddc76649d706e7f6c7ca3f44c845c2c9c9d316ac8b7389f7264c6f8cd6c56ca5503e5b37f52d19e8d47cc85a04a0196b9387433bca3c18dc30b47030fd297705101826840991eaf5b856a5ab75d2bbb70cb13e0dd1876802fc2bd776a518b9dcb9484c499644" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"0fc79576bdba77a815108bc9cd2d168ee30f9ab76db70600ac95fc40c1f6b724068c12b99cb4928247e64b2ea8e75c728ccb3de18adfebe24ef99e14ad54bc1b3a486891b00b1c55172d16adb00ae58c9d8ae0fa9809245a56c9118048199767d35c026e6664773562af011c2ca7025d":"":"b0c200b6f8548643529fd414c693054d4fe04d8f76c3fb8ccc6992ffc25e6b19":"b91bf188cbaf4b01350d726585c6f3601a26b3654db2e2690a14f1989f83ad85":"7c64e503eea5b3df44dc0eb986188c312a0f5fe1f113239984608a69ccadce8a7c7f3136169e075b0c61812b1e74dfe6ab2e7d6f247f73859da5a1068c92ef8e6aedd94c3904b973ab887ca3c38de70b8b312e32a702710829ddf962f0e08779ed9770975536557e3f912ef0d5c4969202af50252117eca8182c30389c9b84fda95118f8c748f0b1752c1e58b8e0af530376aa34cd874cf49628bebbd7353ab4a5f64bbc8e3537762fd5556c680290b2c523153432a2e0df1658f2a5507a30a6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"ffde7e2726e89cce816ab3e22572fe31434f3181d0578d51161cc77305e2562b755008c7e4ccc8ec62806bdfbcd8508ae418fcb0b57a4d1007469ee3d959a07e949094b0a3e5af69aea3a90a222630978af9139027a656151225a2183b92e980fff9ba9876824bafcf18d63c916fe7ae":"":"bda1741b0b39d9248dd062870334e33cecde5c5f63a07a3030f98b021c6849fa":"1b5336fcbb0ed183e0f80cd31ede4f324997ffb842a83957f41d291612c55e8a":"61d542e4794e9bd4acefef4b325d954c8ec6a29138476ab1bb037507cf52c17edbd511579be5c232a67269ef42364cfb4e2aaefb31d9e8e260a04e51d95c2ed6c5e0f095efd92fbd36edcae4393659af6bb98b0b71b281e91e1df37c353987a6a9e259f2735fd16b8c1277df651b26ac3d9f292c9252be7fe09ab7851f515325a078cd69a7573a4810ab460c4c9e7604e54242ab956fe471e90f86613ece7372f1aa934a50dbd0457033843b887c279f14ad6b4960f401b7fb777253ca5e295f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"7946fe7ada4b545090d7647c99f71594fa094593115c23888146b27a7ccbfd77ce305c1ae4fddbb75a65dba4f0ea18897bb7e9aff3138ba030005a7d1c5802838ebb20848f8e81e7e8018cd0d0dd921243c094aa710f6b0b2ea004bd684799e3caed8c3c8944d5da995b88fa071d7526":"":"b29a506c7bc8b2282570223230664193216dd47f7d20ccdd35943a88c58c0503":"3a4c00cd2f278f0e82498d33fb6ae9e020f4d3793e832afc9864c0b7b6cda43c":"8c0667d913b13866c7eab98471109d966901fdc66fa4dff8996ce81ec5185ce374b118da34e07bd82833f20fa4e44ef159f9b0c47c046307a484b3f52822a596bcfb49b555ec8d481fb30e13dc9898f093d34cbb4d696d70161315c48def73bb1c8b4947c8ddab101d4918f5cc00b890b7450e4e10c17c46ea7f5e0a1df65a1fe74ad2577e592e7bddeadb246fa62cfa5bb8620220b18fff296a19a5a3ae6b833321ca779b7cb5b55658931610d8b7776087c41ee4d077400753681c7da5c5aa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"5459500d5a709b88bf067b4c390837eef5ae2e5f109c110a84cf32f561d26ddc567c5f4cf0f418cbc2a56d4325b2727f875cb1ceed3167136f0d93940417f616a3843b686ab4f5dd3d808801054c510fca5ea8fa0465f9d1afd8e0c68affa10f5af61e594e66b2bdb2372caa0712bff1":"":"eaec7b75ee03cdf0508c0ca171b005077954e2cec7230b0aedfe32a15cb1c855":"cdafe409b871625ab1b06a93c4d5a1f8196777370df18643f97050d7756adecd":"486aa4063b3840f0417034c65676d20da22c510d281bbf407855cb58a87ac9b33511d692315d88d27bd5d1ad5c35ec8b99018b5ca64897aff48544a5e578124ddc00f785deb60b0a60dc4873fa9a148da4dfa1557baa3aafa22680a40f650e4992d21e35fab3be5458dae13eb2caeddd8704d662b221bda01ac6329e2c451e865af9701a7ccb69c0ed0baeb226e6fbd2b871b99420949570bf5fc61c673aacb58feabdb304f870939d705426aae55cb3a2f3206c33abd453e077c4565c603a18" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"7e74b0a5413ee2ad8de814ea1f556ca5c54c6f11159f1fbc78faa86a74c4871a11658e917fed348e779aae510d383290bc6c4f13391709f8aa9bd79f38f310e2ffbe7fb1be3e6e3aac9d879f1e5fb3eb1fe81675cbdd098cd287f66fb9b28d50e12a64b9e08f28a40ed446fc3a12585c":"":"d152b0aa1946cf177aafc7d47322f8c756831550ec79adb40f34681fd6b3840f":"152229388caf5dc50454c2514d9ff1a4b70e3d1d9b8b29a228d59ce67e8bc586":"a1e2046729e849482bd693e21779e18370a542e2fc7baedbed054476f35447e069bfda33fa2723ad425717c027e8b30d57dd2fca8cf268849358354478cd8bb42e8f9a737c2e3d5490991e4902a52e86d1bafc1751f5908a36afca2b6b4663ccc9f1aa46e857e2ee61e4dc19d154029da48d59519dde64410b1d7daeb5b7b93213cba1bb059637023f928f16e5944e0ed2ca07be3674fed6e0da72313b3cb80b7a2d6533fc8785587366ca1b6769db803d6d840c5d1b6c4589272a3fe9371b0f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"70b5cab63391c5777e4e60516b7095dea3cf26d72b27c19f5a08de6634306d992de4c3f70bf2849a4c3dbeafb163f5d50dcbbcc8e6f4bd973636da95d71d39d6ffc9e67332088bf906921b9c48a7e3de158740a9c0f29a7b69d5545e390030965e305ac1653958360d01607bcbc39fb9":"":"ab042d23accf9a9473b43e82683e30f436fa492ba4a8911e4ed2622d481e0cd1":"b707e2d5a5020d37656009713bb100c55819a98e220fbdfd921c6c0724ba7238":"f3f82b7aa0639bcabecefc7b07b3eecc9962884250fad11b9351226f138e06e3e953e052792d0127618a28aaaa1bf5374a06393c18a326f8d3471010f9840dd16ec997f53fb981aa2b689bf1cdbf265b4ab698f9e8e9c054255147e04654b8fb1d0fd3a0b64d3880ee6e9fa87e0184f6ba307f4d3fea651556e0baeeb75f308fa32925f8c55ae0f355f8db8495ec6c46003763ad4ef36590ec40239b5e8530aadaac931feefc8e392c550ad4d89f5b314a53a0633c7a93bc05b588273e6d1d56" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"c17914dd6b73d65e5af112536f52b046d4963f9c9098c77d9dfe35ca7ee6366d4c0fed576ba4cd14caa3d0c406fffad2f0748362166975f5bcb9a395d568b8dbde3383c5654bd24f26890b21ee1f1cb10f3c93cf2df64cd764187c840590a54babc9c281de88ad1a1dbc2677fa8687f9":"":"4a61ee9349d53f8b3c1af36fe0a9303ef89705fd87e06e5f34b61e1350111279":"a9ad1cad4ca7a5af4bfb83680d4b914c23a6cd551e8b002c50f30be0d8693edf":"9ab30e3729dd8b2af987dcb793d7a3e1fc4ebcfe0a4ac976d91bd3897777effb210c8076e9fd135991e54abb4bb8c7b183a80ef37077692e519d38df4a04304fd83fe1d67d32147fe0a249a6c8bc603d99878039b873588c3781a193437f098094fd8c12945ef99036442c80cd1f544725040df980c548f0a675afaf62a1b7c225c9cdf0703e613c7a5d72c8b00d8ba199b8ecb48b6e0b0d103a3b0f57ff1a4b9189a20dedeac6eb26b1f66ea0c34ddded10af2b0133f4b5b95ac2239dd94919" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"2aa5423270d0859a6e3aa3069a88f3ac4c30eda7f6e52aa891e4f995244a80d73d73f789561b00ceddf721ea59a7eda3157090ec192c578fc53d232c36453c5e8bc3c9c22f3aedb6a93f7aa63975d9bd3369cd518e570f6af0ab162e4c938d17dcd4f3ae46d7cd502ef73b2d40f50e2a":"":"32cae3ff757b79f2305a8b5f5fff5a77afb581faf5a3796c5ed7054d7c048017":"632eb6f1c827cf299f3403bf80af721fe5ff8245331f1ccfbb8f4e61ef5edadf":"1a85c36131a8c271d6c805233098bb29f9104e6254e0680c6e264a76f79ec17c7ac65c8a97610a0a7e5304b37d1ebdbe02cf9daa9e45b81d75d8c613afb974eb38dc49041eafa7462b4c272fdd3d7fd4b05b1e6142305ffd6fa634ddde90e273b51b02c0b68b823c77ddf3e93a2ab9436d0f4801f08a113eefeefefb9592683981423f83235f8e563ecdb4e44daa9afa5e1728204dde1bd254c7985e6d56897c570b0c6307fd49ae4dce18ea55eae846af2a5acaae17a71f8369b64f47b0e54d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"c69c61689d1f7763d43b22b6bc2262c377c62db60835114442fd5bd65c665705b5563b3b6e9e793d0f4128696eefc5ac603b3edb35b705ae39845cefdf8fde23f5479ae4f033442aa958e979c89bc41dde68d92f05b28c3644133d19788624bc970019a10f6b3c6c5b8dd22b0cee3e26":"":"15cd6984fab6ae7db72a4c099a064cdfbd141dce361fab0021872c91b1bb65ff":"86c295fcc7f9c2ec9fad377e0e4d0119334080f59fa68c21c19d7a1212dce03b":"97b971ec13db049ccd72bc597ebc2e33fe4da647d0f74855f242884d35dcf92d0349fdb3527c87c5431c10fa85569285096d3369bd1917c8c7c8650024acb88e5b17c42b50a75419e29757a9e1ae09053cf0b51dac437883cf3f5b1abb40a71f40d279bc9d596d0f59f4c70f81087b4446c402279f4486198ee3294d0a5f72eba7ba52cd552906371aeeedb47122bffb0d5ed27c3cbb86a6fc2d83ab4db7b6e1ee467dd1ec20dc15bcee168f2e200179714cfc04eac651a495a718e1ed985bfb" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"4dcc7427dff46b7db7e2d3273e0605ce85c460cfd4269fce9ca3b10399b99e178b12f28786b9e3df457ac0015004844d6f6bef29ea562856ee82246d24982393f770d0b65d0ffc660d9d8359f10904fd8cbb76e648df60ec43237ff7dc46bc34920bba637a2c1643a53e8a88bb7bb97b":"":"4c0ab67b952186f2f85a0dbd4b2c1b0dd009dd794260ee7f321b2d2b3d994e09":"f5be66009b79f51f6aa0cd1a5a24a72c6a6c4263263cbcf80e8e0d514a2bbb1e":"211ca57a321cae2c6d1ad755ac924c92dd09bb1c6334ecc543ba78a18608479457bebda63f707fc28190b2d56e4cfd96d8c49fd146ace867236c57761ea28326e3d241d1dc35d7ca971df9d292f2563d33c5f32abe86367cf5f2f06628376752b353f72b501ffa94a50f146b8174cb7946ab8c8be382237334f37594418850a233c536d72763f10b06f728e3e60d3b4f0377d51b0de11d110a28b6fcb7c42b77e5f6b771c8e5d713a0f6c4d82ab2311cadf16b7cb441a417b2f595f32ea822ea" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"b72f34bf8209a28168ae7692e4c7d6f19feab9346971b85fb9f377f6e4a77dfb370a10addae744ac03f2f277c85423945f486830cd410f26e22c23a136d41800850113339242e1a0550bef81a239a289a8d020c14298854f0b17abb0bc461ed6d39ab2d9cfb03b835916c2a8e93710a0":"":"e919d983beae4b687bb393d90ad4104146e86564845800ecf82085d5b269f1dc":"abc8b519db05c1de8794248c5741627cc00ee35a972ecdec045a0cc557a2d967":"9777504473adadade14eefc0279f8347bb178a36dbb5fb028f0315b4309fad4ef554bf34b04146ba4bc260a89cf78195ad1c23c6e473a14385c66ba2a1c005cdfe336999245f00ffeaa41dfa3d9e68294e5d676f01f213c6d2d8a69b43e36f2a568999c0a8c07e96d7daf90f3e2e668eb9fc8e5c812a49a39507d193eb7c95b947aafe658a1065efe9370cf81014e4ffd54efffe5f863e6e4b7d875565617d8b72854ecf09263c55d1c3f1a4f4862214fafe7f03da5572095a7befcfd8e6ee63" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"35d5a6cae5aefdbc62f1efb638c15dda387a8f651810bf068a8d92601fd37e0efffd95196c09c668ddb05eef3de339222a0bd0d3b721a27e2f29be84a846c3964eb9a84cf69b214f612df3b414729df499da4d3ad8bf3613bdad3a70c73cae80556c16f8ab83adf0f2bc9391094bfd98":"":"cd603812a8444925993f2c1a0691bb4459faedd872f43852f9970675f579a1eb":"1441b6d4876b050fa4d969f1845d3f119cf5d8720c35da9c489000e6b7165db4":"259828d05b8e735fad69527cd2322f94e8e7ac2791607ccf2a74d070bf7d5574ffd8d6e447cb4e02bb15a87aa88d8f1667edc0905455b116ef7f08ce727d8f266965242e0042810f946e52acca6348d70e012d998322a18a2f3b4c4c6d6b66cfe65385312344e3eed14c6e7277eac9a4d09ddc5dcf8fcce6f79a23d34c80cb78aaaf1347ecce8c13efd450d59506513e62f527179b95b9b5d9df821c32538f8e1ccb17e911826e944ec44943ad8e726d54fa98ebc4d012d34a23771ba497ca2e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 0, 256) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"66abf17d907a134232faaff93bfe361223b5b773980cc261fd19caaca022fd0a081c11efee01fb1f7abd0145b32a51b3237d6ace877ca6392bcae2fd2aa5b865aabfb1d1d1da33f42319a088c8dbed1124a71d39e627d5efaa1e8f3e5f70114bb03b71ce54e4f8d34e838106b2467cca":"":"1e51f2b67538f84440912c6fa20fbf009100fc3008b5b8e1308d95e7ca53b460":"301f91c659f73b618cb46a4343772f1eee9fb4949ec6328109823749bd8b0b11":"34c532082926e6d530b3a58282eb4666ac7374e8befaa4999dfc9f409e40ff966652295d2940db97061800583bc7d47b053553ad29c89ee61803c1089d30592270d2927031353592d4aa71f59a4bf3f2147cb406322367544c38fa5a3c8ccb534bd884355b06145db62161260162091c795874a2e99e01292a2e39e107738818a211750f858edbe0c2ea4734ad14f1c45bcc9f733f027616926558587f7332be55044dfd6fcdb628ff7d7d581820a217bc64aa092e450722686e0cb291eca45b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"37dc21c72dc7c82d5e13c51ecaf5a8ae06402500d92caf96c0555a95069f4f0144a961ead5d6d9bc317afc8206202bddd57fc02a2a500df1fb5c4d9d8837b52a5220fdf068fe2b8b4bcc63fbc9bfc94c8e21d987e8b6cb0f4cd37b144c668f18b7a36ed4e9758ee7b96029aa0ab2196a":"41e3b89347bd035bde510ab8ff83d5fdcc9d5f2de648bdb468a714f2c1083c52":"":"":"a929ee23c5832e5ab93ccaa40bf775593d7d04a1a8411dfa07b4c8a2da2dc91b1bcb9c27a0ba5a7152ce5ded5f76cf6b83c04c0f8a4f6b43383ae3e7d497280c0f944be91b0bca6a56df2d00641bfc1ec549b538898e559407b076164278c0eb7afb6d6f4495a50d4da178c04b259d21bb745692d3bd186edf5bb3da6f66b4418fc3d9b085b0a6c1a5e54696272c305c4b8887595b391dd6ed8da03dc9fdb2728d8c40a2defd8af05ef1c443a72323f2e0b0d268109fb7e7ee70192fa06bc6c2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"0dcbeb660cff703e059913eebff4f639a24b611a078bae8f01320ea4af5e8e0ed93b8dc4e84d224036b5da645c147359c6123c54cc2367262a7594bc9a7dc69f76549ab803af66de8f253d338d48ab827b2b1918d636d6ec92bfd9123f1f5fb59b6c37eadca0ca7792e2b7932e1ddc33":"1debeed9ba5790437a6c56dd3c9e2f6df0912aa0ce2e57fa8eec9652e2eccfc1":"":"":"5bd815b3c3bb73a45dba72c68457ccc17212af905607d827e8b5ddbffa34a058ec360abbeb6c8ba16c770ae4826135ac7e4faf208da8b5fe3b26c16fa7c7ef4000c3dfe1b8b707dde64b415c671c4615d56e2648908e047ac978a389e346cebe9228daa7bcdf5e341f72c3c7ff74672edd60c7c6341726450ffbf9e3e7a16580e7e602f9ddd3f3556129052de05991907d81a87467ff5842c6e5dcff4543e24ee48149f16e9107a9aa40cbce367d4b76042d77ef1790b0a7701b2f04873d245f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"d9bd99128fe2771918afc6db6b2514eea0b617d9bd4599a238d9d99a7ce18995e8d85542f3f9dd89920b0f79b94d7f551fef4a330e9de24eb197bc75677bc13d8361104997af99ea2c6da03f4e71c89e03191bc5e320f057afee98e98facb99d15142c61ddd71666cdc38146fbc3ea4d":"eb701a9d119cc6dc0d735254067dfe161b1052ba3f93ab0d6bcc19cc0387027a":"":"":"67b86213a84778a9a38eb9913b9db8508b53ac0a81ff85dc78c966d638255f8f7c63ce06d4a66f5d9213ec2b32f7e63ce5dcf01b59d3b30433f0cf4c06c171d839953de913093ec845670b38ecacd81162dd73501b2e4c2d9dc69b97d49bd6d9f6250070ef6b360305fcc5ff392d1adad98d6bfda67d10b725c7cc8ef6b4fc206fde1871712b96dcbc2df4f08d79f1adf7fbb01bfd8f20e76956ed4b9dd1d7e5fb4f922ad2a529bd871490e741843d839e876c4b475e2fa140f28ac8d347a07b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"0de3fed3b363d20ec5018d4aeafb25c8e0e6aa42ee8b56843043f8d9c40b9bdc8ed427d29c469d8976a5b785d050f3d2e5eb287a064c54311bab32dcd5f240682babef59c6ffa602669f3ce4590b054e2550444f249b56666b7b2fbec29b33d1b29ee653e388f9fb54b00635ff526dd9":"82b6a44b0f35f946fa0fd4628738e61a0bdd421a8de73f3d2efa25216c789080":"":"":"1f7b951d147ddbf21fef9d4849044c44b757309da8f0244f71e4d8301e1fd50c5e46407f5bcbed83eaefdf8983c330dd0a67568e866b20b48c2bc97dc63a7c0d3eb60f2488b1eefdfaa7b8dd43132511b4a2ca80bc9e82851584ec4ae463444aadd3c8e6db2d4469ad9750e18a31337613975b3fa0629b9a22bccb235d20157a4427acd619324e881e68f5615c65e59a566a73e4ce9d484fc5b0b29137c4f339be84781cad67d17de03099b1d03ac45106c1f2eb5b380ec84392b7ba5c91df4c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"abdc2ac24ba7d92ed9f518d9576510969f8d22074bed9b7639299d2137532c50faa49b5e843f417693a2eebd0ffd3f27c0ad2d8bbfdb912ed4d1ec85165d4ae577a92b1affab63070e25dca8bb1b035c8bbc5d3a07b4fe094690e4a45b99f9e5bb6b0bfe823f3c2a148732fd43db5e5d":"8c7b18ce389664fb72e777e70b533ced4c04b0c290fdd45b86b6b95708d74187":"":"":"c3d1420055f71a43264ab8da92829fa1b8937346375349d2e256705d933a21352ddb4eeceb36cdeab38cae58da81bcbe6deafeca5d7f018a0514bbc285f436b574ffac2547d26a3f9aef21b66c1e70b45d372e4dc2281182ae94667e442f39e1b9b2fc2aee06ab306095a904614613b513cf1af5a9df12b996cbe88cc3b25401790034ad0622df43af4cdbf9cb681538c79189a8260cf9c35378955f2ea859faa78773854883cd94bde4c0f50d4c998c278e47787e3f74f3dbb98f710366d315" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"d20353e175f4ebd0ef5fe77f7f6fbf5340ba07934828dd296c041a63de841002db0d21ecbfd5eda2bce80bed6f73c23d3f18900bcc02791ba9cae668fc33fc60ba84c6eb40afbbfff18be5c4960ce57ad67dfc8c1eabe61a299881c0f326f7093c1a232c80467772e707dbe75b5558d4":"f38f23461c471181a4179323aed247299df11ce145fbab9834b85b3cb42a10f5":"":"":"76a4994edba3d0d9ffee9ccb7e12a75e79c5ec1213f45ca4c50ad629ac533e5e6dbf58f8fac193755e74f9e7a75eedf89472e91d394e32eaed86efa4fb2f9e7fe4bec1d9c7a30fe9bd17c2cda73d136e752a9b818cee6f1262028031bc09cb81b89156138b571f03afa69dd388a807a8cbe9c4de66cad764114f9a4a6419ea70ccbbbff9dd774aea8a2d6b1d20d0a577c59953661f0a87b4d795c2626a025d733f43bb5cd1df37f5cf542c7c8b6bda061cf4693e0384060e63090415d7470cb0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"a58ca5154659ba58fc1b468c909c667e1b5087884c01ab15f86fb5a431e982c1c041be0aa014fb310019fff65f40ff13d4469b123223ae44f4f4ac0fb6877a7890f969d39047e39ab23882cd7838e16e64bc361fe18136471dea2e71a86ef2d9f8f7e1d24643d7df292409ff8cba0f13":"dc05980e40f07a02fdb150af580a7d195ba26f4fa72a1fe513ccc2cf6e4f699f":"":"":"6ad4543c218cb6aafe65e6a50c4f9ee9d5c7a3b9a0112bce262f49f5b0d20dab7225fd0acffa25165729d8fbba038eb65f7e72f136e5bb82e8d94698dd9b763c38f3041ccece3b04189aaabed79e4d4213e24218c5fccf5f9a0c3902875564431f4d670e6e60e1dbabcc4642c3ef895c115e28702927cb98d509f9341ac7ae2c6ef6c2dc4537e909c81a9804057b6e24fa63ec5edce835e624969a969e2c47c6dcb7e9bcb2bb8f344d2b9855a43e26c0606466887b28b67ffd7f99d374812d11" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"9d6e99a11d63cab5aabb1462abef66bef31a2886cd172651bbf30f65b16fb8f3b93b5042a908510d8518330538a06253959da557d2b390c6fe0b7ac6b18591e5791d275c7e3d558690719d5967d026a80604a389946e2a55486b5c49c2984990a2e14824aa2922e6a59892c5e6d969fb":"af631e7990394889b84d851920ce8877934e706b780908a07211d45b247584a6":"":"":"9f33ba9083c7f4088c9505622cd5b4937b7189b0cbcdcf352c54ef72057594b8568cd4b13a4bfeb61261d27f5febbf2cbbf902a8d55f6bdf669238ae84b8abc58826841f7f62a0c5bd9f74125cecbf8e3b4c1ec88663114e7c248c41cce92e73b05eb3f826100c1b2683cbba985d2ab694b5de1ed8624628917ec9bb97733f337298c0459f198c7a138f1670dfac0d58f287b8244f0605f97406ef528099aa2ef290db202baa7fb221a8523344ad836c9a2bb25e1ff3fb4dc20f69ebc9f0fdd9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"df7c57519ae3914c75174b3107b7ddab95df936c5cd7c296b1cb1ea06249915cda22bac19ccf2d522137989d5a42549809277ba155d04b3353520f4b5c2f18120bb4b8442130db58e9d46a1a41f5627c40a6b65a4f9075460b7053202a6e5b12b9e07ae6ee9b4945d4235d0b736e88f2":"10a198b05830cff2fb4f5b0317c258129396edb943769292753095b58bc8fece":"":"":"17b9fc6419c17534ee16aacf32550cbf58ea1f073b8e72fb9ae6e94094e797f216703da428394a1da8236f725b191cbec11531a1f87946c70fb1440a55be7d7d18c9b5085d626dd0cd9b3bd63a9014e5d14eef636beb694dfa7f781e83f3c1b4fe5519ab1a505d1be5b812514f3a39814601db104afe5726086f6bacb61c00ab8210239b2891938e97fc53de069f18a6469999727a904403bc53c6c73c7b3a5f9f37f380563f1281cdaa1b4bb4a636f849717c307848748172ae0191997abda8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"2e403c307a03d766b61001842f85caf91a5eec97a49934547b2ce63411916495f3e102d333269e04381bbf140a28a2d61fa6a5f2286079619f4f4fafeb5c520c602d0ac3190fd500a3402e7c0647ac76c901e7c58e012cd6b9e83d2a969f0d0ae4e08ed5cb601fc72596a72b4854f246":"ff1d9eed8cf59f5708e41924cf13fd5d30ccb7dedce3062dfbb2c4bb4d36b65b":"":"":"e5e20f2cb063c1587583a381536aecbf0b0cb4400c99a74bbb6aa15f338b3e67187316865cf90e691d99466e34bd6612985575122c6c79848d4e2f26801d98e49c002f4063019394f4b3eee908f2d6b56749c260e56ece4e0431650a8bd9735879ee6c9bfaa5d44c07e7ff6978883c36597c31126386dafbbe035579819068bb060348629f74420bd411f2dc858d46dff0bb4f79946af96046da2c2cb32e0aaded4eb1ebc8748f277317f9ffb9aadac1bf5e6654ae7131d5ee0c765ff3d49d9e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"4b1240cedb84ee3f395317e177efcf03b0fb57be1e01e3c206170877a06ec2cc077e9751b4eec964a4422d010ef1487456fc16b3e6e7ccb8a06230144535274215f00afe175d394cb04518b630ba7255ada0c6676885801a8f503c55c38850de6f7904b40cf03fa195cd16ea2999347c":"9043ef3c775f32dce1902b9efdc481f61f29220eca53bb904155f2aacc3b3706":"":"":"4facd2fff1828b9f4a63f639503cf6533a4d242f316ef7168fba44b52b876056bb0fd040d5e331d2746169cdc88ccef74dcf6c642c1d1a0db4130f8be9ff88555de4c2a7a5824f005cccdfa6074df3385672eca57a45679d69dfec232cc8b1bca87f6f9c6cac2f630498d52449a5d1b328a6d2ac1a9054a0658be589bc277b7750ab5d647a73a15a059d72608f9d299d11f9fb417a37ddc1b52c8b8859c2949e5ebae650b9cf8b4fd771288e582dee38178b154e681eaf74d4d3f35daf00a309" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"c2027d8c084e2c6fc5d535726312bc6362372872cd37bf07cc1c3870f3b59a970c62b84a10d1498b2e02027d854fd84dd615e29e7c204579968569386b6f08393322c4fb36da4398ec4881ca9c17905b7b2fa28722c98d404e93fbaadb165411d41256a0dfc806a19df0f526571c80f0":"8c5c93583dbba016531aecc1da7b010b9559785b2e8cf660ce17022f8d86be78":"":"":"54074cf184040f57716e9eef80ed0e006cd029b99ca568fd7639c4c1b0f7431933516830f5f87b157fdbbb2af7ab57f6faa26323f096c8e86136e49d833665a6cb3a22f7d5d38290c2e9a23c62dea6c51b958460b263566c5c0e4be9adcb1c123b55879f405f11b3c34c24852d33c64d6563ee46cad14ce08d5919ddbffdfaad0bef8d8ed9974f1d95917e2b108d9519b13c4f6929429d2dc44ecace7799839ffcae035904b576e71e92b0a89f39e3b3444b75ee0705419c3b3533c793605eb6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"02ef640b9f087fa48457918d7bd6e910d7379bdd89e1549118ec67880dc3c4be3ad95397b8fc88bfced5aa76941716bf4c26696e9540d759c8c6b8603d5c40df267056c79bd8a3497b77052e498953493eb853b56c41f3286c09f1ec88637f95a1cb7e6e0efd3acb8a8fa4de63d10727":"38e664b930fb072112e6d47bfc5538b0d48672a12769f3eb860243bbc1c5db75":"":"":"c399e8c39ab174fa8cabb7e73845d8d434dcebc21062edc69d02928b0de4471517496365bbd59062a43408215f5b0f35971f4c48077623860206e0e6af8de751e6fe45eb6648a66e8ac5e603043c5365be3015af858fa2709c6c7b1cd22701dbbf4ef27fa45e6d7f9df4e8a558517a38e26bdd82960db9a92a0deee98657ab514913f134cb9362756a78ae4afed3a6c89e86341a8fb20b5cdfcd56933363f83e8c55c69adbf8e8d7199bc4f93b72ae1c4d0939b564d98e7f052c66e1e0988ca5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"2f280ffe3306764839899faa89213139a40462039f4d9c55feaef6728c24cc636819357f6ea65badc8e493b99d5af1d995d14d81e39802711977d0a1c5783bfe3c290bc469bb9af520b0faa06f230fe6c4ba3804e39e3226f0731f09579e105d726b089d1c37c72e3faeb33768d3f20e":"e3d99860e8b1e9297c60b17904be8525be831d71dbd3f454f085d1758ebe7160":"":"":"45400ec700a4cf8309fbea94aa4fcbdd22c859e0f7defa746085a2f4ddb9db16efbb0c2fff798c99ff4e9e11986f4c330f3658e34a146f8d9071467228e3b0ea486cfbc81da3e739a301fe51b620d7d27fe9da0e4b875efe3c2bd0fde31f608015ad71cac9c95bce33e516c62fc45a9fc85a78c142416d7fbff3a83602dcce3add6301ca6b9be565e3cf06ad6f22855d57d9c184ed7214adc1bb014a1b6dafb86989283fa3a4be10c410442d761c98d2d3f94bb0d97ba1d5c8966eb47b0fe6ec" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 0) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"8f3ddc4230f8320bd18cf078c04c62e248fcc326980301174617a9e54351c667ba4c31a4c0e7dbd7336c27c0b8a034f6fd947b0a21e580e6c2dbfbd44d01f5fb4a51dcd2199df9f1803f24c5e774f048815302e016aad33254d308c5457f368965c15b6204e191c2a252e4fe88dfb978":"9bfe9bc055b3215560cd285553372c47cca422fca574c0d22d7ce5f2dd40b084":"":"":"34f550231d31c1b3a3db331d341ada3b987120d94e431831eea67e8d208f9cf1800549d445fc7befbdcc2488cc7f4340560d574fcd2396e9ecc9a232f1015cfb26db451623fe47ec8bacee1756573e74e519adc62b23ce86fc191ea5e13da9c7a14496426c6c53dfa7c7ccdb67d6164dbe88cbbe7f48d4971993003ab24f3eff18bd52c2661992e8f8da93bfdd28f01fc32edb439ad130352463084041e9871c431ba26c676ecd7812991833113cbbe687651e93aeb22a6a44cffc7a3fb214b2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"8b285ce6b4da70c83fd72aab1b4be62101bf9b29e168726ea2f670aab0deaefc5da3404c494c6019ea33679e37cec308dab13e0cb060f66c1c83fc6fba46477d1a3c802edd7594db0b297dedb9ccbc800c817f05658fb9b4c99938ae2140160c4a16d548634a353bc285cb38d0e93243":"723c0f287db4af285c195cebb1104a106f22e8b243fdcd0566228ab5f227a9e3":"881a1874c800db068b5913d195058d0726458de3782ff530af1a761f9628547f":"0c27cf271bd7931d187ec6f56038519674468fa2e7e6f994904c9f1afa346939":"51e042dd56a193908c9018c25f1c1a8b5e2734b055c3b7fde6a8ba9ec2b959349df29295abb0a24b4715f98d31de0a369e6262c2b2cd49c5462b7ae284e921f5ad2ec013edc1611343c228683f4170f34a75854b1b656d226e294172d488c10a415f09dee70984b9c49e8d36863192301d1762145e0d9e94e99bd30ce8490438ed050f418cf4ba0b07fe90a82d1ccf38578d99edf0518c4a758a199db4d3533c4dbc55b1da19840b8f365a574aa01647819032dc0ad641388c2093ebd4ab5d99" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"5b5c670d3e0e97a21cfd5bc3d038f0c3d2578cf3147f5545e5118a04c4eac727b50734939e2fd0aba704932ccaac42af316525e3fc5f1dd224131d65f8d44ff8420891c0af7c78f9cf766097fbf0f8bfdd131db1801275c28081e6063c0c4d6242f96e40fc513608289f378bc4f18518":"4cb0e590a1d575b6a2df9cb0243895263c894a990b6798424bea9ef199761d08":"feabcecf0648665b08a7c690add6ff75744de3916d5573145c35517808605beb":"fe81cf8978798311ee6d1c5d6145b3832d9ad1a1266fdac0f4fa230c631e9ba0":"62aa5e9b8a07bed2a5d3eef0c73bbc841bb8cbf544d32a2889806ba501c6768aca98c19b83fd4fb2cabf120c05716b9eac9b77d561ffdd69682308f80fcf1c78409f3b21749bf71abdb209660716a39c2562e8ae1b3478828bf35ec9d3f9712d95f49a36b9eaddaf1b249f023c36d09ff1b6f3df6d10e4e336763edef9501827d5171c507eec405bae52d56fd62f90f5c58a2f1a7310530df15ca6b7841a2871a37cae583e6b388978c118b9600840f5540af529bce0a24da8f906f601fc270f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"64cf47e52f758df802c2b37a4841c73a3228738d14b439a7d02b13fa3024715c744721e49f25a0e73e821f69786fe2d91ec1cce1d1cbf2dcbe5bdd2371c0a5df050841b6f07b1a2c0d064bc5e06ecf2ff9904928febe0bfaf3626df5bfb79fee1474cc8dfc3ae268570df2811bc3ba3b":"c3f0b0471d5273f40e74ccd71712071fa411b72b0f5a98c9eea9a5f7f176967e":"4df90039bbb54d8753b19ccb6250ffceb7279c05f6d69b5c47801c6fdeb1ddf8":"181d12bb126ea840bbf9e6ff5e68f8ef53f69071d223bff593a63e4e0c65ee1b":"8cec490ebe0b4837f040663de29e2c6dc801d7953cb2416d245ef66173e5d7baafbb77fd2c5ce69b4b8995bfe51f5f33cfffd9e9b1284fb8657bb7a3c26f5aac500cc7d3737fc81418c94d3db1a63f4922ca49803c04fdbc9488e21d9c4bc381c48bd9f7e5cd1ed6c6fa9e889e463dfc3a313812245a66be220266707a5358e25807ccb11f24780e5ef82c84a8803f72dbd21f55d96362d7cd8abbfd9d21f4e3dfac33326a4e538476508afd87e030d92328a91c91ffb16b054740dc3d0a2130" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"690a8be904c75e41342c8e2548abde2e465612a632710179ccb9c1dab76c4615bdaeda1587772638a61747738b96cfc94879325d2cf1cc0269d877eab8aa233ba8d7f1ff44e9118a128bcd8cc687eef58940343d27ba1d800aed9e2e911a8c83b8460f9d72c7b92852cc178d3d0baf6a":"5dd031fb2df56c510b3cc3c02fdcf6cf3ffa4a881e7475a8631073b3ed5e3c62":"a0a861238b2b9ea03582eb4703bc33921b5376c27004710d416ff921d6e6fc60":"3cef66f75aa682ad5430bdf0f01dd1f2c3492fcacc6f80ab351cfacc1c6b6ce0":"92b337a3364059acfcaef789ac1ae09c9ed05fdf69f5d5da7a1c9b6962d3a3c71a4041dc234f7be58fdbb728f8f5fb10404558f21d9b4c818fcadf5d6bac8bcb044e5b2fbd26ee08398dc8904c271e8d3d184bbf61f77c62fd3c8f1cc1ee2f8c4620c513f3abf5e312b431e8608b29cdf528d892ff03bc0a9cbd202b9da1d052ae2bc2dd8723198a1b3017ade2803c3dc8733ac33ddbdcef7a9948d64f72da0716b32dc6eea224bd49a7349a1c32e8e325ac11e5fad8353cf85d9eb4b72b1954" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"0eba7b06309f0dc4e2bfabea57e1d01a5a3e711398320925647008abf19cae194efbff93968c0a7d1c7623ee1e3987cd95c3dbd1b2ba94d0b2d416fe2f2f6faeab46646a378e931bb5daac049333129ce7e20e53117a0f68baf4c86a3ee5e787b02b53b1e0140430e77ca86f242d7f90":"69adc69e03cd113c34ae6b89c7c2fcfbe987e426da865f7c8e052da4bade343a":"729489cc7ba4f3f96f77ff365fd5380cd83cc7b17b150d327c5b7632f1cb0460":"59892fcf99ce719819774539ed4f10edb7cd35cd66969137a88ebe6336da90f9":"565e3e392a9f364df0b575d9444aac262f58ce12312d5ac9832ae6351b6aae0398e0bedd3074f57bd4e9f0e89a50d627ecfe11fe9aea09fce563eb34efd27610a3255f81f953bb3f222b15c019b9d812150f7a1f19126994c505d9ce5c948882a1f6c5cdbc7050461ccdbbb7aae597dab53a12ea6bfaa4d4710188d690fb0a0a34df7fb6bba949fd6a8565fded8e4832ff7f6b08a653a72b8b88782b8d77c1f217e8487163fdbddcc88a83d8bdad479ca75fdbcaf02250db39528456942119f1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"9dea5f271193aef61bd72c76a581d65eadc8002b258a4d548c7ad1cb587a5f681e9709eab5e146833b01a79a34c352aa642a7a376595347c0203a8a0456af4e9859aea62c887166b3483e0c7acdd5b99a1b1a466dc0709cc6ba133abe29ecf3f3150d664d04baef8854fd86a5d8cab19":"895e5039eeb3ea1d197614a683c84d7780ac8724192bd6c35fe81137bc23e4bd":"9e8669a67bf80c695889a7e875a9ad1954b91e4bddd0848313b4efb4b00b14fc":"2e93a8b96ae1966e2a052db0d5c2d5b76cd7cd23494bb1170a33a9ddf39b21ce":"71a0ea8b9884e979f4ed546cee3688ebc399b41be38578f15b99d9621de0da3e671182f6da612334edb8d3a6d5e34c2872e277942854350526c3e000834bbe18cd5f2f336bcfabb42c4aaeb19b8cefa3f7066a89593960fabba244812d15c5fa7a7281067c789745127ee2b63b14237136c54864bf86ab7c377414a7933b829fc3052e8c26c698459a83b1990c093305372aa608c967bfda719e98c4c177764b72d184586f7b63a8e75f78c9e5e1dc045c3eb5b30c7147c69100c2cf910d4f3a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"2b4c85aac528f5cf44e9018795a1e8f810220ce318aa174bed9db372602c00f68ac33625739f299241d1a8381372537bac392411a1d6849aa6610a177743afdf45cc524838fadf1b5feaaa9983ca79a4508b5e4a275514ef4c04c233c3dbbca32a00d0a1628323b91dacbe499c1ba928":"799a4b3c9f62c2f6aa9e91604e742dd06ff9f77b15d3799684e1dfcf029d807b":"1d15f59cb3e102d5ff47ad4c0aae13631ec4d300de4247137aec5b43e5aa4f79":"f43801851946f97208909f1ad0f79d6577eeda70067886b270f55d626d966fbe":"f05e50192528ba1185cb964324141c1d195f6e26c42164052a7b7244797c3084d48bc5e6e1a27e64562cf2fa36b4de30132a082de2f927059731d084e2042eb7720932ae8e1741f05f4c75079586924cc43a6cf3f5525e037b089674121c2741f836372f219a33bfcd910884abb166eeeed1840672663e0455b18bc7c9fcf20967b25dd77eb37e00d8fc40b0788c08280b0bd8878c504d982db4d3d2476f5fe6785b1959d1bfa2762c00efe436cd217b6d01adbf7da08d23254f1be1991d200a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"a716af9e058eedbe937ef79ee21cbaf4ac1ed0e2f4863eef4ca1e3e972f33326eb6ecfa7bc9bacd3d90215a3db843b24343edf7ada9e440a206df7f38f8cbd1d38159b8511f2a93d1f0b5ace8a89c0d823fe001656c3dde659874df88dd60056ced293cc49d64a71ee6b23199c9b20e6":"648aa30cb2687d857d309f702f6dae1f30edc824493d6e83a9e26d94f28948a2":"39c5a6514f3d399ac41b2640fd619312332fe053abf1b2a19472a58c28345347":"c912a1bb84f7aeeef79d73347097e09f6b8fb7ec593176cebbbb56af866bc309":"5387674cec52da2a9743b2556fa9874c0866e579079954cb357f17fc069c2e345c1ca80081040d620fba150c22eb1b8b2c7df082f637855c396ad6417fd383f8e93b7bd91693408e951b7572269c0ae65be8bcc9844f9fd8401e68f6fafdce195162154b34fdd5db8559dc11cfd3cbd3d391a45065761372f60c5182fe4cc162304061f86e666326c3332010fd388626cfa9ce1252982cae7b6eb1b8208c79b7b689aae9084fd180d00962fa4eea79f612ab7ec5fb51394f6f498528ad5860e7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"af405b42f8a67c349bc10d4d0b97f56cce433e1d34cebcc75c2850010d20cf74f61b23e1d2f964ad6c9a8d65c9f87749da279902d5c30fb67207d72be55451337f34aaa8e598b9ef55fd36224ebee4b5524a93f1513fc21fa984f0a76c2bcc98ddf39823d0a87d501b3515e3ee9fd4d6":"1cbd963d49b2553a9711687bc50743d820588049cf097c100739f857b3928fc0":"e0d336ea552a6dbc132f194ac9ab80a34a54f4d331a55a070dde6601d6d9084e":"91e882daaa304874fb0c063718984ac53e1f0716ca8c9210bdcdddc142c84082":"0acb19f2a65bf0e1d9f9561d8731fe0f0c178443f00faf427973ad45f2df4f4d21a4fdecdf96c34be28e389d8caed96b515ecb215ca915b38c715015e1b07949263fb65517ea4bcae361d76c418cd2c58d29010ea79b9420d1cedf937d3aaae7e29c2170ba88c8328664d884ace90e88c66200033d19ffd52f668b00b0df088b7942377c1aec37b3c304521c394ec749efbb252669e0c0415b8b04b995fc224903b0843fbaf0be1ce804c9f14a5e97afa70d0fca9cb708ad20388730aa9de020" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #9 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"e9ecd00efafeba4fa9cbab22b1b5288c98a36ff1d6856592a288325968c31d7d88fd2be5c82d79413b33c1dbe972859822ca2c8a92e7812479c14fa292a627a8909c3a953a2758d42f22a18682ffa219aa9908e06f521be8fb59ad58e5651aa9d6b95983e23e54cd57dfc82b2077bf96":"adf1f50a295d88f68e8c07a180897d8e7b49f7cc6cb78a3b25ee10b0583a0f0b":"82de6a73568ade5e5b0d8ae37c40ff25e858a7055346020c5e47feddfef75680":"cd0e15d764d2355ac9f1cbd5ea519ed1756a3bfaa55e3783b738c03bdb42e371":"1e592e5003fc0f3f81a7aef2272527980cc5a9ac7286a621513b9c7ce2ea94fbfa255ef2654d673bb8cd13f3a033a7701304acbbe8d19b82a61d2e77e7251f98b0e28e1a694f9cba2c86c7c8cb20d9c2986e52052f701596e3c837af95b166cd227f2fc00edd3ea62b57f60262712b2f71479569c119cbce9d771f8a2cfdf832aa8d70e0a912978fb2bb33b27a185fb3a4caa3a18913aeab095ac088d14381802117af0cc1d97c06fe9730bebbff0adf2ffac5995d299e4defb0722bd93f0799" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #10 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"898a6c47a5cff500ea0f5b18b5f0b4bcf7e75d6d7c92025f9920c666dbc1c5ffc48972e1d519428f8d61dfb5e300b48f2660ff53e1ffaa3950cffc50e17a874182236fbb555d35ced33302ef87b84c0ad31e87441ae365350452a39470567bc009871a3c9785bda4569af33d03d46f08":"9e16568a225b80e9011571f3b55102cf6362e26b8a60fd33680d4e6625738e5f":"b1c65d6e51ba043f63b4251ed58e9a8eebfc289f6285705f8ef44c202c9b4a22":"245ee741a2041eda22ce7053f8576c0a43eae868fd95ad7d58bb921c155b1b53":"b076210688b06ab6b57edf68126dcdfce82b6f9285ddec102ed60730aa7530863076186a3f7affbdd4ef081b7f5a32fb461bc5755ab4f860012631b74ae357fbc3cbd64f0eef8789c6c9dca894a41a005d272b4a57e761f91d221636d0ec7a49f10bb1b4264938604ff4dc7bc97eb799cea9e3e1d7a9b4bd66d88d244e22120bb311f502e66e60c5c9e42731ad320b23d6b06ae92a132b093ad924a1a7e08b5dccdc50e257bfdb63bf5705350588f61e93e4fc5042a2cad1bd6d9fbc82e875cf" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #11 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"8e92836dc5e4bbf9598803efb0d3871e5418cf18f379479bbcbd9262558af6cb6d97e73decb8781c30f69b61c1f5c91a5ea1f10fb1eef74b480e583710d9a6a2e57f8cfc9d0215fa73d1ce9c1562f3cc34be187940cd317b69139ab9aa58d064b6bca59ee6460c3db4e8b57fab0186f1":"6d9afc769985218745235e5af280eb45cec81a2e920c284ed5c77105489e8f4b":"711672f2ca12e7d8f32445a87163bc00f5d0f52c2f6799ba513b68c07c350de5":"426aeab2cfa56cd3146c0eb9facfbc048a504eec3273256b5e4db3d66c89560f":"56325373099fc1dd194555c3a1e69358fc7f80fe6610412cb31c14cdc70c73a74d040746c6cf388fb9718e7446888c6162de73ac097c32f8b4b00dd7f115fed1821d3786baaa1f64885cb93c75531e99171f98d3c3576337c1c41c5bfe83f94cef2adebc88c0790398d4c071488699edd599797c1f8f394b3e00e66bc4b68a7cacd209695961713c3bf2c9a5c8589d935e171f775f366217e2634ddf0db5f01ab31760ebd9ed9724292bec89db06d0145fb824a76292a35f39b01a06c43510a6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #12 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"a4f1fd83e53a406163862260fb9e2ec64d4af74f5fa41ff56c07c791b6bb6abbdb203670b1849afbf0931206ad6393798ff06fba8dca3318c29d9161c0ec18ec5d7d66847b1a618bb0e4f69fa1331fd1db5d5fffdeec5a2e045c588dc95a5d5eac6d35502ebe2e6a57318f15af53e001":"39dd79397f91a97432e5124e7b9b85928f62c598ecd19626070a81a5a8ed564a":"985724541d44c8b865672759c8d36ded75c2189c2281731888a741b305eb4161":"e2dae75950e417c18f1c3e5fbd66b1cc9fa617aa695c9d03d8768b9e197fea80":"703ab1f6a5332f01fa788cf73922a9f6cf856319772eeab07b4795702562cde350a8cf9395976fd227b08134feb469ca34f675c9b6f176ad684a5b0d02b4c135a7174bf0604a1546e7d8d978ecfd8cb6ae5efce3b228dc95cb413b010732c3e7f9ef8e547a93540e5e4aaaa3b0e5a8f45b83bb11209a03883c54f41e494fcbc66c2d57c01002137567ea2f99f7a1ed6c4c6080bdaa299d18f57bb3b386278a78b2ef23a03043e850bd9fd742527c45308e5b910fc586f9f21de7022d02b1493b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"f331ebcdbc0d2dfbf54758680dd49dd0bd666d0505ef6ba1c4bbfb7dee62edc34ea9063632c8e6719bbe140c3c840aabd66e7702c384700921dc1838c6c5a832c650a474e74270c378abff021d60d1a1884939bbdc51c547c72c929c0c73ca7f78668d33fba197642be8ac2d41cefde4":"ec299e456cd1985a3f1022d5c05f0ef9040cc8b8297ba5e404d92a6d36c3578f":"954f464877f7258f99acbfb9adfe4eedc89da71ca82e3581fb5bad127b2069e7":"515f9e746c7407196610bbae963b9bc15b1658972a30e62be6f78caee1287e88":"5aa30a796d46e789c498352ade179f0cd3336418fbeafae0d10fbf7798917672288b3b2a12267fc0435d88b4e99809c1e3067f0d65c910b12a330334b6a23d6d30910d301438c2c999353e1f78019ba7b20eaf68b499ff1e88db0431312a66f35305c4f3c3a2750c95bbc07ccbdf1e4d123eec378b9be8894b597bcc029c664e59e2b3c23fd72841af0ddc9374ecef21885a0b54d13186dc0a66ed3c3caca9e41753813ae61015a952142bd4d7ebbaa3193598be1267be937745fb0de09aa70d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-384, 256, 256) #14 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C hmac_drbg_pr:MBEDTLS_MD_SHA384:"d99ddbd82ce9937cda083e30b3da47a6e6ca08b8f59f2fc934bb3f78e748bb28cfabddb375efc5f2025a53fd073a89b0fbec391290863ad862aa56fe6d945044e879ca05c3c019313f810dd559fa0e682d6b77ff7e612c7c40cd5231eece4018c5b3c0d8181ab44703f7a04c0a1c7c5e":"ebc2193d4a97b97d298f1305b2f7a54dab466f7c4e444831651cac29a6c5bd88":"6826aad41f8ac29e272884cb6d21300c7b0b3ca37205e1720afaf9f716f337ec":"5a7434648de82a3552e12aff800093776ca3e86565b29c0b3ad6c0bc3180623f":"cfc79a89a0a55dc9c6c6eccdfab5a9935335e806b73bab7f5eff5f9fea6aa3f47bf31f06d987a94e2bc2a4a6144ebe94d6f5aa8fcaabbf86a37c8d412207864322d3057b89fef358740c5962cf9e7c37072847fcaa6db693a5238ef270e8414e2b29448bbcc37dceaa75479c2ac5fee2d6fe9ed68516f6dbd90135ddcae8a12d1c1595e0edc34ea2bf00bee7ae773c240c2bc1ed828b7ff91a676891173eec1dabeecb2184df9186c3bd833e349351481655bda91bc0f4e419fb78e426de6b39" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-512, 0, 0) #0 diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index bdcc8db7b8..cf812e6582 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -34,7 +34,7 @@ depends_on:MBEDTLS_SHA256_C md_info:MBEDTLS_MD_SHA256:"SHA256":32 Information on SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_info:MBEDTLS_MD_SHA384:"SHA384":48 Information on SHA512 @@ -634,27 +634,27 @@ depends_on:MBEDTLS_SHA256_C mbedtls_md_hmac:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic HMAC-SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_hmac:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic HMAC-SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_hmac:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic HMAC-SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_hmac:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic HMAC-SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_hmac:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_hmac:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_hmac:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic HMAC-SHA-512 Test Vector NIST CAVS #1 @@ -778,27 +778,27 @@ depends_on:MBEDTLS_SHA256_C md_hmac_multi:"SHA256":24:"63cec6246aeb1b61":"c178db908a405fa88aa255b8cad22b4057016585f139ee930388b083d86062fa0b3ea1f23f8a43bd11bee8464bcbd19b5ab9f6a8038d5245516f8274d20c8ee3033a07b908da528fa00343bb595deed500cab9745c4cb6391c23300f0d3584b090b3326c4cfa342620b78f9f5b4f27f7307ed770643ec1764aeae3dcf1a3ec69":"64f3dd861b7c7d29fce9ae0ce9ed954b5d7141806ee9eec7" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hmac_multi:"SHA384":32:"91a7401817386948ca952f9a20ee55dc":"2fea5b91035d6d501f3a834fa178bff4e64b99a8450432dafd32e4466b0e1e7781166f8a73f7e036b3b0870920f559f47bd1400a1a906e85e0dcf00a6c26862e9148b23806680f285f1fe4f93cdaf924c181a965465739c14f2268c8be8b471847c74b222577a1310bcdc1a85ef1468aa1a3fd4031213c97324b7509c9050a3d":"6d7be9490058cf413cc09fd043c224c2ec4fa7859b13783000a9a593c9f75838" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hmac_multi:"SHA384":32:"d6cac19657061aa90a6da11cd2e9ea47":"9f482e4655173135dfaa22a11bbbe6af263db48716406c5aec162ba3c4b41cad4f5a91558377521191c7343118beee65982929802913d67b6de5c4bdc3d27299bd722219d5ad2efa5bdb9ff7b229fc4bbc3f60719320cf2e7a51cad1133d21bad2d80919b1836ef825308b7c51c6b7677ac782e2bc30007afba065681cbdd215":"f3d5f3c008175321aa7b2ea379eaa4f8b9dcc60f895ec8940b8162f80a7dfe9f" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hmac_multi:"SHA384":32:"e06366ad149b8442cd4c1abdddd0afde":"2d140a194c02a5598f69174834679b8371234a0d505491f1bd03e128dd91a8bca2fb812e9d5da71613b5b00952ea78bf450d5b7547dea79135925085c7d3e6f52009c51ca3d88c6c09e9d074b0ee110736e0ec9b478b93efb34d7bf1c41b54decec43eab077a3aa4998ede53f67b4ea36c266745f9643d5360bdc8337c70dabf":"c19c67eda6fe29f3667bee1c897c333ce7683094ae77e84b4c16378d290895a1" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hmac_multi:"SHA384":48:"01ac59f42f8bb91d1bd10fe6990d7a87":"3caf18c476edd5615f343ac7b7d3a9da9efade755672d5ba4b8ae8a7505539ea2c124ff755ec0457fbe49e43480b3c71e7f4742ec3693aad115d039f90222b030fdc9440313691716d5302005808c07627483b916fdf61983063c2eb1268f2deeef42fc790334456bc6bad256e31fc9066de7cc7e43d1321b1866db45e905622":"1985fa2163a5943fc5d92f1fe8831215e7e91f0bff5332bc713a072bdb3a8f9e5c5157463a3bfeb36231416e65973e64" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#1] -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hmac_multi:"SHA384":48:"fd74b9d9e102a3a80df1baf0cb35bace":"1a068917584813d1689ccbd0370c2114d537cdc8cc52bf6db16d5535f8f7d1ad0c850a9fa0cf62373ffbf7642b1f1e8164010d350721d798d9f99e9724830399c2fce26377e83d38845675457865c03d4a07d741a505ef028343eb29fd46d0f761f3792886998c1e5c32ac3bc7e6f08faed194b34f06eff4d5d4a5b42c481e0e":"a981eaf5de3d78b20ebd4414a4edd0657e3667cd808a0dbc430cf7252f73a5b24efa136039207bd59806897457d74e0c" generic multi step HMAC-SHA-384 Test Vector NIST CAVS #5 [#2] -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hmac_multi:"SHA384":48:"9fe794f0e26b669fa5f6883149377c6c":"6010c9745e8f1d44cfdc99e7e0fd79bc4271944c2d1d84dba589073dfc4ca5eb98c59356f60cd87bef28aeb83a832bde339b2087daf942aa1f67876c5d5ed33924bed4143bc12a2be532ccaf64daa7e2bc3c8872b9823b0533b6f5159135effe8c61545536975d7c3a61ba7365ec35f165bc92b4d19eb9156ade17dfa1bb4161":"915ae61f8754698c2b6ef9629e93441f8541bd4258a5e05372d19136cfaefc0473b48d96119291b38eb1a3cb1982a986" generic multi step HMAC-SHA-512 Test Vector NIST CAVS #1 @@ -922,35 +922,35 @@ depends_on:MBEDTLS_SHA256_C md_hex:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" generic SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" generic SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" generic SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" generic SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" generic SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" generic SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" generic SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" generic SHA-512 Test Vector NIST CAVS #1 @@ -1082,35 +1082,35 @@ depends_on:MBEDTLS_SHA256_C md_hex_multi:"SHA256":"8390cf0be07661cc7669aac54ce09a37733a629d45f5d983ef201f9b2d13800e555d9b1097fec3b783d7a50dcb5e2b644b96a1e9463f177cf34906bf388f366db5c2deee04a30e283f764a97c3b377a034fefc22c259214faa99babaff160ab0aaa7e2ccb0ce09c6b32fe08cbc474694375aba703fadbfa31cf685b30a11c57f3cf4edd321e57d3ae6ebb1133c8260e75b9224fa47a2bb205249add2e2e62f817491482ae152322be0900355cdcc8d42a98f82e961a0dc6f537b7b410eff105f59673bfb787bf042aa071f7af68d944d27371c64160fe9382772372516c230c1f45c0d6b6cca7f274b394da9402d3eafdf733994ec58ab22d71829a98399574d4b5908a447a5a681cb0dd50a31145311d92c22a16de1ead66a5499f2dceb4cae694772ce90762ef8336afec653aa9b1a1c4820b221136dfce80dce2ba920d88a530c9410d0a4e0358a3a11052e58dd73b0b179ef8f56fe3b5a2d117a73a0c38a1392b6938e9782e0d86456ee4884e3c39d4d75813f13633bc79baa07c0d2d555afbf207f52b7dca126d015aa2b9873b3eb065e90b9b065a5373fe1fb1b20d594327d19fba56cb81e7b6696605ffa56eba3c27a438697cc21b201fd7e09f18deea1b3ea2f0d1edc02df0e20396a145412cd6b13c32d2e605641c948b714aec30c0649dc44143511f35ab0fd5dd64c34d06fe86f3836dfe9edeb7f08cfc3bd40956826356242191f99f53473f32b0cc0cf9321d6c92a112e8db90b86ee9e87cc32d0343db01e32ce9eb782cb24efbbbeb440fe929e8f2bf8dfb1550a3a2e742e8b455a3e5730e9e6a7a9824d17acc0f72a7f67eae0f0970f8bde46dcdefaed3047cf807e7f00a42e5fd11d40f5e98533d7574425b7d2bc3b3845c443008b58980e768e464e17cc6f6b3939eee52f713963d07d8c4abf02448ef0b889c9671e2f8a436ddeeffcca7176e9bf9d1005ecd377f2fa67c23ed1f137e60bf46018a8bd613d038e883704fc26e798969df35ec7bbc6a4fe46d8910bd82fa3cded265d0a3b6d399e4251e4d8233daa21b5812fded6536198ff13aa5a1cd46a5b9a17a4ddc1d9f85544d1d1cc16f3df858038c8e071a11a7e157a85a6a8dc47e88d75e7009a8b26fdb73f33a2a70f1e0c259f8f9533b9b8f9af9288b7274f21baeec78d396f8bacdcc22471207d9b4efccd3fedc5c5a2214ff5e51c553f35e21ae696fe51e8df733a8e06f50f419e599e9f9e4b37ce643fc810faaa47989771509d69a110ac916261427026369a21263ac4460fb4f708f8ae28599856db7cb6a43ac8e03d64a9609807e76c5f312b9d1863bfa304e8953647648b4f4ab0ed995e":"4109cdbec3240ad74cc6c37f39300f70fede16e21efc77f7865998714aad0b5e" generic multi step SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic multi step SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" generic multi step SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" generic multi step SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" generic multi step SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" generic multi step SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" generic multi step SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" generic multi step SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C md_hex_multi:"SHA384":"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" generic multi step SHA-512 Test Vector NIST CAVS #1 @@ -1194,19 +1194,19 @@ depends_on:MBEDTLS_SHA256_C mbedtls_md_file:"SHA256":"data_files/hash_file_4":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" generic SHA-384 Hash file #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_file:"SHA384":"data_files/hash_file_1":"e0a3e6259d6378001b54ef82f5dd087009c5fad86d8db226a9fe1d14ecbe33a6fc916e3a4b16f5f286424de15d5a8e0e" generic SHA-384 Hash file #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_file:"SHA384":"data_files/hash_file_2":"eff727afc8495c92e2f370f97a317f93c3350324b0646b0f0e264708b3c97d3d332d3c5390e1e47130f5c92f1ef4b9cf" generic SHA-384 Hash file #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_file:"SHA384":"data_files/hash_file_3":"6fc10ebda96a1ccf61777cac72f6034f92533d42052a4bf9f9d929c672973c71e5aeb1213268043c21527ac0f7f349c4" generic SHA-384 Hash file #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C mbedtls_md_file:"SHA384":"data_files/hash_file_4":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" generic SHA-512 Hash file #1 diff --git a/tests/suites/test_suite_pkcs1_v21.data b/tests/suites/test_suite_pkcs1_v21.data index 405e16b209..c785838a04 100644 --- a/tests/suites/test_suite_pkcs1_v21.data +++ b/tests/suites/test_suite_pkcs1_v21.data @@ -893,7 +893,7 @@ depends_on:MBEDTLS_SHA256_C pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7b1d37278e549898d4084e2210c4a9961edfe7b5963550cca1904248c8681513539017820f0e9bd074b9f8a067b9fefff7f1fa20bf2d0c75015ff020b2210cc7f79034fedf68e8d44a007abf4dd82c26e8b00393723aea15abfbc22941c8cf79481718c008da713fb8f54cb3fca890bde1137314334b9b0a18515bfa48e5ccd0":20:0 RSASSA-PSS Signature RSA-1024, SHA-384, Salt Length 20 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8f16c807bef3ed6f74ee7ff5c360a5428c6c2f105178b58ff7d073e566dad6e7718d3129c768cd5a9666de2b6c947177b45709dc7cd0f43b0ba6fc75578e1196acc15ca3afe4a78c144cb6885c1cc815f7f98925bc04ad2ff20fc1068b045d9450e2a1dcf5a161ceabba2b0b66c7354fdb80fa1d729e5f976387f24a697a7e56":20:0 RSASSA-PSS Signature RSA-1024, SHA-512, Salt Length 20 @@ -909,7 +909,7 @@ depends_on:MBEDTLS_SHA256_C pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"b1e973f21303aa0011d416642cecd45511549b45bd22f910e44bdf7a94b960d8169db60d150786b801b465acb6269aa159fa2529837701e5a263a7f89c1ad3bcb5e18ab4b2775cc23eede79a8eb89c774105c60d8a4cc7be9028a5101566c65f565bf8cf337bb5859028a417fbc862408f1a83d918cad4047843e3ab49c4c229":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"8eb2ba2367b8f0b36b566c938b4d9948b4a0a87dd1c8300a160ec024ad0fa37174d1bba2ae6ee8c7fdbb4d172ac9615f1428599030a33515e2925a268b87c867242ccddcce6c9c03045eccbfee5eeb6e0ce2d89a9c51f40c1732927a6c7d283627dd87eca27270b117e658a3cc9d2ca7da46a76097213a7f3e2a58d7c9d306e796eee94809042bc6768d6cca4e003a40529bffa267914a232f315ddedd2768c60877bdcb05c8f2026179713084a0daf8b494959c347fb65a4414034d21c7a750":20:0 RSASSA-PSS Signature RSA-1536, SHA-384, Salt Length 20 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"b1e973f21303aa0011d416642cecd45511549b45bd22f910e44bdf7a94b960d8169db60d150786b801b465acb6269aa159fa2529837701e5a263a7f89c1ad3bcb5e18ab4b2775cc23eede79a8eb89c774105c60d8a4cc7be9028a5101566c65f565bf8cf337bb5859028a417fbc862408f1a83d918cad4047843e3ab49c4c229":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9fa4e64bab336017e19015ee7ea1e267bf426633fb2ac5f4d65bc754aba17f7a9f0f1ee2bf0a3b9f2dd354ed8eba596f5ca3e26495ef268658bd247474d3524b11a2953f591f8abb14ef4bcd44dadc36a41f9daef1bf88b7e441160278c8a39945524557b84ce5cdcb79eecbad63658e8470d8dc94b44aad1f04b05400ea04e5f959dd18f6f718311f6dfec98a7e1aaa7ba11771f61448b12d7901a2530e830dccc531fd0dbe222215b3f7b9dafa5fc20d5af15ab312b621d71b2106150a801b":20:0 RSASSA-PSS Signature RSA-1536, SHA-512, Salt Length 20 @@ -925,7 +925,7 @@ depends_on:MBEDTLS_SHA256_C pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"cd74ae6152d5fe5ce3d9073c921e861a24208f0c68477f49c825338e1ef877c0c977c1d2ffcb20e964db6fbedcccce449ec8538c8bfffce5bdece84762dac7f2cba69052c0c67226178a0ce185a2e050b3e1057e94411dd5f726878558e7d62afc8a81a93dcfdb5a2271466d32a8a4868af20fab2e13ca609d5a7710a8278aaf":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6375755eff8d48afb3263b3b96988a2afd181ba061793ea009783bb1599d03944d987620a2668ac9714d6f2a21f7e5200d63923f42cb32e63301c8de58c70a203910640da967d03f4f6292f6cb199759822790c0c5bcfb1d4faa59465c3db2ea1fffd5e543335632b74745bf1e18473c0a8b4a89def6b27edf0d7d735ee13f887041c9d8a91e62186a9a1e0b1afb48e577f6887ca61b7c1bb26b4a8e2cc464a9af03444b3da5bed08b73f1262bd3d61f4c78f49fac6a3bfc9e8548b4bbe64cce6a6090fc480efd1f36c18c10bc09be9d957a79f707a10577a1bf6e9e2d4849693fa58d8877c8f1e55181955d6c2b94b1d6d9401b5fb80cc32b358934fec2aedb":20:0 RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 20 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"4d41e81fe7729b79c1703ef84bfc5e842050213c31b188b02044f151ea22e026c9aefec05927626ff97910b67459bffde190e086c797dba285659c25f1854e17406b66ac2608e4763d9cd5daabcc1dc100f4738f5dbead59dbf43e532a92fd87792028cd963ea8f75781964c387dff384523e4413b4e853dea98e0c2dd7274df":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"b43d87deefa7df127a717f4065f831c58cd84bf78c916ba52ed32769abd541df52233b8583507c539b1d51e0437ab1a41e17fc1599b92aabdb5b040dc79027c60c9cc3ed3de36aeea28f20360635be5bf654d6c1b7fe6da77d0c45b9ea2802ad22eba182cbed95d33da7f78ac844f4891cebc0396caa2f8daaf55254fdafe98b5fe6c4dd3967d23ea99497060820e108e818cd0aa94e65770bde892c62233b96d87fe545162d6ba077f110274bddacb2a7cbf17d437bfe004b34c3ea24fb46e5ed9cce4de96b0694efd73832ec76e19e5a25c49c5843393ce6b919ea35e4d264e0a0855f518a63c008c183798ca612cd8f75688a09210413e0a23cafcf2d4158":20:0 RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 20 @@ -941,7 +941,7 @@ depends_on:MBEDTLS_SHA256_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"e2f6dfa5014fee6b1b04108682e85619ded7c4647faf4ae8f19cf6cbd199677fe033859f56906f1979b1b5926df4c8064eddaeaf7c15fa2936b3fcd36bbb3578cce40d2f269fc97fef54b7c71fefabdd419baff6c9cdf7c6a88513e81ed1687fcf92e11e1a82e2e5a6767eed3de1e9e7de9a30ff0ddf27076e99a3d192e1eadc":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3a0622ddff5a0c1f5b545d684054e46211786a2e40627e0cb6795ea0d176f3c97e6536fb64c5eca7b28b7ac52e48e3d50b916d2fccb87d70cd8eda7c15c2308734254716e5b400592cc2e5e033ba27866cb14fefbdcbc35d5d85d4eee8ba6bc2da995e8ebcc27d50c48aa988bf45fde27311a9e2ec029d0fa6fa6d3efea460fc1a90e443d807d209a4c06bf3022d529ab2e4a877325fcccb3f86ac16200ab95628bf0c1c8c70f6fe1a9f288bbc0162a392f40ad1109cdbbaf03d9b2d514a60983874350be9aef886c3c481a66325f137aecb4c82a8a73046dbc1dd8598ffbdb828a3d638f9dd8139a768dcd8d30d79740ef345c1644d03e6fb86a46367f6d82a7a819057ae490e1b100b5842ed385845f379101e37ce604531c61de423df66200d45b7229662fd0ec3572593b09a5213ec14c1d7b2338ca9c763c0d18946f04eaaf57ea2ebc79e093f2fd4c64cb1c1a7f0e888dc2d87a15eb769f56dc180cfe1597cc3e4e1811d4e27852fa188c8fec4fc917d4724d33ce5f3211895cf7e8b8c":20:0 RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 20 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3f90aeabfa9a5f00e241f3f65dfe61baf67c1356353042c3566edacb11c7649737e5adf94cfb05f2619aecc8895db45190fbdf35dab01144e207b6f0923927a6148d3f16eaad05e73bccb562dc087e2d82db3dce130a83e8303bd7c3447b3ae4d3700d4763ba6981d82618ac82a6e66423f294781a59b20cc978c79e2d5c103bfb9d47119294c3c85b1d3c45a36897d42e183514cc8edbbfa1be9ef17b78280b5b6214dad79d60db057f22506515b6843ce7d4dd6bd861a889b36164c325147baeed714d7a3f55ae51ef6e6d4ae9e862d677caba1a2df369c23d3ffe33dd42fe707e1fd8ba6283aaa0b570353b48a8e39ff72a09f700e024150ce87c044a3ec745b212ae81aa5743b981a8bb95deb6b3e15c2487f7900178d5840f8e794662706dcdb19bc0bdd56cb7fdf0e21d10b03adac41b749f31bd3e7c4d07d5d4ec8e79d424812b6e83f1c7b59779e58029f9b07da3e77795fcff6ae8bb098b1c00d1d2a5bc0cb005ef3d8aab63ddd883d38bacdc64307e911c6e51946744f361fe978d":20:0 RSASSA-PSS Signature RSA-3072, SHA-512, Salt Length 20 @@ -957,7 +957,7 @@ depends_on:MBEDTLS_SHA256_C pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA256:MBEDTLS_MD_SHA256:"466d2621acc8a91c729334f1ca433bdb5605058d4851f86cc8c217fb9625c996f0d0dc64b635c987ccb63a95c0bbc94cac020b815e37cd5ab7c59dbd51eb8d0864123303eb5ef413028383b093daa41831b4364544ee701d67c56bea0eece0096cdc34e6946cb128dea117288cc753a8adc08ec2429d691ea06b8768154f4d01":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2e512f73d198e623afe019bd4cea9192ff8b24ab555099d31bd52d705fc808229a269bf749c8061a3dc7ffae9ef7c6bdcd8c34910f92f0a0fcd6d73017ca3388ca5e99a1735e005ff5d5eade3ec0ea0c2436f0e78b197c2d999ba4351b9e37a09195504b63a42762bea22d307a0328fc9c80acdc28fc8f4050e25fbd5890233028f97ea3a2669ff4d5f4232c1e48571499af28ed6f5a92e7936de39d913e12c5cef51e25f90a1e903f3f60a6a9cddbc56564b146aca6af6236b899c2cb7223a6941f0beaa3aa787b2333e4f3e66b334b99b90825153ebd0095f27691880f44e4e77135f26df376e261adfe0d8354cfa15b49138d624d9f62a9751221ee0598097891c9864ad3651e89723bc9ec6086f571e199619ceb6720ab5a4998254cb807dce75a5a5203d38a9f5d56adee4239ff50cefe3e927eba91de7e1f8e1ae8b0505c077788372af7d8ef00735cc531fd46dbe86702ac49171f0a921f4626442ae960e972a5594ee3bcbfbf687cd96ed300aa9df1b9487607b5bae0f1abecbc1d2291fe93b9f8a091ffac8469b0f00ba561f0628f5e004ed1fd8713650e147c4b2cab7f4d69a4ad57b145c1e5e4c1412e86fbbda5a6096f66293203207e35098bf94dafff75ed094d10e6034cd22179d94655004fa4bf4de774807b6f5cd27d90255468cf01db7b6f82607df597f72d1f9c9c91d17740a14a4816ae65e63fde480d":20:0 RSASSA-PSS Signature RSA-4096, SHA-384, Salt Length 20 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"344a458b48d68949ab0effd488443eb54ef367d74e005aec85402a0bb63bcf9ebd2f1b7b1f58f051e56faf46ab71f3def4a1801fc0d076f361dccbcd8a77f78fa929f1ac76985b89cc08f92ab91e680ad1e90d4ac7234b0e3eb3f925dc7713e8a041af64761f33bb09e0c6c7d9d304018dd2f6a18a7f4107c4ce9d5ad4c4896f":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"364ad106da2cec6ce94e141e16af855f6d6e31ac6d7bdb2649695645a3d7f176a9b55f60b861776d49077dcfda4db42bb584767606f90de7289e71f188ff139b138bbd24f7a7f50192a137f2c648e19fe78a836bd2a01d31b248857cd29dbf3d1251c2d4cb339f2ff78add26304fbc3e44f8a2f04b47dc754b984169fba4a091d70f956074880c709ee849a05f8f2dcffee09b221078e98b6e28a965a2d44fcde72c6b27ff0a3def818d80aaba17915d37ad1d72755548310062e73da15a8d2544b311060b404683c00394666dc3a890f60ec9d85b2d0fca8a76fc96c4cfd0e3c4a83594957bac42866c395f8feab3b40c9bc9a675f47a1cd62fc43ebe0fff2bbd239130bbbe5257c5c3756044eb2190db7a309cddc4ef410e9abccd0f93158e0edfab2f0a50e80d814a428f61c531b2b747e64feb41523c5802a53c374f35df21abe67a877d062f56a001b47ee6ab571b0bbe7141e0b49cfdc97a15dc19138863d140cc772074c12b3d751985b7852fe76932be1f44a165f4fe58a341d28c3f86924defab4cf2458ba4cc3fb92558511ceee6d91c672b24b8727b867132bf6b8d7af714ab668f06f046448c1e854ae98e59cf21f2b7370c9378ee0eb34b031f9f4795057557773af0f7fc18ddeec7e95c2ccdd5f66ed224d08fbdfb37995e87f4df9691e499d77afaa8d5b93f3275c43f69edbe37672cf192f94509df0a4e9b":20:0 RSASSA-PSS Signature RSA-4096, SHA-512, Salt Length 20 @@ -969,7 +969,7 @@ depends_on:MBEDTLS_SHA256_C pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"37ddd9901478ae5c16878702cea4a19e786d35582de44ae65a16cd5370fbe3ffdd9e7ee83c7d2f27c8333bbe1754f090059939b1ee3d71e020a675528f48fdb2cbc72c65305b65125c796162e7b07e044ed15af52f52a1febcf4237e6aa42a69e99f0a9159daf924bba12176a57ef4013a5cc0ab5aec83471648005d67d7122e":"463729b3eaf43502d9cff129925681":"7e628bcbe6ff83a937b8961197d8bdbb322818aa8bdf30cdfb67ca6bf025ef6f09a99dba4c3ee2807d0b7c77776cfeff33b68d7e3fa859c4688626b2441897d26e5d6b559dd72a596e7dad7def9278419db375f7c67cee0740394502212ebdd4a6c8d3af6ee2fd696d8523de6908492b7cbf2254f15a348956c19840dc15a3d732ef862b62ede022290de3af11ca5e79a3392fff06f75aca8c88a2de1858b35a216d8f73fd70e9d67958ed39a6f8976fb94ec6e61f238a52f9d42241e8354f89e3ece94d6fa5bfbba1eeb70e1698bff31a685fbe799fb44efe21338ed6eea2129155aabc0943bc9f69a8e58897db6a8abcc2879d5d0c5d3e6dc5eb48cf16dac8":15:0 RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 25 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"833aa2b1dcc77607a44e804ee77d45408586c536861f6648adcd2fb65063368767c55c6fe2f237f6404250d75dec8fa68bcaf3b6e561863ae01c91aa23d80c6999a558a4c4cb317d540cde69f829aad674a89812f4d353689f04648c7020a73941620018295a4ae4083590cc603e801867a51c105a7fb319130f1022de44f13e":"b750587671afd76886e8ffb7865e78f706641b2e4251b48706":"2ca37a3d6abd28c1eaf9bde5e7ac17f1fa799ce1b4b899d19985c2ff7c8ba959fe54e5afb8bc4021a1f1c687eebb8cba800d1c51636b1f68dc3e48f63e2da6bc6d09c6668f68e508c5d8c19bef154759e2f89ade152717370a8944f537578296380d1fe6be809e8b113d2b9d89e6a46f5c333d4fd48770fc1ea1c548104575b84cf071042bfe5acf496392be8351a41c46a2cab0864c4c1c5b5e0c7b27e7b88c69f37ffa7e1a8cd98f343ac84a4ad67025a40ed8f664e9d630337de6e48bb2125e2552123609491f183afd92634487f0b2cf971f2626e88858879d45a29b0fefb66cd41b2e4e968385bd9fc8c7211976bc6bd3e1ad6df60856985a825f4726d2":25:0 RSASSA-PSS Signature RSA-2048, SHA-512, Salt Length 30 @@ -1017,15 +1017,15 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":63:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length 0 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"9110b39c1ffc2d8a5f24e965e3985b06871c2be23e677bb3ea879b7b6b25c327ebdd9434387cfe5f64bcb6900a5c8395549e3681390583786b709257ff0ad90507a02ec6abb40e33dec80097322876a84ee98b1fe79ced62ba4f983bb9b52758bf9856098af527924ea83291762b179894f1fab6d8c9867b0244393fa32b5871836fa4446b247153bc117ccaf7cd51c5ec026bcaf9b634182cd19a0eb95ec40dd5e4274750c9ee3b1379fb339fa4ed8348b104936396355bea0a00337b83f47d2fd7e7353f3009752f970eebc1bbade601b912f7b0984bccc68941ed23bd31fcd23a7d0f2b0cfaabdb3d361969f485e5d198442661ee71eef258ae9fc27a19d995a5695c668f9ab78622486d6ccfe4ae11de9240588fafbc75f8bd0d04de5f2959c126b7c672eac8bb65031ea22ebb4a4e36c12f427d2dc4619eb30ef1c90ec951337a364566f0d2e32f311b425a68fd5277a85dc8d8041ab2a0165c39fd4e39160498d5eae98965e8745b77390e5ddeff0aeffc0fb18839455d524826a1f366":0:0 RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b3fe26ee600cfb2d187384e529f280485cf84830af8cb015878cb7c4c74ad6ab38fd8998fa74b612e84af8123d785a8a60a2bb002f7b15a6f7cd6bbf18325a412fd3ea2a48903d30db2543089d9d82fe304dfe5fb903f6a0d1625fe994aa2ac47e04eeb6a51be770312a88cec80bbcf849ab57f2af4e9370a0e35a458d8509fb89e8b22ef499af25c427e48c2391747d3ccc6fdc1b035cbbe6a6f1742bfb6fb5d411d4c8bb73ee7f9bc2fbcf54603c813c9c6d479fb9f38650f4fa8ce05a32c47c078d278b7b97173e82d692e303141faf71573f2b5ab58c4fa009200a3be47633719dbeed24d61ba7acae8abfc2aa5f33f18e6f4c43eb8be3e4bbee1090544401e202ef06d90aae75a939256bd374afc5030f1146ea9d2acf4918dfe96d13eb5f16da55efd504657e3d8aea010f89c60288d74963746422bd7cf":"57a5511992b30d39e150b6a7a760a74136db0a24bc635f3a700a74f865a7c9c0ed2e2e196022a6d17ad7c2d3f12946828458015beffb0c0652de2cc9c3366aaeb7634c5d6ccbdf6c7c93b8feff21a7d2831ac3ee73fd98f9c972dcb833ac61323b77ec249db0e4fb9bf33c71aef9d2aaef40aafab2cb3870f0224c8d0c3ada2abb9d3dd601a038594d290177277a8b791ebcc211d7e5379323a633c62fe9cc2394bd7a977a604122ee9799e5368cc17e1af1795046e76899aa6e7be8f27b1a3e96daa81784d967e9a36cf1912936d7ae11f80aed79c27c53237e7fa009daf9240fb205f83e8c6f8f57d3c3520e0e60213a203432c18d92979b13555ce6eab075ddb38b6d820e378ac4e3afcb3d57e5c6d3c11f165745996fdb61e36b842c6ec81d6437073fe9fc96a4dbc3b188ca766a7f7ef786f39729cadcc5700fb0fffeca0eb0bc47243783f129917948df9bee23da83fadadfa87708e0a839a62965a5d2b9a7cd16b4675cef6afc8fbc2615d97d11ede47f4dfd83e74847dc184ccdc4fd":334:0 RSASSA-PSS Signature RSA-3072, SHA-384, Salt Length max + 1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA384:MBEDTLS_MD_SHA384:"692acaaf5e277cdd4b3fdc0a1ff1785bfd28a3a8ec1bc97fd072ff6c99aade77baba92efdcf72e66d43542fdd32fb0e2dd29bb167dd36174b671ebef3c39c21be5fc84ef5a0957c9124f7eb281c12ae38cff9289413245c6c537bff88d013b3dd138c9373e26a00cecd4b5b18f708d69f1f24f88a0001d7de30ea40ff3c9f2e7":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"":335:MBEDTLS_ERR_RSA_BAD_INPUT_DATA RSASSA-PSS Sign. RSA-520 SHA-512: Salt Len. 0, no possible salt size diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index e51a7d2681..0b94699321 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -67,23 +67,23 @@ depends_on:MBEDTLS_SHA256_C pbkdf2_hmac:MBEDTLS_MD_SHA256:"7061737300776f7264":"7361006c74":4096:16:"89b69d0516f829893c696226650a8687" PBKDF2 Python hashlib Test Vector #1 (SHA384) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":1:20:"c0e14f06e49e32d73f9f52ddf1d0c5c719160923" PBKDF2 Python hashlib Test Vector #2 (SHA384) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":2:20:"54f775c6d790f21930459162fc535dbf04a93918" PBKDF2 Python hashlib Test Vector #3 (SHA384) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f7264":"73616c74":4096:20:"559726be38db125bc85ed7895f6e3cf574c7a01c" PBKDF2 Python hashlib Test Vector #5 (SHA384) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pbkdf2_hmac:MBEDTLS_MD_SHA384:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"819143ad66df9a552559b9e131c52ae6c5c1b0eed18f4d283b" PBKDF2 Python hashlib Test Vector #6 (SHA384) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C pbkdf2_hmac:MBEDTLS_MD_SHA384:"7061737300776f7264":"7361006c74":4096:16:"a3f00ac8657e095f8e0823d232fc60b3" PBKDF2 Python hashlib Test Vector #1 (SHA512) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 91d51977a2..9072325160 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -651,147 +651,147 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha256.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #75 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #75.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #75.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #76 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #76.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #76.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #77 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #77.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #77.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #78 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #78.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #78.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #79 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #79.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #79.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #80 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTest":0 Parse RSA Key #80.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #80.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #81 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #81.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #81.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #82 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #82.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #82.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #83 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTest":0 Parse RSA Key #83.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #83.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #84 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #84.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #85.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #86 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #86.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #86.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #87 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTest":0 Parse RSA Key #87.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #87.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA384 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha384.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #88 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA512) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 6f9406ce13..43e4c53e4c 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -29,11 +29,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"cd810e97dc21095ea7a0238027a7bafd343e01444785ea9184a44a79f80438c41fc0b57aa95693407da38fe5ff0ec1398e03361e51a3dbe134b99cca2df0cef1c444ca54d2b7db2789455b6bb41918c24001fd82fc20ee089de3f34f053699c1c5f7954ce0aaabb9d26fce39d032894152229d98cf64ecafc7089530073c61d9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"7b5fba70ec5b521638f182bcab39cec30b76e7bc017bdbd1059658a9a1db0969ab482dce32f3e9865952f0a0de0978272c951e3c015328ea3758f47029a379ab4200550fba58f11d51264878406fc717d5f7b72b3582946f16a7e5314a220881fc820f7d29949710273421533d8ac0a449dc6d0fd1a21c22444edd1c0d5b44d3":0 RSA PKCS1 Verify v1.5 CAVS #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"44637d3b8de525fd589237bc81229c8966d3af24540850c24036330db8007e6d19a19486018b2b02074da590aaba9d2c8848c0a2d1b6de4dfaf24025b6393df9228008f83f13cc76a67cfbed77a6e3429342824a0b6a9b8dd884094acc6a54bbc8c8829930c52fe39ce5e0dcd02d9553ef899d26eb6cae0940b63584e2daeb3b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"38fc4f6f0430bb3ea9f470a4c0f5cebdabac4dbeb3b9c99d4168e7b00f5eb294ec0ece1908eded1f3e14f1e69d10f9feb425bda0c998af945ef864298a60a675f0bb5c540a7be3f534d5faddff974eea8bffe182a44e2ee1f4f653e71967a11869ee1a850edb03cb44a340378cb7a1bc9616d3649b78002b390a05a7e54edec6":0 RSA PKCS1 Verify v1.5 CAVS #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 # Bad padding after performing the public key operation mbedtls_rsa_pkcs1_verify:"d03f12276f6ba7545b8fce719471bd253791878809694e8754f3b389f26c9253a758ed28b4c62535a8d5702d7a778731d5759ff2b3b39b192db680e791632918b6093c0e8ca25c2bf756a07fde4144a37f769fe4054455a45cb8cefe4462e7a9a45ce71f2189b4fef01b47aee8585d44dc9d6fa627a3e5f08801871731f234cd":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"d93a878c1ce86571590b0e43794b3edb23552797c4b8c9e3da4fe1cc4ac0566acd3b10541fe9a7a79f5ea4892d3069ca6903efb5c40c47eb8a9c781eb4249281d40c3d96aae16da1bb4daaece6a26eca5f41c062b4124a64fc9d340cba5ab0d1f5affff6515a87f0933774fd4322d2fa497cd6f708a429ca56dcb1fd3db623d0":MBEDTLS_ERR_RSA_VERIFY_FAILED @@ -58,7 +58,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"c81f04c79982971fa176d64e8f7f8812f86a94c49e84672ff10996a2d6dfc444a884c7a87c4606a1aab22558894ee59b798b457827f5ee0b0cadcd94371902cc4ddaf97acefed641997717bcb3cc74cd440f0a31e20fb95812cecb740c36d6d1bf07e3641514cfa678aff2a39562ff4d60e02b17583a92bf0c56d66bde9e09f8":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"52111f4798da3c11b3c74394358348ab0fc797bde99080f238d33a69b04b08ac2bd767b33872473943e23af27ca32fd568a43a8c7d6cc55b4fbb380212fdfcb60487e20694d4287e233efdf7b04737c0037a592d03077801828b051998c42b9f9e2420063331d5b2349918a64d8b65b21a2011ee7318fcef48aced95b8ddf501":0 RSA PKCS1 Verify v1.5 CAVS #13 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"a97824871770b79da979a111f6decfb1dd11bd946cfa800b008f0ad5aea5aa92e205d27a46c31d4fe6cb909091bd21f082fb75074000ee46c2f3e530d77b34c7c5d6f8453025950d3e0afae1f9752655f5bbea8432e9f1014357ff11b08076179a101e4f9d3f25bffb5e656bf6afe6c97d7aa4740b5d9224cde4dede035a7768":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d5dcd27c74e040ea86f106b63d3275fa7b7e98d2dd701f38ec15fc7301b72df127f6d3bd5571253a0b9e0e719d7d522893896941a1aeccc697912282b5308d829b91905b5dd7b7e1b8fe27e2bd4003b09dfe7fe295f8a43c076c0cb52f2aac067e87de7ffe3a275d21a870c3dfc9b1d06d7f018667de9eb187bdf53d282e5d8b":0 RSA PKCS1 Verify v1.5 CAVS #14 @@ -78,7 +78,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"72f0b1ae27e1f5e5bfa15ded204c2c54b47b2420750a3eb5471f9ff98b67c8b5f1a30d3f8d6448562e12ce4deb33a26cfeeae993d6be9e20679d8713c5216870f11276e5f22b0ead2821a7b4dee106fc1e19b13fc9fba5d6e73e4bd93b65a9881a43d5e97ebfb0b357d5d06b21ddbecdbb10626d7748bb9e6e07d49316bbf3c4":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"8117a6897e14c183737661cf5741350a84ae00495cd9ee8fb033582e559f79701ab424706660515ee5821a69a6850647ec641676a625d1a3899932aaa52161fbc0c0a825db82fde0585b3c9b9c16de43e26da6a30fe5a601dae68bded1e29ec34557b5f6962efb10b9450d6f096655f68e8499cfa16a0adeb9075e7b91851fef84243132d08273d35d01ad89c17e1e6e4deaf1cb233050b275fa9d2cae57e9e1a0e23139267040aa39b6abd8f10fa1cec38ce2183573ddc11626fc262e1a0ced":0 RSA PKCS1 Verify v1.5 CAVS #18 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"f80c94a2b53736978adf041886ad97ab2aeb9e91c08bd4eeef6b2f2b8dd75a99b4506657188bbd7597bd5759121630627c8bf9cc30d90dd488c7a81cabab5350a62fa30abf5523f305b98f2c2c1743ec980cf26ab8219bfd9505b981ab1abbfef733b384519d5259fc5c14577cb6b88fa7f6f332ff6a65b23faecc24342c78e9":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"6b49553ed964ae196a41ea281f4d2a250ce7d1e7434e45cf6a82f7bed17554f39c3f0241e0364702fcb87475eb0c0839ffd2180890fa05b4bbf31bbfa4bf5119dea0c9f88e1e9617fcdadabc6fa1945136cc66e039b905d78ed365c5806d38aec88b3edfb86c05ff446dbfd51d7cd75cbf8d3b85154c783765386f51637532221f52429db5612dcc034968bb8feab7dc6f5ed1f2feb557f6dd49c980296117be2c4195ec7b6101ea767df9d16a56fc9709b49308a54dab63dbc4d609f959ce17":0 RSA PKCS1 Verify v1.5 CAVS #19 @@ -106,7 +106,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"1240028c6d7ab3992ada0e5ca55ee4f3d62f8de575302d5861d73685423c2e6a6d6fb3be090fbc2a701821b6d8fd5e8233f794b6549cd0bb52b390ac31478307bffa91a9bd9c1bf93ffc846356fef008ebee4bb3ee148e0fb1893d188e4934d0d088a433d14a596c5f2e3e49648a22edc6bdbcc58dc1edbd440046b3a169ca2b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a003ae9cf0704d58763b214f20446ecc4099c566f25384e28d0dd6540c58705fc8d0bfe1ceaa06096ed1e230146edb82056e39e6727abec09f25e44079b6ce1ca2c6a540dec7aa34444d7d435f41e5fca9b0bba62759ae2780638e5160e031bb60409c2e85674ac7a776b444b37b9d7f4dbaa557e88b8562a584f2dbe90729b241aede95dfcc7e05b10deef06255cb89f0e7ccff23354818756a1f8bb9f00fd18f6cd22ca1b4bfc38027562bb37562c77c7883b5d735170d75521195fd3f2bd3":0 RSA PKCS1 Verify v1.5 CAVS #25 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"67922a8b9cbc95cf7c555ff2d73cfc62ee04c3f0df9bfc8f64293a58bd3bebd2eb212d711f94e35c729d0873d6b244914d21bd0e59b23089b38740e43f480e8f407d090ac93b08a57403968b55e78cfe31eee6e4ecbacf834168fe89b6b8454fce6e675e80f82b33e850ae3f3d24fd320335e37981fd000576941b4f08d4ba99":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"2c6b301852cc55a993a933e2c080eb9dabfe19e9dc3571066caeabed1492d3501cd838de1c01784932df7a5ad5bbfb48c78f53a45f76e9812d046f23bd968495ef7e981e5add4acfc538fe33a5205de74bb37d3d9b6b87b2d174e85a73f216fd67d5738fc469dff7ea6b852e8dd08bc8df036597372d4d51185e6f47a45fbe1b9bdb06a4018783425ec95294de41f27235ad3b3263a890b8b62b17410a9bb08673393ff205a866ee2057e99c6517c6bbc84f8d87717b83d6f64de7ee215e1e8d":0 RSA PKCS1 Verify v1.5 CAVS #26 @@ -130,11 +130,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ca312774f2756ac2019f213a01a63c9a0b4a49ccafecf25e97a4c632668e3c77e664f4d7635241f25205e50c37061b02c546db8346fa597c3da8cfd44a827c5a4ff4ecfcd1797b39a1b215d9bbb93fdb6eb35bafbda427a5068888a6e19f86224b0897490491207e35ce39085668b10b4fb851b7dd9465c03869790ef38a61b5":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"a202c33eb831b9d8e818b6c3bcdb42818e1d9c22a06ddd73a17a21e49d18cda44df349a066477cae068e1a5d2b518b0885e889ef796ca9e6f42a69ac755b8a6405fbaef93fe0130d98de35d689addfee3eecd26658903f774bda481c3f40ee0e9569a3c3e2da7ad576c7de82159d933e36fa29cfef99367005e34ab5082d80f48276d37dabc88dbb023bd01585329d2ccf417f78ec508aaa29751007d31f1669296b981d44c8fa99130c5df7a071725b496859314aaf9baf0ebc780355914249":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #31 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"2abe079077290ceb6c80ac5c61062ce8da814b1fb99a1a9fb2860ed900e6541856ec64bf19c0d9d1cc2280b7cc50af3e3d2ad8e044945d44761ca60891dd72bd6aa26a33274ffcf7ae7d661b5e651135fcff21aaf06b4a2db18fe5827e0243884f2841760b9f1c65fbda870f7f0cfbd6ff484f0825e688614928f2d12d1e7080":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"402631f3cddfb02cc4d9cb58ef1ab6726bd787a50e12e98567c9702bfdf47af85904aec5a2f6c5df9a10f08f90f93728eb090ae2ac21ded9f38faecd8195f3eb3d4107521b1cee956e7a214245b038adae912fa35ec97cb3bdc41352e8aaff80173561284cb740f999a3cd6653a6c3d5a3f911a416f41e2155083982c99eb5998a0a74d77f1ae999d901ee24a7f2c424179a3f92b07dc0b3498c1884e60677bee0175e810b426c4ad008d2743cd19b00b33177bf8be3fed7f7406e1bce0c2ea3":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #32 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"da9505809dc92cfd8e01a1857dde52df6677c40d98f4577c1659ca7d3e9f01f9a809065f51b54fe2f9723fe2c9d1eea7397f2d5531d1c51c6ea100b028596bf9f24dd90be14eab58f07b4f24a35b073aeb29ecde4a6f320237d7adbdc43d94f87e08866b95bbcac83dc7db3553a42400441f088e2bf6259539a2da8b5a74065f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"57edd0560df9840a25c28ff6d254e432395a5cd2d92248b3b44d7eab0fc65b3c4e545a916a8e90ce89745119db9ec9799aa8890f5250fb589cfc12dac1b6e406a39bc3b3663892da5354ba453cbd5e4c89bdce82d0ffe97052a03a5c3308819c1139ebc780c13cf6dc1477faf734abcb1db3fafaed6f22885c9c0222ff5deacb8cc6d027f2e959c3075011b382e88c4b27b83b4f2e6fda022e331c3602d19f5ac7bccfe95ea1e93d736dbd918ae5b1f468cd0b5b536a2f918d5e27a0757e75b7":0 RSA PKCS1 Verify v1.5 CAVS #33 @@ -213,11 +213,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #4 Verify -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0 RSA PKCS1 Sign #5 (MD2, 2048 bits RSA) diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index f67731e7f7..2354f2dc05 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -114,35 +114,35 @@ SHA-512 Valid parameters sha512_valid_param: SHA-384 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"":"38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b" SHA-384 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"ab":"fb94d5be118865f6fcbc978b825da82cff188faec2f66cb84b2537d74b4938469854b0ca89e66fa2e182834736629f3d" SHA-384 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"7c27":"3d80be467df86d63abb9ea1d3f9cb39cd19890e7f2c53a6200bedc5006842b35e820dc4e0ca90ca9b97ab23ef07080fc" SHA-384 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"31f5ca":"78d54b943421fdf7ba90a7fb9637c2073aa480454bd841d39ff72f4511fc21fb67797b652c0c823229342873d3bef955" SHA-384 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"7bdee3f8":"8bdafba0777ee446c3431c2d7b1fbb631089f71d2ca417abc1d230e1aba64ec2f1c187474a6f4077d372c14ad407f99a" SHA-384 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"8f05604915":"504e414bf1db1060f14c8c799e25b1e0c4dcf1504ebbd129998f0ae283e6de86e0d3c7e879c73ec3b1836c3ee89c2649" SHA-384 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"665da6eda214":"4c022f112010908848312f8b8f1072625fd5c105399d562ea1d56130619a7eac8dfc3748fd05ee37e4b690be9daa9980" SHA-384 Test Vector NIST CAVS #8 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C sha384:"7f46ce506d593c4ed53c82edeb602037e0485befbee03f7f930fe532d18ff2a3f5fd6076672c8145a1bf40dd94f7abab47c9ae71c234213d2ad1069c2dac0b0ba15257ae672b8245960ae55bd50315c0097daa3a318745788d70d14706910809ca6e396237fe4934fa46f9ce782d66606d8bd6b2d283b1160513ce9c24e9f084b97891f99d4cdefc169a029e431ca772ba1bba426fce6f01d8e286014e5acc66b799e4db62bd4783322f8a32ff78e0de3957df50ce10871f4e0680df4e8ca3960af9bc6f4efa8eb3962d18f474eb178c3265cc46b8f2ff5ab1a7449fea297dfcfabfa01f28abbb7289bb354b691b5664ec6d098af51be19947ec5ba7ebd66380d1141953ba78d4aa5401679fa7b0a44db1981f864d3535c45afe4c61183d5b0ad51fae71ca07e34240283959f7530a32c70d95a088e501c230059f333b0670825009e7e22103ef22935830df1fac8ef877f5f3426dd54f7d1128dd871ad9a7d088f94c0e8712013295b8d69ae7623b880978c2d3c6ad26dc478f8dc47f5c0adcc618665dc3dc205a9071b2f2191e16cac5bd89bb59148fc719633752303aa08e518dbc389f0a5482caaa4c507b8729a6f3edd061efb39026cecc6399f51971cf7381d605e144a5928c8c2d1ad7467b05da2f202f4f3234e1aff19a0198a28685721c3d2d52311c721e3fdcbaf30214cdc3acff8c433880e104fb63f2df7ce69a97857819ba7ac00ac8eae1969764fde8f68cf8e0916d7e0c151147d4944f99f42ae50f30e1c79a42d2b6c5188d133d3cbbf69094027b354b295ccd0f7dc5a87d73638bd98ebfb00383ca0fa69cb8dcb35a12510e5e07ad8789047d0b63841a1bb928737e8b0a0c33254f47aa8bfbe3341a09c2b76dbcefa67e30df300d34f7b8465c4f869e51b6bcfe6cf68b238359a645036bf7f63f02924e087ce7457e483b6025a859903cb484574aa3b12cf946f32127d537c33bee3141b5db96d10a148c50ae045f287210757710d6846e04b202f79e87dd9a56bc6da15f84a77a7f63935e1dee00309cd276a8e7176cb04da6bb0e9009534438732cb42d008008853d38d19beba46e61006e30f7efd1bc7c2906b024e4ff898a1b58c448d68b43c6ab63f34f85b3ac6aa4475867e51b583844cb23829f4b30f4bdd817d88e2ef3e7b4fc0a624395b05ec5e8686082b24d29fef2b0d3c29e031d5f94f504b1d3df9361eb5ffbadb242e66c39a8094cfe62f85f639f3fd65fc8ae0c74a8f4c6e1d070b9183a434c722caaa0225f8bcd68614d6f0738ed62f8484ec96077d155c08e26c46be262a73e3551698bd70d8d5610cf37c4c306eed04ba6a040a9c3e6d7e15e8acda17f477c2484cf5c56b813313927be8387b1024f995e98fc87f1029091c01424bdc2b296c2eadb7d25b3e762a2fd0c2dcd1727ddf91db97c5984305265f3695a7f5472f2d72c94d68c27914f14f82aa8dd5fe4e2348b0ca967a3f98626a091552f5d0ffa2bf10350d23c996256c01fdeffb2c2c612519869f877e4929c6e95ff15040f1485e22ed14119880232fef3b57b3848f15b1766a5552879df8f06":"cba9e3eb12a6f83db11e8a6ff40d1049854ee094416bc527fea931d8585428a8ed6242ce81f6769b36e2123a5c23483e" SHA-512 Test Vector NIST CAVS #1 diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index e59c9055f7..9eedeeb790 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -212,7 +212,7 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2 handshake_version:0:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:0 Handshake, RSA-WITH-AES-128-CCM @@ -228,7 +228,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:0 Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0 Handshake, PSK-WITH-AES-128-CBC-SHA @@ -244,7 +244,7 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_PROTO_DTLS handshake_version:1:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_SSL_MINOR_VERSION_3 DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS handshake_cipher:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_PK_RSA:1 DTLS Handshake, RSA-WITH-AES-128-CCM @@ -260,7 +260,7 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ handshake_cipher:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_PK_ECDSA:1 DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS +depends_on:MBEDTLS_SHA384_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1 DTLS Handshake, PSK-WITH-AES-128-CBC-SHA @@ -443,51 +443,51 @@ DTLS legacy break handshake renegotiation with MFL=4096 resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"" DTLS no legacy renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy allow renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=512, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_512:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=1024, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_1024:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=2048, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_2048:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS legacy break handshake renegotiation with MFL=4096, ECDHE-RSA-WITH-AES-256-GCM-SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED +depends_on:MBEDTLS_SHA384_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED resize_buffers_renegotiate_mfl:MBEDTLS_SSL_MAX_FRAG_LEN_4096:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384" DTLS no legacy renegotiation with MFL=512, RSA-WITH-AES-128-CCM @@ -659,51 +659,51 @@ SSL session serialization: Wrong config ssl_session_serialize_version_check:0:0:0:1 Record crypt, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-128-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-128-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-128-CBC, 1.2, SHA-256 @@ -851,19 +851,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C: ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-128-CBC, 1.1, SHA-256 @@ -915,19 +915,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTL ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-128-CBC, 1.0, SHA-256 @@ -979,51 +979,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_ ssl_crypt_record:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-192-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-192-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-192-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-192-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-192-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-192-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-192-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-192-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-192-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-192-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-192-CBC, 1.2, SHA-256 @@ -1171,19 +1171,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C: ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-192-CBC, 1.1, SHA-256 @@ -1235,19 +1235,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTL ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-192-CBC, 1.0, SHA-256 @@ -1299,51 +1299,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_ ssl_crypt_record:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-256-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, AES-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, AES-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-256-CBC, 1.2, SHA-256 @@ -1491,19 +1491,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C: ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, AES-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-256-CBC, 1.1, SHA-256 @@ -1555,19 +1555,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTL ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, AES-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, AES-256-CBC, 1.0, SHA-256 @@ -1619,51 +1619,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_ ssl_crypt_record:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-128-CBC, 1.2, SHA-256 @@ -1811,19 +1811,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-128-CBC, 1.1, SHA-256 @@ -1875,19 +1875,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDT ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-128-CBC, 1.0, SHA-256 @@ -1939,51 +1939,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS ssl_crypt_record:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-192-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-192-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-192-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-192-CBC, 1.2, SHA-256 @@ -2131,19 +2131,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-192-CBC, 1.1, SHA-256 @@ -2195,19 +2195,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDT ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-192-CBC, 1.0, SHA-256 @@ -2259,51 +2259,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS ssl_crypt_record:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, ARIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, ARIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-256-CBC, 1.2, SHA-256 @@ -2451,19 +2451,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, ARIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-256-CBC, 1.1, SHA-256 @@ -2515,19 +2515,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDT ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, ARIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, ARIA-256-CBC, 1.0, SHA-256 @@ -2579,51 +2579,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS ssl_crypt_record:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-128-CBC, 1.2, SHA-256 @@ -2771,19 +2771,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELL ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.1, SHA-256 @@ -2835,19 +2835,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-128-CBC, 1.0, SHA-256 @@ -2899,51 +2899,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBE ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-192-CBC, 1.2, SHA-256 @@ -3091,19 +3091,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELL ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-192-CBC, 1.1, SHA-256 @@ -3155,19 +3155,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-192-CBC, 1.0, SHA-256 @@ -3219,51 +3219,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBE ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-256-CBC, 1.2, SHA-256 @@ -3411,19 +3411,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELL ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.1, SHA-256 @@ -3475,19 +3475,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, CAMELLIA-256-CBC, 1.0, SHA-256 @@ -3539,51 +3539,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBE ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, BLOWFISH-CBC, 1.2, SHA-256 @@ -3731,19 +3731,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFI ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, BLOWFISH-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, BLOWFISH-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, BLOWFISH-CBC, 1.1, SHA-256 @@ -3795,19 +3795,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, BLOWFISH-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, BLOWFISH-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, BLOWFISH-CBC, 1.0, SHA-256 @@ -4171,19 +4171,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_T ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, NULL cipher, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, NULL cipher, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, NULL cipher, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, NULL cipher, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, NULL cipher, 1.2, SHA-256 @@ -4235,19 +4235,19 @@ depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBE ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, NULL cipher, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, NULL cipher, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, NULL cipher, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, NULL cipher, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, NULL cipher, 1.1, SHA-256 @@ -4299,19 +4299,19 @@ depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBE ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, NULL cipher, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, NULL cipher, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, NULL cipher, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, NULL cipher, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, NULL cipher, 1.0, SHA-256 @@ -4387,51 +4387,51 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CHACHAPOLY_C:MBEDTLS_SSL_PROTO ssl_crypt_record_small:MBEDTLS_CIPHER_CHACHA20_POLY1305:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-128-CBC, 1.2, SHA-256 @@ -4579,19 +4579,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C: ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-128-CBC, 1.1, SHA-256 @@ -4643,19 +4643,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTL ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-128-CBC, 1.0, SHA-256 @@ -4707,51 +4707,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_ ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-192-CBC, 1.2, SHA-256 @@ -4899,19 +4899,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C: ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-192-CBC, 1.1, SHA-256 @@ -4963,19 +4963,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTL ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-192-CBC, 1.0, SHA-256 @@ -5027,51 +5027,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_ ssl_crypt_record_small:MBEDTLS_CIPHER_AES_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, AES-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-256-CBC, 1.2, SHA-256 @@ -5219,19 +5219,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C: ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, AES-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-256-CBC, 1.1, SHA-256 @@ -5283,19 +5283,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTL ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, AES-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, AES-256-CBC, 1.0, SHA-256 @@ -5347,51 +5347,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_ ssl_crypt_record_small:MBEDTLS_CIPHER_AES_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-128-CBC, 1.2, SHA-256 @@ -5539,19 +5539,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.1, SHA-256 @@ -5603,19 +5603,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDT ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-128-CBC, 1.0, SHA-256 @@ -5667,51 +5667,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-192-CBC, 1.2, SHA-256 @@ -5859,19 +5859,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-192-CBC, 1.1, SHA-256 @@ -5923,19 +5923,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDT ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-192-CBC, 1.0, SHA-256 @@ -5987,51 +5987,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-256-CBC, 1.2, SHA-256 @@ -6179,19 +6179,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.1, SHA-256 @@ -6243,19 +6243,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDT ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, ARIA-256-CBC, 1.0, SHA-256 @@ -6307,51 +6307,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ARIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS ssl_crypt_record_small:MBEDTLS_CIPHER_ARIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.2, SHA-256 @@ -6499,19 +6499,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELL ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.1, SHA-256 @@ -6563,19 +6563,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-128-CBC, 1.0, SHA-256 @@ -6627,51 +6627,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBE ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-192-CBC, 1.2, SHA-256 @@ -6819,19 +6819,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELL ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.1, SHA-256 @@ -6883,19 +6883,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-192-CBC, 1.0, SHA-256 @@ -6947,51 +6947,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBE ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_192_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.2, SHA-256 @@ -7139,19 +7139,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELL ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.1, SHA-256 @@ -7203,19 +7203,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, CAMELLIA-256-CBC, 1.0, SHA-256 @@ -7267,51 +7267,51 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBE ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0 -depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256 @@ -7459,19 +7459,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFI ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256 @@ -7523,19 +7523,19 @@ depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:M ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256 @@ -7899,19 +7899,19 @@ depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_T ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CCM:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0 Record crypt, little space, NULL cipher, 1.2, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, NULL cipher, 1.2, SHA-256 @@ -7963,19 +7963,19 @@ depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBE ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0 Record crypt, little space, NULL cipher, 1.1, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, NULL cipher, 1.1, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, NULL cipher, 1.1, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, NULL cipher, 1.1, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, NULL cipher, 1.1, SHA-256 @@ -8027,19 +8027,19 @@ depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBE ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0 Record crypt, little space, NULL cipher, 1.0, SHA-384 -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, NULL cipher, 1.0, SHA-384, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, NULL cipher, 1.0, SHA-384, short tag -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, NULL cipher, 1.0, SHA-384, short tag, EtM -depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_ENCRYPT_THEN_MAC +depends_on:MBEDTLS_CIPHER_NULL_CIPHER:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC ssl_crypt_record_small:MBEDTLS_CIPHER_NULL:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0 Record crypt, little space, NULL cipher, 1.0, SHA-256 @@ -8283,67 +8283,67 @@ depends_on:MBEDTLS_AES_C:MBEDTLS_SHA256_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA256:1:255 Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, AES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-1 Decrypt CBC !EtM, AES SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:-2 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, AES SHA384 trunc, padlen=0 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:0 Decrypt CBC !EtM, AES SHA384 trunc, padlen=240 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:240 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, AES SHA384 trunc, padlen=1 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:1 Decrypt CBC !EtM, AES SHA384 trunc, padlen=241 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:241 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, AES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, AES SHA384 trunc, padlen=15 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:15 Decrypt CBC !EtM, AES SHA384 trunc, padlen=255 -depends_on:MBEDTLS_AES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_AES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_AES_128_CBC:MBEDTLS_MD_SHA384:1:255 Decrypt CBC !EtM, ARIA MD5 !trunc, empty plaintext, minpad @@ -8539,67 +8539,67 @@ depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA256_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA256:1:255 Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, ARIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-1 Decrypt CBC !EtM, ARIA SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:-2 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=0 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:0 Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=240 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:240 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=1 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:1 Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=241 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:241 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, ARIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=15 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:15 Decrypt CBC !EtM, ARIA SHA384 trunc, padlen=255 -depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ARIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_ARIA_128_CBC:MBEDTLS_MD_SHA384:1:255 Decrypt CBC !EtM, CAMELLIA MD5 !trunc, empty plaintext, minpad @@ -8795,67 +8795,67 @@ depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA256_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA256:1:255 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-1 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:-2 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:240 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=0 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:0 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=240 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:240 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:241 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=1 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:1 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=241 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:241 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:15 Decrypt CBC !EtM, CAMELLIA SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=15 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:15 Decrypt CBC !EtM, CAMELLIA SHA384 trunc, padlen=255 -depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_CAMELLIA_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_CAMELLIA_128_CBC:MBEDTLS_MD_SHA384:1:255 Decrypt CBC !EtM, 3DES MD5 !trunc, empty plaintext, minpad @@ -9051,67 +9051,67 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA256:1:255 Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-1 Decrypt CBC !EtM, 3DES SHA384 !trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:-2 Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, minpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-1 Decrypt CBC !EtM, 3DES SHA384 trunc, empty plaintext, maxpad -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:-2 Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:0 Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:248 Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=0 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:0 Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=248 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:248 Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:1 Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:249 Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=1 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:1 Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=249 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:249 Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:7 Decrypt CBC !EtM, 3DES SHA384 !trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:0:255 Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=7 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:7 Decrypt CBC !EtM, 3DES SHA384 trunc, padlen=255 -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA384_C ssl_decrypt_non_etm_cbc:MBEDTLS_CIPHER_DES_EDE3_CBC:MBEDTLS_MD_SHA384:1:255 SSL TLS 1.3 Key schedule: Secret evolution #1 @@ -9253,7 +9253,7 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_1 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":0 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SSL_PROTO_TLS1_2 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_SSL_PROTO_TLS1_2 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":0 SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA256 @@ -9377,7 +9377,7 @@ depends_on:MBEDTLS_SHA256_C ssl_cf_hmac:MBEDTLS_MD_SHA256 Constant-flow HMAC: SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_SHA384_C ssl_cf_hmac:MBEDTLS_MD_SHA384 # these are the numbers we'd get with an empty plaintext and truncated HMAC diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 0cc1d3fd64..5fcaa38539 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -47,7 +47,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509_cert_info:"data_files/cert_sha256.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA384_C x509_cert_info:"data_files/cert_sha384.crt":"cert. version \: 3\nserial number \: 0A\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA512 Digest @@ -67,7 +67,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C x509_cert_info:"data_files/server9-sha256.crt":"cert. version \: 3\nserial number \: 18\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:45\nexpires on \: 2024-01-18 13\:57\:45\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C x509_cert_info:"data_files/server9-sha384.crt":"cert. version \: 3\nserial number \: 19\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:58\nexpires on \: 2024-01-18 13\:57\:58\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA512 Digest @@ -87,7 +87,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: x509_cert_info:"data_files/server5.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 15\:52\:04\nexpires on \: 2023-09-22 15\:52\:04\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C x509_cert_info:"data_files/server5-sha384.crt":"cert. version \: 3\nserial number \: 14\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA512 Digest @@ -231,7 +231,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C mbedtls_x509_crl_info:"data_files/crl_sha256.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-256\n" X509 CRL Information SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C mbedtls_x509_crl_info:"data_files/crl_sha384.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-384\n" X509 CRL Information SHA512 Digest @@ -251,7 +251,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:16\nnext update \: 2024-01-18 13\:56\:16\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0xDE)\n" X509 CRL information RSA-PSS, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:28\nnext update \: 2024-01-18 13\:56\:28\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0xCE)\n" X509 CRL information RSA-PSS, SHA512 Digest @@ -271,7 +271,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C mbedtls_x509_crl_info:"data_files/crl-ec-sha256.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA256\n" X509 CRL Information EC, SHA384 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_ECDSA_C mbedtls_x509_crl_info:"data_files/crl-ec-sha384.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA384\n" X509 CRL Information EC, SHA512 Digest @@ -311,7 +311,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C mbedtls_x509_csr_info:"data_files/server1.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-256\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA384_C:MBEDTLS_RSA_C mbedtls_x509_csr_info:"data_files/server1.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-384\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA512 @@ -331,7 +331,7 @@ depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: mbedtls_x509_csr_info:"data_files/server5.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA384 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA384_C mbedtls_x509_csr_info:"data_files/server5.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA384\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA512 @@ -351,7 +351,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C mbedtls_x509_csr_info:"data_files/server9.req.sha256":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA256, MGF1-SHA256, 0x5E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA384 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384 +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C mbedtls_x509_csr_info:"data_files/server9.req.sha384":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA384, MGF1-SHA384, 0x4E)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA512 @@ -572,7 +572,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBE x509_verify:"data_files/cert_sha256.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #17 (Valid Cert SHA384 Digest) -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha384.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #18 (Valid Cert SHA512 Digest) @@ -660,7 +660,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #38 (Valid, EC CA, SHA384 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_SHA384_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha384.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #39 (Valid, EC CA, SHA512 Digest) @@ -752,7 +752,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C: x509_verify:"data_files/server9-sha256.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #60 (Valid, RSASSA-PSS, SHA-384) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA384_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha384.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha384.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #61 (Valid, RSASSA-PSS, SHA-512) diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index e0f80be943..d9d4bda7e3 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -11,7 +11,7 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha256":MBEDTLS_MD_SHA256:0:0:0:0 Certificate Request check Server1 SHA384 -depends_on:MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA384_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha384":MBEDTLS_MD_SHA384:0:0:0:0 Certificate Request check Server1 SHA512 From 6fce30fc493c92cf0cc5d6f8b3065996227e0597 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 19 Apr 2021 14:35:00 +0200 Subject: [PATCH 021/271] Update hashes dependencies testing script. Since SHA384 depends on SHA512, depends-hashes script should not generate configuration where SHA384 is defined without SHA512. Signed-off-by: Mateusz Starzyk --- tests/scripts/depends-hashes.pl | 44 +++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index f8b750a885..a57d75da51 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -50,14 +50,18 @@ my $config_h = 'include/mbedtls/config.h'; my $ssl_sed_cmd = 's/^#define \(MBEDTLS_SSL.*\)/\1/p'; my @ssl = split( /\s+/, `sed -n -e '$ssl_sed_cmd' $config_h` ); -# for md we want to catch MD5_C but not MD_C, hence the extra dot -my $mdx_sed_cmd = 's/^#define \(MBEDTLS_MD..*_C\)/\1/p'; -my $sha_sed_cmd = 's/^#define \(MBEDTLS_SHA.*_C\)/\1/p'; -my @hash_modules = split( /\s+/, - `sed -n -e '$mdx_sed_cmd' -e '$sha_sed_cmd' $config_h` ); - -# list hash options with corresponding actions -my @hashes = ((map { "unset $_" } @hash_modules)); +# Each element of this array holds list of configuration options that +# should be tested together. Certain options depend on eachother and +# separating them would generate invalid configurations. +my @hash_configs = ( + ['unset MBEDTLS_MD2_C'], + ['unset MBEDTLS_MD4_C'], + ['unset MBEDTLS_MD5_C'], + ['unset MBEDTLS_SHA512_C', 'unset MBEDTLS_SHA384_C '], + ['unset MBEDTLS_SHA384_C'], + ['unset MBEDTLS_SHA256_C'], + ['unset MBEDTLS_SHA1_C'], +); system( "cp $config_h $config_h.bak" ) and die; sub abort { @@ -67,17 +71,21 @@ sub abort { exit 1; } -for my $hash (@hashes) { +for my $hash_config (@hash_configs) { system( "cp $config_h.bak $config_h" ) and die "$config_h not restored\n"; system( "make clean" ) and die; - print "\n******************************************\n"; - print "* Testing hash option: $hash\n"; - print "******************************************\n"; - $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$hash"; + my $hash_config_string = join(', ', @$hash_config); - system( "scripts/config.py $hash" ) - and abort "Failed to $hash\n"; + print "\n******************************************\n"; + print "* Testing hash options: $hash_config_string\n"; + print "******************************************\n"; + $ENV{MBEDTLS_TEST_CONFIGURATION} = "-$hash_config_string"; + + for my $hash (@$hash_config) { + system( "scripts/config.py $hash" ) + and abort "Failed to $hash\n"; + } for my $opt (@ssl) { system( "scripts/config.py unset $opt" ) @@ -85,9 +93,9 @@ for my $hash (@hashes) { } system( "CFLAGS='-Werror -Wall -Wextra' make lib" ) - and abort "Failed to build lib: $hash\n"; - system( "cd tests && make" ) and abort "Failed to build tests: $hash\n"; - system( "make test" ) and abort "Failed test suite: $hash\n"; + and abort "Failed to build lib: $hash_config_string\n"; + system( "cd tests && make" ) and abort "Failed to build tests: $hash_config_string\n"; + system( "make test" ) and abort "Failed test suite: $hash_config_string\n"; } system( "mv $config_h.bak $config_h" ) and die "$config_h not restored\n"; From e3c48b4a883e8812214a4c57c319d005f34b7ccc Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 19 Apr 2021 16:46:28 +0200 Subject: [PATCH 022/271] Separate SHA224 from SHA256 config options. These options are still dependant on each other. This is an intermediate step. Signed-off-by: Mateusz Starzyk --- configs/config-ccm-psk-tls1_2.h | 1 + configs/config-mini-tls1_1.h | 1 + configs/config-no-entropy.h | 1 + configs/config-psa-crypto.h | 23 +- configs/config-suite-b.h | 1 + configs/config-symmetric-only.h | 1 + configs/config-thread.h | 1 + include/mbedtls/check_config.h | 8 + include/mbedtls/config.h | 23 +- include/mbedtls/config_psa.h | 9 +- include/mbedtls/psa_util.h | 4 +- library/md.c | 55 +++- library/md_wrap.h | 4 +- library/oid.c | 16 +- library/psa_crypto_hash.c | 2 +- library/sha256.c | 15 ++ library/ssl_cookie.c | 2 +- library/ssl_tls.c | 10 +- library/version_features.c | 3 + programs/ssl/ssl_test_common_source.c | 2 + programs/test/query_config.c | 8 + tests/scripts/depends-hashes.pl | 2 +- tests/suites/test_suite_ecdsa.data | 20 +- tests/suites/test_suite_hmac_drbg.misc.data | 8 +- .../test_suite_hmac_drbg.no_reseed.data | 238 +++++++++--------- tests/suites/test_suite_hmac_drbg.nopr.data | 120 ++++----- tests/suites/test_suite_hmac_drbg.pr.data | 120 ++++----- tests/suites/test_suite_md.data | 2 +- tests/suites/test_suite_oid.data | 2 +- tests/suites/test_suite_pkcs1_v21.data | 12 +- tests/suites/test_suite_pkcs5.data | 10 +- tests/suites/test_suite_rsa.data | 16 +- tests/suites/test_suite_shax.function | 2 +- tests/suites/test_suite_x509write.data | 2 +- 34 files changed, 439 insertions(+), 305 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index c58d150d9d..db730f2b18 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -49,6 +49,7 @@ #define MBEDTLS_MD_C #define MBEDTLS_NET_C #define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h index 7d61492142..8e90e88c8c 100644 --- a/configs/config-mini-tls1_1.h +++ b/configs/config-mini-tls1_1.h @@ -57,6 +57,7 @@ #define MBEDTLS_RSA_C #define MBEDTLS_SHA1_C #define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 24822eae69..066048e5a4 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -74,6 +74,7 @@ #define MBEDTLS_PLATFORM_C #define MBEDTLS_RSA_C #define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #define MBEDTLS_SHA512_C #define MBEDTLS_SHA384_C #define MBEDTLS_VERSION_C diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index f37007a3e6..51f4e0580d 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -2626,7 +2626,7 @@ /** * \def MBEDTLS_SHA256_C * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * Enable the SHA-256 cryptographic hash algorithms. * * Module: library/sha256.c * Caller: library/entropy.c @@ -2635,11 +2635,30 @@ * library/ssl_srv.c * library/ssl_tls.c * - * This module adds support for SHA-224 and SHA-256. + * This module adds support for SHA-256. + * This module is required for SHA-244. * This module is required for the SSL/TLS 1.2 PRF function. */ #define MBEDTLS_SHA256_C +/** + * \def MBEDTLS_SHA224_C + * + * Enable the SHA-224 cryptographic hash algorithms. + * + * Module: library/sha256.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_SHA256_C + * This module adds support for SHA-224. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define MBEDTLS_SHA224_C + /** * \def MBEDTLS_SHA512_C * diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 986d042f61..5fee1d1726 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -64,6 +64,7 @@ #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #define MBEDTLS_SHA512_C #define MBEDTLS_SHA384_C #define MBEDTLS_SSL_CLI_C diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 28150d6851..c883596f4a 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -85,6 +85,7 @@ #define MBEDTLS_RIPEMD160_C #define MBEDTLS_SHA1_C #define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #define MBEDTLS_SHA512_C #define MBEDTLS_SHA384_C //#define MBEDTLS_THREADING_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 47dd5e2227..1deb8a5687 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -68,6 +68,7 @@ #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C #define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #define MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index bccbae7155..3998edebe3 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -622,6 +622,14 @@ #error "MBEDTLS_SHA384_C defined without MBEDTLS_SHA512_C" #endif +#if defined(MBEDTLS_SHA224_C) && !defined(MBEDTLS_SHA256_C) +#error "MBEDTLS_SHA224_C defined without MBEDTLS_SHA256_C" +#endif + +#if defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA224_C) +#error "MBEDTLS_SHA256_C defined without MBEDTLS_SHA224_C" +#endif + #if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \ !defined(MBEDTLS_SHA1_C) ) #error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index b802cd47f9..0787b5f4b4 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3107,7 +3107,7 @@ /** * \def MBEDTLS_SHA256_C * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * Enable the SHA-256 cryptographic hash algorithms. * * Module: library/sha256.c * Caller: library/entropy.c @@ -3116,11 +3116,30 @@ * library/ssl_srv.c * library/ssl_tls.c * - * This module adds support for SHA-224 and SHA-256. + * This module adds support for SHA-256. + * This module is required for SHA-244. * This module is required for the SSL/TLS 1.2 PRF function. */ #define MBEDTLS_SHA256_C +/** + * \def MBEDTLS_SHA224_C + * + * Enable the SHA-224 cryptographic hash algorithms. + * + * Module: library/sha256.c + * Caller: library/entropy.c + * library/md.c + * library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: MBEDTLS_SHA256_C + * This module adds support for SHA-224. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define MBEDTLS_SHA224_C + /** * \def MBEDTLS_SHA512_C * diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 89616c5576..2032a365dc 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -149,7 +149,7 @@ extern "C" { #if defined(PSA_WANT_ALG_SHA_224) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 -#define MBEDTLS_SHA256_C +#define MBEDTLS_SHA224_C #endif #if defined(PSA_WANT_ALG_SHA_256) && !defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) @@ -604,10 +604,13 @@ extern "C" { #define PSA_WANT_ALG_SHA_1 1 #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) #define MBEDTLS_PSA_BUILTIN_ALG_SHA_224 1 -#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 #define PSA_WANT_ALG_SHA_224 1 +#endif + +#if defined(MBEDTLS_SHA256_C) +#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1 #define PSA_WANT_ALG_SHA_256 1 #endif diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h index be3745cef1..75fcdac93a 100644 --- a/include/mbedtls/psa_util.h +++ b/include/mbedtls/psa_util.h @@ -136,9 +136,11 @@ static inline psa_algorithm_t mbedtls_psa_translate_md( mbedtls_md_type_t md_alg case MBEDTLS_MD_SHA1: return( PSA_ALG_SHA_1 ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: return( PSA_ALG_SHA_224 ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( PSA_ALG_SHA_256 ); #endif diff --git a/library/md.c b/library/md.c index d9ff699f6f..28261ac8c4 100644 --- a/library/md.c +++ b/library/md.c @@ -97,14 +97,16 @@ const mbedtls_md_info_t mbedtls_sha1_info = { }; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) const mbedtls_md_info_t mbedtls_sha224_info = { "SHA224", MBEDTLS_MD_SHA224, 28, 64, }; +#endif +#if defined(MBEDTLS_SHA256_C) const mbedtls_md_info_t mbedtls_sha256_info = { "SHA256", MBEDTLS_MD_SHA256, @@ -146,6 +148,8 @@ static const int supported_digests[] = { #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, +#endif +#if defined(MBEDTLS_SHA224_C) MBEDTLS_MD_SHA224, #endif @@ -203,9 +207,11 @@ const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name ) if( !strcmp( "SHA1", md_name ) || !strcmp( "SHA", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) if( !strcmp( "SHA224", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 ); +#endif +#if defined(MBEDTLS_SHA256_C) if( !strcmp( "SHA256", md_name ) ) return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ); #endif @@ -244,9 +250,11 @@ const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) case MBEDTLS_MD_SHA1: return( &mbedtls_sha1_info ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: return( &mbedtls_sha224_info ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( &mbedtls_sha256_info ); #endif @@ -302,8 +310,12 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx ) mbedtls_sha1_free( ctx->md_ctx ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: + mbedtls_sha256_free( ctx->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: mbedtls_sha256_free( ctx->md_ctx ); break; @@ -372,8 +384,12 @@ int mbedtls_md_clone( mbedtls_md_context_t *dst, mbedtls_sha1_clone( dst->md_ctx, src->md_ctx ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: + mbedtls_sha256_clone( dst->md_ctx, src->md_ctx ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: mbedtls_sha256_clone( dst->md_ctx, src->md_ctx ); break; @@ -440,8 +456,12 @@ int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_inf ALLOC( sha1 ); break; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: + ALLOC( sha256 ); + break; +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: ALLOC( sha256 ); break; @@ -501,9 +521,11 @@ int mbedtls_md_starts( mbedtls_md_context_t *ctx ) case MBEDTLS_MD_SHA1: return( mbedtls_sha1_starts_ret( ctx->md_ctx ) ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) ); #endif @@ -547,8 +569,11 @@ int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, si case MBEDTLS_MD_SHA1: return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: + return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) ); #endif @@ -592,8 +617,11 @@ int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output ) case MBEDTLS_MD_SHA1: return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: + return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) ); #endif @@ -638,9 +666,11 @@ int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, si case MBEDTLS_MD_SHA1: return( mbedtls_sha1_ret( input, ilen, output ) ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: return( mbedtls_sha256_ret( input, ilen, output, 1 ) ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( mbedtls_sha256_ret( input, ilen, output, 0 ) ); #endif @@ -848,8 +878,11 @@ int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data ) case MBEDTLS_MD_SHA1: return( mbedtls_internal_sha1_process( ctx->md_ctx, data ) ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: + return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( mbedtls_internal_sha256_process( ctx->md_ctx, data ) ); #endif diff --git a/library/md_wrap.h b/library/md_wrap.h index bfe6537c38..51655f9408 100644 --- a/library/md_wrap.h +++ b/library/md_wrap.h @@ -72,8 +72,10 @@ extern const mbedtls_md_info_t mbedtls_ripemd160_info; #if defined(MBEDTLS_SHA1_C) extern const mbedtls_md_info_t mbedtls_sha1_info; #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) extern const mbedtls_md_info_t mbedtls_sha224_info; +#endif +#if defined(MBEDTLS_SHA256_C) extern const mbedtls_md_info_t mbedtls_sha256_info; #endif #if defined(MBEDTLS_SHA384_C) diff --git a/library/oid.c b/library/oid.c index 19c8ac207c..fe4636632c 100644 --- a/library/oid.c +++ b/library/oid.c @@ -345,11 +345,13 @@ static const oid_sig_alg_t oid_sig_alg[] = MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) { { ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" }, MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA, }, +#endif +#if defined(MBEDTLS_SHA256_C) { { ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" }, MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, @@ -379,11 +381,13 @@ static const oid_sig_alg_t oid_sig_alg[] = MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) { { ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" }, MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA, }, +#endif +#if defined(MBEDTLS_SHA256_C) { { ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" }, MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, @@ -602,11 +606,13 @@ static const oid_md_alg_t oid_md_alg[] = MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) { { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" }, MBEDTLS_MD_SHA224, }, +#endif +#if defined(MBEDTLS_SHA256_C) { { ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" }, MBEDTLS_MD_SHA256, @@ -654,11 +660,13 @@ static const oid_md_hmac_t oid_md_hmac[] = MBEDTLS_MD_SHA1, }, #endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) { { ADD_LEN( MBEDTLS_OID_HMAC_SHA224 ), "hmacSHA224", "HMAC-SHA-224" }, MBEDTLS_MD_SHA224, }, +#endif +#if defined(MBEDTLS_SHA256_C) { { ADD_LEN( MBEDTLS_OID_HMAC_SHA256 ), "hmacSHA256", "HMAC-SHA-256" }, MBEDTLS_MD_SHA256, diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c index 2605179c40..d0f986ebc7 100644 --- a/library/psa_crypto_hash.c +++ b/library/psa_crypto_hash.c @@ -96,7 +96,7 @@ const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg ) case PSA_ALG_SHA_1: return( &mbedtls_sha1_info ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case PSA_ALG_SHA_224: return( &mbedtls_sha224_info ); #endif diff --git a/library/sha256.c b/library/sha256.c index a94f325e8b..264d33ae9a 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -105,6 +105,12 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) SHA256_VALIDATE_RET( ctx != NULL ); SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); +#if defined(MBEDTLS_SHA224_C) + SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); +#else + SHA256_VALIDATE_RET( is224 == 0 ); +#endif + ctx->total[0] = 0; ctx->total[1] = 0; @@ -122,6 +128,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) } else { +#if defined(MBEDTLS_SHA224_C) /* SHA-224 */ ctx->state[0] = 0xC1059ED8; ctx->state[1] = 0x367CD507; @@ -131,6 +138,7 @@ int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) ctx->state[5] = 0x68581511; ctx->state[6] = 0x64F98FA7; ctx->state[7] = 0xBEFA4FA4; +#endif } ctx->is224 = is224; @@ -388,7 +396,9 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, PUT_UINT32_BE( ctx->state[5], output, 20 ); PUT_UINT32_BE( ctx->state[6], output, 24 ); +#if defined(MBEDTLS_SHA224_C) if( ctx->is224 == 0 ) +#endif PUT_UINT32_BE( ctx->state[7], output, 28 ); return( 0 ); @@ -407,7 +417,12 @@ int mbedtls_sha256_ret( const unsigned char *input, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; mbedtls_sha256_context ctx; +#if defined(MBEDTLS_SHA224_C) SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); +#else + SHA256_VALIDATE_RET( is224 == 0 ); +#endif + SHA256_VALIDATE_RET( ilen == 0 || input != NULL ); SHA256_VALIDATE_RET( (unsigned char *)output != NULL ); diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index fa89a07d34..22484f7f4d 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -44,7 +44,7 @@ * available. Try SHA-256 first, 512 wastes resources since we need to stay * with max 32 bytes of cookie for DTLS 1.0 */ -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) #define COOKIE_MD MBEDTLS_MD_SHA224 #define COOKIE_MD_OUTLEN 32 #define COOKIE_HMAC_LEN 28 diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fbd2013e14..3d1b84f5f1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6468,6 +6468,8 @@ static int ssl_preset_default_hashes[] = { #endif #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, +#endif +#if defined(MBEDTLS_SHA224_C) MBEDTLS_MD_SHA224, #endif #if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) @@ -6815,9 +6817,11 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash ) case MBEDTLS_SSL_HASH_SHA1: return( MBEDTLS_MD_SHA1 ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_SSL_HASH_SHA224: return( MBEDTLS_MD_SHA224 ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_HASH_SHA256: return( MBEDTLS_MD_SHA256 ); #endif @@ -6849,9 +6853,11 @@ unsigned char mbedtls_ssl_hash_from_md_alg( int md ) case MBEDTLS_MD_SHA1: return( MBEDTLS_SSL_HASH_SHA1 ); #endif -#if defined(MBEDTLS_SHA256_C) +#if defined(MBEDTLS_SHA224_C) case MBEDTLS_MD_SHA224: return( MBEDTLS_SSL_HASH_SHA224 ); +#endif +#if defined(MBEDTLS_SHA256_C) case MBEDTLS_MD_SHA256: return( MBEDTLS_SSL_HASH_SHA256 ); #endif diff --git a/library/version_features.c b/library/version_features.c index 275aaa630d..39b877a811 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -759,6 +759,9 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA256_C) "MBEDTLS_SHA256_C", #endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA224_C) + "MBEDTLS_SHA224_C", +#endif /* MBEDTLS_SHA224_C */ #if defined(MBEDTLS_SHA512_C) "MBEDTLS_SHA512_C", #endif /* MBEDTLS_SHA512_C */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index d85f658900..09832cff1e 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -296,6 +296,8 @@ int ssl_sig_hashes_for_test[] = { #endif #if defined(MBEDTLS_SHA256_C) MBEDTLS_MD_SHA256, +#endif +#if defined(MBEDTLS_SHA224_C) MBEDTLS_MD_SHA224, #endif #if defined(MBEDTLS_SHA1_C) diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 92f36cbb50..f4252372b6 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -2075,6 +2075,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA224_C) + if( strcmp( "MBEDTLS_SHA224_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA224_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA224_C */ + #if defined(MBEDTLS_SHA512_C) if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 ) { diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl index a57d75da51..07784816f4 100755 --- a/tests/scripts/depends-hashes.pl +++ b/tests/scripts/depends-hashes.pl @@ -59,7 +59,7 @@ my @hash_configs = ( ['unset MBEDTLS_MD5_C'], ['unset MBEDTLS_SHA512_C', 'unset MBEDTLS_SHA384_C '], ['unset MBEDTLS_SHA384_C'], - ['unset MBEDTLS_SHA256_C'], + ['unset MBEDTLS_SHA256_C', 'unset MBEDTLS_SHA224_C'], ['unset MBEDTLS_SHA1_C'], ); diff --git a/tests/suites/test_suite_ecdsa.data b/tests/suites/test_suite_ecdsa.data index 3b153df865..e510c504eb 100644 --- a/tests/suites/test_suite_ecdsa.data +++ b/tests/suites/test_suite_ecdsa.data @@ -98,7 +98,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"sample":"98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF":"57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64" ECDSA deterministic test vector rfc 6979 p192 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"sample":"A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5":"E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A" ECDSA deterministic test vector rfc 6979 p192 sha256 [#1] @@ -118,7 +118,7 @@ depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA1:"test":"0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D":"EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7" ECDSA deterministic test vector rfc 6979 p192 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP192R1:"6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4":MBEDTLS_MD_SHA224:"test":"6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34":"B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293" ECDSA deterministic test vector rfc 6979 p192 sha256 [#2] @@ -138,7 +138,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"sample":"22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC":"66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69" ECDSA deterministic test vector rfc 6979 p224 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"sample":"1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E":"A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC" ECDSA deterministic test vector rfc 6979 p224 sha256 [#1] @@ -158,7 +158,7 @@ depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA1:"test":"DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C":"95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2" ECDSA deterministic test vector rfc 6979 p224 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP224R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP224R1:"F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1":MBEDTLS_MD_SHA224:"test":"C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019":"902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4" ECDSA deterministic test vector rfc 6979 p224 sha256 [#2] @@ -178,7 +178,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"sample":"61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32":"6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB" ECDSA deterministic test vector rfc 6979 p256 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"sample":"53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F":"B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C" ECDSA deterministic test vector rfc 6979 p256 sha256 [#1] @@ -198,7 +198,7 @@ depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA1:"test":"0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89":"01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1" ECDSA deterministic test vector rfc 6979 p256 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP256R1:"C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721":MBEDTLS_MD_SHA224:"test":"C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692":"C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D" ECDSA deterministic test vector rfc 6979 p256 sha256 [#2] @@ -218,7 +218,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"sample":"EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA37B9BA002899F6FDA3A4A9386790D4EB2":"A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF26F49CA031D4857570CCB5CA4424A443" ECDSA deterministic test vector rfc 6979 p384 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"sample":"42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366450F76EE3DE43F5A125333A6BE060122":"9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E4834C082C03D83028EFBF93A3C23940CA8D" ECDSA deterministic test vector rfc 6979 p384 sha256 [#1] @@ -238,7 +238,7 @@ depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA1:"test":"4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678ACD9D29876DAF46638645F7F404B11C7":"D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A2991695BA1C84541327E966FA7B50F7382282" ECDSA deterministic test vector rfc 6979 p384 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP384R1:"6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5":MBEDTLS_MD_SHA224:"test":"E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E62464A9A817C47FF78B8C11066B24080E72":"07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C6141C53EA5ABEF0D8231077A04540A96B66" ECDSA deterministic test vector rfc 6979 p384 sha256 [#2] @@ -258,7 +258,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"sample":"0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D75D":"0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5D16" ECDSA deterministic test vector rfc 6979 p521 sha224 [#1] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"sample":"1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A30715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2ED2E":"050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17BA41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B41F" ECDSA deterministic test vector rfc 6979 p521 sha256 [#1] @@ -278,7 +278,7 @@ depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA1_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA1:"test":"13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0367":"1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC916797FF" ECDSA deterministic test vector rfc 6979 p521 sha224 [#2] -depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECP_DP_SECP521R1_ENABLED:MBEDTLS_SHA224_C ecdsa_det_test_vectors:MBEDTLS_ECP_DP_SECP521R1:"0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538":MBEDTLS_MD_SHA224:"test":"1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE17FB":"177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD519A4" ECDSA deterministic test vector rfc 6979 p521 sha256 [#2] diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data index c14f904710..a5a22badc2 100644 --- a/tests/suites/test_suite_hmac_drbg.misc.data +++ b/tests/suites/test_suite_hmac_drbg.misc.data @@ -3,7 +3,7 @@ depends_on:MBEDTLS_SHA1_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA1 HMAC_DRBG entropy usage SHA-224 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA224 HMAC_DRBG entropy usage SHA-256 @@ -27,11 +27,11 @@ depends_on:MBEDTLS_SHA1_C hmac_drbg_seed_file:MBEDTLS_MD_SHA1:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-224 [#1] -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-224 [#2] -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_seed_file:MBEDTLS_MD_SHA224:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-256 [#1] @@ -63,7 +63,7 @@ depends_on:MBEDTLS_SHA1_C hmac_drbg_buf:MBEDTLS_MD_SHA1 HMAC_DRBG from buffer SHA-224 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_buf:MBEDTLS_MD_SHA224 HMAC_DRBG from buffer SHA-256 diff --git a/tests/suites/test_suite_hmac_drbg.no_reseed.data b/tests/suites/test_suite_hmac_drbg.no_reseed.data index 4f6061b8e7..fc084306b7 100644 --- a/tests/suites/test_suite_hmac_drbg.no_reseed.data +++ b/tests/suites/test_suite_hmac_drbg.no_reseed.data @@ -239,479 +239,479 @@ depends_on:MBEDTLS_SHA1_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA1:"3e325daab3301856044f416f250b6161e447e63d85ca084f":"a9d2a53dbd7ef4b9150dd0ed4d002e56":"4de6c923346d7adc16bbe89b9a184a79":"9e9e3412635aec6fcfb9d00da0c49fb3":"48ac8646b334e7434e5f73d60a8f6741e472baabe525257b78151c20872f331c169abe25faf800991f3d0a45c65e71261be0c8e14a1a8a6df9c6a80834a4f2237e23abd750f845ccbb4a46250ab1bb63" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"a76e77a969ab92645181f0157802523746c34bf321867641051ed6ba39368033adc93d4e":"":"":"":"8925987db5566e60520f09bdddab488292bed92cd385e5b6fc223e1919640b4e34e34575033e56c0a8f608be21d3d221c67d39abec98d81312f3a2653d55ffbf44c337c82bed314c211be23ec394399ba351c4687dce649e7c2a1ba7b0b5dab125671b1bcf9008da65cad612d95ddc92" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"65cdaa5ab147d0c79fdd02b24fc94d0e427f59ef9a31f447458c6befe0c2cde5a58c6b7d":"":"":"":"0d164682b5bb552a53a2a942373639d98576450ca632faebc15060691a4219467c5aa106034cd19a214a0a4f31d402e68c4c565f49b33b680d522ef25f541e8202be779730376fdcf5b7b58fd6ac959204a88f91008651d2c02ada82505f914d4d9b9aea7967784e5320e185e1248270" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"650996f1477112af7604386be5ace78232904315d99d87d72a06709d331a6f930b447cf5":"":"":"":"d3341d7767cfd95640a107b3abaed7b4e1855b348e3ae5bcc53a0b0d49d4b4976837ec8f376f38327135578eca7ee583215bd5c79ebf499816f79afcc402ff1e9ffc4ad0f896761c9cff75050bf84baa194c355763b16b5d2648d480a2b48f22662685de39c7cee90aa0b6edf8062e42" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"898640ce467201a53e7731bdfb572977f7eb3e49050bc1e367ca74bf0a27376d339d09f4":"":"":"":"4f5eea927023b4abab5d4d9944e84ca001ee081cbc21d4080e1534ee6d1d8a6f60361029ffa983bcc79b5d65d4aaaaaf98983de13ddde39a739f9d95878fb31f57f96184e5f2f3adf654a468c616237fcbc6b2c194e247178cb90294f631c449a01f1fe09c02587c460305be9fc71b5a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fe405dd73956bf6ec875515eebd8c5ecd60553643da750914c83dfc93611d57390af7324":"":"":"":"d8ae0eb81913a190c439f8ffa56c06155a73f84b20608b2b2e9eab3061202cebad18ab8b3eba81672152c1c02ef573cd6e8623c392facb6a857425c6795cd7999c1e7f56f3fa9accca018076e0bfc106d075df98f5fb66f28933215e9276777dfc479e71a8d506a66197918d9b0f7a8f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"b06892f6f455afddc8eb60aae35b35a64f63b2aa85a2dae4ef489266f7bc354f72d68b71":"":"":"":"fc10c03fc37d3bd5fba6591a97f6354a9ed8ba2b6806744432851f43a3ce6418e39ccb417b8539e349acea588e2abe5da06147c9825c6e50a31f8589a57ca3bfb10f0da9c8e89fe2e372b5af1cf96e0fbeec5d99228770c41a76e587da7d8764d5f235f5d1d6188d84ae61c52c2164fb" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9174e174e9e031f62b2e19ae5c0bef22eed7d5598e6e73504759a2c15b05c2473a721d26":"":"":"":"1962f2d473b31a2576dbd78022f4eeb974641fa2e9cb582f03ab741929f51f0f4663129e68ddc242e1c2ceafacec3dccb97e09527aff46b948f0abcea1451699dc3ae4d3fb5e04c84337e17b504af2fb5f1aa6ec0033ddf138a188ee162c497526563a67da8015275d89f0e1e902b2ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"eb1d45ba0d8951b7b1d7ce922b7d1f6e94da8b821940126c9da5b0b4382425930743a051":"":"":"":"306b1f733e6f69b6f26b7baa5441af4967a5cad8faad18029440aa989aef6024dbf3ba02dfc2c694dad6496ff760d72ae6914a4dcd5e3a443f4bcb14bf2b64986f35c32449f15e3084d46fadfa2ae213da6b26f787cef89b6a23084a929608a9f6acd8315808c29f8ae435a40202a012" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"78cdc1567caf2ff529ef8e3475c0fbb09a48b687a544f7399f503948621f29686fb15216":"":"":"":"2367067d8ec189b0819eda34602768a0698b4b545c7d5214fad58c9787b89809b97f3af5f9349907d2954f8c0dccbdbe63cc019bde3a6fae10497ae57f33e91ed55b6fc4a83fe8a2463552796d5120da8066f7285a8388958817b1218e006d7fc617f453ad0f9217966a0731ba99f093" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"25f9ee24ee25ad3d29a974f8f552b178cb292b847a6be80694213a6c0b33e25e29fd3ecc":"":"":"":"32fe251a619d164c217365b12a313a942b6a9c3df007751a5fa9f356412d1142c785c292e3dc9d0b1d77e080892e5d39b91c58fd142458c71182061920a0721db453a32fe7ffc8b2c20bf11894fa37d8f0e9463edd43a97f65362295119be03d5e06f617fdff6accaab8c4da72ac8f81" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"0b644221788c266aae00a3b63a87f32ca96a6c32b116cd37caa4f75ff5d7e56be3b4e20f":"":"":"":"dc9245da77502cadd1a8ac4d1cf6a199c8e529deda10c87ab6c69ceea6fdef36d45f4d036021b93fe5b342c52fe1e71d81e617bebc58804af3109bab93dbb2e5c546e108bd0891710128b5e8e4a4f01df2003d038fec8cef426fad7f72dd5e091b4850e9bf4932d60deacb6e9ea3c5e6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"a6677badff70966a3cd2febaad7de7aa5849ba763789b20d0a39b6c569261b826cdb15e8":"":"":"":"e04838c970f5d7208a2a7310da893d65391666a5dc62d9ede71fc30816cfc3e8064ac59cc9aaf30283356078c812676ca20beb044a6d78db6c5ef9718a88559607f225002452c01459944433013cfffea84d6fe404fbbbc2d66bb50a2fa01d8a5d6e4ea9b402dc5256752461bf6fcb7f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2301d8c053312db04882f4284cf8b47966c1c9b8c49de847d0c11f14c5f70ce19346562b":"":"":"":"b46246526b28f3ad7f6d8732ca3bfc40f005d97a519640a4ce728486d8bf830d661be5a97b11113e89096d9bf15cbef73ec28ac13e3fbeadc9bca500918bbe92ea23e131cc622dbffe2272db16ec5d4ca30e9bd986d1709ae22d10180514bcd11bd6218ea1fbaba101444945a17a4c4b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"78644ea1b0c4c55c4addeb476fc34471ea2c4393697aa4f170726010c443b8e1c4a6b3ea":"":"":"":"ef1b41bd03ee8460d55759db65a4c97758f48e3a09127be04c7ed08bbee5fa5cf119929df42c187e2a347a8df99c502b693a7ae41946f4918d84686880ae29d6d8fbbc4fccc9e295876a249cfa59effd331994e84717b4c76637df36beb960761880daab3d43376341439af2ce8e33cc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"71acb71235e88e3aa6d8bbf27ccef8ef28043ebe8663f7bcf49cb642b3d915cf03b90e65":"":"":"":"144aeb56a11cb648b5ec7d40c2816e368426690db55b559f5633f856b79efe5f784944144756825b8fd7bf98beb758efe2ac1f650d54fc436a4bcd7dfaf3a66c192a7629eea8a357eef24b117a6e7d578797980eaefcf9a961452c4c1315119ca960ad08764fe76e2462ae1a191baeca" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c5c89c26ac4ca8b1106ba90a8ef4d6d687dfd88743caa5fbafa4745d9c1f8371120b10c8":"":"d3483ae5f9ed97efd3f852e4a6f20f25c947a03f39a4b75c":"2cd523c5958cdf403caa61abe5c4739cdb9d40152f0e769a":"1fef4e6abc2778d1c3e3ce00fdb5eae1ebebdd5cff0a7087644c8565d1e8b876b2c05264ca81498468851fc7b9e5a2163a06f377d2ed754c095adc59dc015a77edd69e4eecbe48d9dc127eedfff5cc73ae38127ae3a518fe7fa5abd1a9c53eeaf144420873341e2efa3d81493c69b04e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"6860e44bf582db9818ffbe4c699d4218965c29f463d7a02fe1f36c8442b0a5d103def7a2":"":"e9f598357109e2a532dc980388b8a5991256166d67c3bc01":"58ebbf7402be041724701e5c0132abe604c11a62a9de1d2f":"52fad34b27113c146595a6740f505bc2d3edf6618975cb9c4a5155788eaf08b96d232610d9b4ee06264fd92f319df5a52b8f9e31b016a6c21d27d31d9d42bbb7588a7142f26ece3ddf211c8cf4530947adee302aa71c0d7fe9060c1b25f1c1f2e053598a7fb72c4db55fb1b02352d60a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"27b9f78ae07821f2b5625c8fc3a03ceec4fc8062be860c2db20403dd88a8751dcad56158":"":"1b6c848fce706abd73612dd3fd421c1c7ce9f4c2d0ecc670":"14a43645c1b6ae394f795af6ca2e9084e7e707f3f2cedd7a":"33c592017af545b3a9cf3419ce1c604e9c7c687ebf6418fbef47ec96e61f1951068eec9b60005d24574313f04ffc16c30872ec83e41e248e3d5c6951930d6a88b8931d5502d1142ce50676b3adf48453d1a008189658db8511d19a06ac97b4d5cfac19b54e8e6b899d501715f401ef85" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8d7cf5c2e360ef755c1e9f5b7a44a1e29f09cee7ca44e15925ffe9a47b2d55fd7750b356":"":"0e691c9a435939c615f0686eae88e090ba5c4b3f5e6e00c0":"1e3a452295617e5a9e6f78256d2781feeb3812753b4aad9a":"a307569d8adf3f7e6ee4567a5b2bd338badb9234e7b27c92429ffa75e4c56c0529fdc6c15df5d47c46e3d2eeadcf1b9e93a5dd6cde99a82f04b0d97f7a3bfd05c0e1d8370987222310ab18c980ce48b2679361c3d9011dd355a9b06337c054ee37913d5f4dd30d1fc942cd733a0fa5f8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1a0d2c734918c539c1b306a464eb6b54f92e958e8636032aec23ba8ae817bec48384461f":"":"b8ad9e613a891fd0db89571fddda77827382e406cd3cdf7e":"1e172a708aa4ffa3618ff0d7b1f9ba341f4811507851dfb4":"674df1f3095d6c87bc54dd9b2aaa2c786bd50e4ddc02493745d820dad8552131fb3e389e99b0709478b65d4268f2a3b468a8447dc572a6ee024be6be9be9d428c12cc92894d15dd1c959d6222dc9ec30478c7a0b57f5bd8bd53868b98d7674738b54cf74100ae215693babb6db3b3890" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"95a30a0ca779a4038ea920cccfa4cdd814ca17d560d53a75cf170f4712994f9bcb2efb74":"":"1da6c8726bbfa3c8bee6dcff6f76f2d55d60527c4f0db26b":"595ebd903a596a1f12175080185bd94c2336eb8dd29a387d":"317c19cf4a45b8cf3f645da084ada54d1b1f81379152424fddad22a6dc9bd22841e0c4c5a36bfb7879eafbd1a939121905a938ae034c7fc01afb56607e35f895f46f13e91ce4e8e75b6a87a1e5544e18eb194fd6754b06885ac05e332a05ed436e889965e405e0f2069b04b40ea0f635" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8af8930562510231a592a72587fa6ad7c234e133046965907642fbc785c0b86cba844f0f":"":"9ee7b221064966582dc836437b82386f5204a302a4179079":"473d917f5b66f0f6e3fb4670ba08c2cbd2ea765b46b10838":"5c2fc9cc7148dbe40a692b3636778eb80188949d198bba3e8355386b78b54bfb963f5f2d9202988da20ccbf336a7c737a66c90149b9e8e306477151c4d912f7c61e872de0d0e47701cbe765864de536d599946b8bd65e4d89d4e61deb53de9974fbbe634501800feea100fea573e2e50" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2b9554ecf94c7d647a4e117f43326cab54466eba56a09a52741b2445057c491935c067d2":"":"0144be6978dba85aa645d793c1881dc2deb1bd210811ec9e":"1cd265f3812568274b643954c70923a76dfcc9f123360111":"f7459b0c23966dc1a53e0c6406c9e78ebe728e3484224cd88b6b2ea554522e75eb4a1c8a3fdc66561426464f50b8d0ff95b266677d91776b344a820eb4fd7d554678300558011a7cd85d22e92dc8ec2c2fa15c6330ba157c3e71728304447c1ad4d64f3da4fbf26d92e1e7c58a1b289c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"335ede8603fcde78ea9869da2dbcab4a6e72f1b53439f3085d06b856e627411a9ce1c297":"":"ededc73fe268935c10832c463549f8204a29cf0fe00a4d87":"ef1b8a80dd49d2c263999ddc0d5a1d9205c1b1c66239fd80":"05bfe97c398b1e33ee1c547c0edb5b654b7060b76604195440d06dd2f614a398c6c43f1803893c4c8888bedecdf998367cf992301a25f24c263f5d36bbfc6fe8b839cad293b3617c1d2c60a814bda0359e3f717fa80fc7324af8827d438c88642754b39b10d18cf5bf42f11177a0bc6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9b0275d861117553ecd3c4d7cfe762f88df22c4c4190dac8e0be5872818e2dd765261d58":"":"cfc0b07082d514425b17ce3cb334ec62bc1b3be0be58ca4b":"d3c70ab5ff7a364a9e6dc75132ac67e0d373fa2df301afb5":"09fb41bcceb016e754795e1cce582f0cae91d7bb50245975eb75274819e1e4dcdfbc5e2f13fd26b9a9f9e945cd807ffec4e275681ea7bd33eae13efd8a01edbe02562e77b44b6312f416c3dd0be64f2bae0ba4b9bb36fc3a44841d21d8b3571c0ef644d88cf3cc3c851b256a15f4d716" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1981c3f9ca58fd10e8377a8d0eb3cf02102aab6f7a033af3135533d9fd850e29ecb8dc9b":"":"f9978ba41df22894ad5f3849c1bdf21f7bbc0128c782e79b":"b4d57de5e18d393273ee9f3ef9736599c6d639f437239219":"fee23db2fcc71624fb39f573e33a1490efc7230c27e9278188251634f9c045bcb26e79ece6a173491475ae44a957c4269570f5469234ca8b6873cc973c8d97178c58cec658a352bad0d4c6001cae5664258db59ad76eb6304d166267eafb46f4dd536a914fa6d1ac58317e7c557d4653" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c10d4e521350f7cd1853576d03c4bece3e58c8c740859e4e16979499ec1365fc073736a3":"":"78b245520153baacc66846e7a83a2a925f892d4c2ee63c0f":"c8ca7a33de5991d44d7ef7da2d3368cc2cdb93895c394d41":"f92c15f5833800b28dba2d134d4dcfc41abf72f5a700469551e8ccb83bdb0772d14d6b26ba6978169e3ddbe5f214d57930dfcad719bf10d306749246d2624bedd4a18d327b8ae6bee67cf0bfb5f649824bbd0440f042146b95a83e5845ced69a55ba055d5dfc7183c3bb28d61312d274" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"7608b5617785995a1f7144ee5229e4f9c138e418bcc3b5e061a422e8cf875f58650e996d":"":"961c2d33039e60a2871e1f5b82097f6b1cb03836dba5f440":"b18cb52d3858ac5bf59f216a28c0ad49f3dc88c67b5870e0":"4b0313ae873ce5ebf08aec160416492e4c4c797a5017061ea42aefa0685ab19b74a7af11f019b9fb63072b797f7ea3354efd32c4abd1e866405a319ed2fa13fc81019d61326e70e503141b9c77b4879a45e9f36f101dbfff4359147282ef814888fee81640def25f551cee41d12609aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fef7a43fea2ff1a0f624086985e535778d7a73dbc47bc23e9da92edd5d2f273cdbbc0251":"":"836731a57497a69e31f8db4f729774ad65f31d968dbc55a8":"bcca96d808ba98bb50e90afe58fc88e95dc14c3e90c56004":"4f2c64ecd146689064fbf4fcffce2a2ab3910e72ec4faec277f7b9e9ed510381312b01f21650e175ebe9c45c11e977276f13be015243a0cd16a191abbac6462ba96e4e4a1120b28083da933419e8c8f03099906eb1ee012ae291104c6530f51b5e32e6631cab8ef5aad68c0045255ba9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"00197c70b2f0d3e98e4b387ec42a65c4106a1689ab5de61101ee76f4b5e530e7efeaf964":"":"03015311cddd0961ec7a74cb84d835c058a69b964f18a1c1":"5e0d99e0e7c57769a43ea771c467fb5e2df6d06dae035fd6":"72e8ca7666e440ac6a84ab6f7be7e00a536d77315b119b49e5544bf3ead564bd06740f09f6e20564542e0d597ac15a43b5fb5a0239a3362bc3a9efe1ce358ddd9d4f30b72e12ed9d78340c66b194beb4b12e973213931b9cfd0ccbdf540d2c36ce074e2beac7a4ddac59e06e4c7178d3" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c5c89c26ac4ca8b1106ba90a8ef4d6d687dfd88743caa5fbafa4745d9c1f8371120b10c8":"":"d3483ae5f9ed97efd3f852e4a6f20f25c947a03f39a4b75c":"2cd523c5958cdf403caa61abe5c4739cdb9d40152f0e769a":"1fef4e6abc2778d1c3e3ce00fdb5eae1ebebdd5cff0a7087644c8565d1e8b876b2c05264ca81498468851fc7b9e5a2163a06f377d2ed754c095adc59dc015a77edd69e4eecbe48d9dc127eedfff5cc73ae38127ae3a518fe7fa5abd1a9c53eeaf144420873341e2efa3d81493c69b04e" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"6860e44bf582db9818ffbe4c699d4218965c29f463d7a02fe1f36c8442b0a5d103def7a2":"":"e9f598357109e2a532dc980388b8a5991256166d67c3bc01":"58ebbf7402be041724701e5c0132abe604c11a62a9de1d2f":"52fad34b27113c146595a6740f505bc2d3edf6618975cb9c4a5155788eaf08b96d232610d9b4ee06264fd92f319df5a52b8f9e31b016a6c21d27d31d9d42bbb7588a7142f26ece3ddf211c8cf4530947adee302aa71c0d7fe9060c1b25f1c1f2e053598a7fb72c4db55fb1b02352d60a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"27b9f78ae07821f2b5625c8fc3a03ceec4fc8062be860c2db20403dd88a8751dcad56158":"":"1b6c848fce706abd73612dd3fd421c1c7ce9f4c2d0ecc670":"14a43645c1b6ae394f795af6ca2e9084e7e707f3f2cedd7a":"33c592017af545b3a9cf3419ce1c604e9c7c687ebf6418fbef47ec96e61f1951068eec9b60005d24574313f04ffc16c30872ec83e41e248e3d5c6951930d6a88b8931d5502d1142ce50676b3adf48453d1a008189658db8511d19a06ac97b4d5cfac19b54e8e6b899d501715f401ef85" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8d7cf5c2e360ef755c1e9f5b7a44a1e29f09cee7ca44e15925ffe9a47b2d55fd7750b356":"":"0e691c9a435939c615f0686eae88e090ba5c4b3f5e6e00c0":"1e3a452295617e5a9e6f78256d2781feeb3812753b4aad9a":"a307569d8adf3f7e6ee4567a5b2bd338badb9234e7b27c92429ffa75e4c56c0529fdc6c15df5d47c46e3d2eeadcf1b9e93a5dd6cde99a82f04b0d97f7a3bfd05c0e1d8370987222310ab18c980ce48b2679361c3d9011dd355a9b06337c054ee37913d5f4dd30d1fc942cd733a0fa5f8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1a0d2c734918c539c1b306a464eb6b54f92e958e8636032aec23ba8ae817bec48384461f":"":"b8ad9e613a891fd0db89571fddda77827382e406cd3cdf7e":"1e172a708aa4ffa3618ff0d7b1f9ba341f4811507851dfb4":"674df1f3095d6c87bc54dd9b2aaa2c786bd50e4ddc02493745d820dad8552131fb3e389e99b0709478b65d4268f2a3b468a8447dc572a6ee024be6be9be9d428c12cc92894d15dd1c959d6222dc9ec30478c7a0b57f5bd8bd53868b98d7674738b54cf74100ae215693babb6db3b3890" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"95a30a0ca779a4038ea920cccfa4cdd814ca17d560d53a75cf170f4712994f9bcb2efb74":"":"1da6c8726bbfa3c8bee6dcff6f76f2d55d60527c4f0db26b":"595ebd903a596a1f12175080185bd94c2336eb8dd29a387d":"317c19cf4a45b8cf3f645da084ada54d1b1f81379152424fddad22a6dc9bd22841e0c4c5a36bfb7879eafbd1a939121905a938ae034c7fc01afb56607e35f895f46f13e91ce4e8e75b6a87a1e5544e18eb194fd6754b06885ac05e332a05ed436e889965e405e0f2069b04b40ea0f635" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"8af8930562510231a592a72587fa6ad7c234e133046965907642fbc785c0b86cba844f0f":"":"9ee7b221064966582dc836437b82386f5204a302a4179079":"473d917f5b66f0f6e3fb4670ba08c2cbd2ea765b46b10838":"5c2fc9cc7148dbe40a692b3636778eb80188949d198bba3e8355386b78b54bfb963f5f2d9202988da20ccbf336a7c737a66c90149b9e8e306477151c4d912f7c61e872de0d0e47701cbe765864de536d599946b8bd65e4d89d4e61deb53de9974fbbe634501800feea100fea573e2e50" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2b9554ecf94c7d647a4e117f43326cab54466eba56a09a52741b2445057c491935c067d2":"":"0144be6978dba85aa645d793c1881dc2deb1bd210811ec9e":"1cd265f3812568274b643954c70923a76dfcc9f123360111":"f7459b0c23966dc1a53e0c6406c9e78ebe728e3484224cd88b6b2ea554522e75eb4a1c8a3fdc66561426464f50b8d0ff95b266677d91776b344a820eb4fd7d554678300558011a7cd85d22e92dc8ec2c2fa15c6330ba157c3e71728304447c1ad4d64f3da4fbf26d92e1e7c58a1b289c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"335ede8603fcde78ea9869da2dbcab4a6e72f1b53439f3085d06b856e627411a9ce1c297":"":"ededc73fe268935c10832c463549f8204a29cf0fe00a4d87":"ef1b8a80dd49d2c263999ddc0d5a1d9205c1b1c66239fd80":"05bfe97c398b1e33ee1c547c0edb5b654b7060b76604195440d06dd2f614a398c6c43f1803893c4c8888bedecdf998367cf992301a25f24c263f5d36bbfc6fe8b839cad293b3617c1d2c60a814bda0359e3f717fa80fc7324af8827d438c88642754b39b10d18cf5bf42f11177a0bc6b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"9b0275d861117553ecd3c4d7cfe762f88df22c4c4190dac8e0be5872818e2dd765261d58":"":"cfc0b07082d514425b17ce3cb334ec62bc1b3be0be58ca4b":"d3c70ab5ff7a364a9e6dc75132ac67e0d373fa2df301afb5":"09fb41bcceb016e754795e1cce582f0cae91d7bb50245975eb75274819e1e4dcdfbc5e2f13fd26b9a9f9e945cd807ffec4e275681ea7bd33eae13efd8a01edbe02562e77b44b6312f416c3dd0be64f2bae0ba4b9bb36fc3a44841d21d8b3571c0ef644d88cf3cc3c851b256a15f4d716" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"1981c3f9ca58fd10e8377a8d0eb3cf02102aab6f7a033af3135533d9fd850e29ecb8dc9b":"":"f9978ba41df22894ad5f3849c1bdf21f7bbc0128c782e79b":"b4d57de5e18d393273ee9f3ef9736599c6d639f437239219":"fee23db2fcc71624fb39f573e33a1490efc7230c27e9278188251634f9c045bcb26e79ece6a173491475ae44a957c4269570f5469234ca8b6873cc973c8d97178c58cec658a352bad0d4c6001cae5664258db59ad76eb6304d166267eafb46f4dd536a914fa6d1ac58317e7c557d4653" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"c10d4e521350f7cd1853576d03c4bece3e58c8c740859e4e16979499ec1365fc073736a3":"":"78b245520153baacc66846e7a83a2a925f892d4c2ee63c0f":"c8ca7a33de5991d44d7ef7da2d3368cc2cdb93895c394d41":"f92c15f5833800b28dba2d134d4dcfc41abf72f5a700469551e8ccb83bdb0772d14d6b26ba6978169e3ddbe5f214d57930dfcad719bf10d306749246d2624bedd4a18d327b8ae6bee67cf0bfb5f649824bbd0440f042146b95a83e5845ced69a55ba055d5dfc7183c3bb28d61312d274" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"7608b5617785995a1f7144ee5229e4f9c138e418bcc3b5e061a422e8cf875f58650e996d":"":"961c2d33039e60a2871e1f5b82097f6b1cb03836dba5f440":"b18cb52d3858ac5bf59f216a28c0ad49f3dc88c67b5870e0":"4b0313ae873ce5ebf08aec160416492e4c4c797a5017061ea42aefa0685ab19b74a7af11f019b9fb63072b797f7ea3354efd32c4abd1e866405a319ed2fa13fc81019d61326e70e503141b9c77b4879a45e9f36f101dbfff4359147282ef814888fee81640def25f551cee41d12609aa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"fef7a43fea2ff1a0f624086985e535778d7a73dbc47bc23e9da92edd5d2f273cdbbc0251":"":"836731a57497a69e31f8db4f729774ad65f31d968dbc55a8":"bcca96d808ba98bb50e90afe58fc88e95dc14c3e90c56004":"4f2c64ecd146689064fbf4fcffce2a2ab3910e72ec4faec277f7b9e9ed510381312b01f21650e175ebe9c45c11e977276f13be015243a0cd16a191abbac6462ba96e4e4a1120b28083da933419e8c8f03099906eb1ee012ae291104c6530f51b5e32e6631cab8ef5aad68c0045255ba9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,0,192) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"00197c70b2f0d3e98e4b387ec42a65c4106a1689ab5de61101ee76f4b5e530e7efeaf964":"":"03015311cddd0961ec7a74cb84d835c058a69b964f18a1c1":"5e0d99e0e7c57769a43ea771c467fb5e2df6d06dae035fd6":"72e8ca7666e440ac6a84ab6f7be7e00a536d77315b119b49e5544bf3ead564bd06740f09f6e20564542e0d597ac15a43b5fb5a0239a3362bc3a9efe1ce358ddd9d4f30b72e12ed9d78340c66b194beb4b12e973213931b9cfd0ccbdf540d2c36ce074e2beac7a4ddac59e06e4c7178d3" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"e4547261c9dda6bafe9fddf435a80ebc96354c7c2c8847c5d26c6e73a967bfc4ebaf8613":"42849dc8eec611eaa49252067fa60d7d7267d711dc35b576":"815f50fc233f157f96ad0627c355bce407b269dca91af661":"775a1c9da6f58d4eb95b27935ecc01dde31ff17ce2e4e65d":"25adb777523a80a6dbb6ac1fd08e02bfc4b4686cec5efe3ae9aa2d4469eae8c9c3693fdc8e0fc107720b7789ef7331e23fe3799412ec86857ffbba515a5af4d91013b2f17669421c822005b4747942790a11a24c4974f27d54de69727b0ed507b6a48a9d6c53f93e2f3d33df73dd643f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"06d677001d9b3c97fda4d09778aee3de131b4123696b109f81bb6b0d7fbcab3c5842bb83":"f99638d2d4365b662cd83ab4e6a7bbb624e6c72b7b38e81b":"20b7d56f6222bafeeeee59dbca1933d8086218891f3a9bfe":"9de4f2847fe239cb1a3df4b8ff64c25d7b0870f3c9ebe3a3":"e18ff19837ce21e68944659321311b8584dd515ed8a6a1f2b0ac06e69009c3d0cf0489af876201efad962cfd1ba54f540b94131d788d3fea797c4bc079593bc7932baa70abb145a355741a98c584f0fa3298b8310b01e1a6debf5359d7d02b1a6c663100acb56975450bec20e91b736b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"abd38c0465cdfe018f36ffbb7a0ee51d67675ab4f0f1d1e93418bb4cdf6499a371af4d3a":"9a07d5571d841e3c1a9eb3fb48cde3b3e080e1c2e0db6a6d":"a392f79022aebbec0c82b981293627d139dfb5232eb490b4":"f5ce1f6b1e6715c49bea42ff439fdecd9b3b7f2e578133cc":"885c54ad25992fc38260498d6f4d8c73d6159af5f7efef06174da03afcd8384cb28690fd9ded1d26e2dff74aee4dd0c47a0d99c6fc1ec8d8faccbdcf6fdb12a528564ad0d8131bcf5222d7e6c69c52da1acba01b721c98ac5a33725111f12f6d8100009d7cc9efb7ad8d7d95ea4e620d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"b52620e58e0b52b8eed0d6a6c5f4ff6c1483c61fc41dacf72bf475b37d068d061d1edcea":"ef0d233de00d24622b7d4ff4215aa720787fe80aaeb65d7a":"81b735acd3dcb13e65231c2d980fb40ca850370581f230d2":"b2302d024d92cdaed4b12f79b0aeb20c98b2321710fefab2":"ae94204670196baf740768f97b3a095134b384afea667fd90a77a16c8ae390a732ff49a3073a27db0f7a2c8ad5d7cb527d334a37abf0472f292a20f2a28e667d7c9e9f7b8fbdd177f36bf92d66223aee3f712b6c9b064e07ab96f6a77613ea55008fb4f8fbcb2f1ccbb0da75316c1faa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2592a5ed86ff64b9b4c1fbb81222d1bfbc53f3a639571ecc356084058b8855237da15c50":"a626c51ec99e72431485d2ba027ed9cabcae7b86116abe4f":"c430876552d28776570923c6b74e42c3210f01104006bf11":"fe2ebc239690a4eb18a0b5e75d08831cc2eb07c982c63973":"005045ade7cc15467b5ea784649d9804540a842ffba4db8d44df4f44c69480bd4fe965b645aed09d62190daeb2693a2192aec3d71453a8218e4700201ab922ac35d241d95150b47cc7a051897be4d958f2da5c2ebbfceb1c550cb67b32ff83ce4fd845fd826a0d2469b506f5158765fa" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"376785f5ff8a82ceb0aaeb010533cc1089059ec583c302b14bc47e2cb8c2711839ce7f68":"6d345e248339e893f75696c039ac47e5678696fd489a393c":"b0f3fa1131c3fdd5c7fd2de93931e45a66fa030422ac65db":"c66341e3f9fb82e3ba85f229fcb7d34457e4a6ba8396b548":"b92d17e1be94b0385a8cc3e16189811fef7b284a1b0b6b2520fde79af7826c745e746486a70cd8dd9930b163da75f7eea7c216e758d9ed6c745dcd7bde19bb9382c1f7c37cd15b703b884d7d452c255b25048a836844c5ff28aaacf733a52c28904b36e1b51729d7aed81d601c0872dd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"2cc2557582c5a90cd2ad0c4a5578eb0bbc9bde41b126e46d8e9c3563341ba238414eb628":"9d2fbb9153e3ffefae0770c79de10db069a5ff9f50e31787":"2e54e32539e27ef76ac1eeae2e30c2385647652e20903b39":"1f4e01255908c3c8049521f8972c01ede7dc76c425c59640":"7d6ccdfab33f322898c470be02d8257e0e952dd10f407b3a8eaeeba47c541d968d79eca29e15541c1505fe4f19a41797c9ca2280c06261fe9d0c58bab65d16f5794b57566b8795c38c7b43d4761c8fd107beb95147a0fe61ae8dc31e25eb2957e44c0463ca7c1b589ea587f0cae1428c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"e670f896326b76034e43cd85f6f6f11fe6582d3471a8eb88d37a2302de010aac0e556860":"5e218091abee1960ef81f4d5a80415e388bd0cc79bed70cf":"7cf84b9ff30dbd0f608fb21646d7c5b542fba50adb38d5df":"c1c4aabe7616a4c97a4dbdadb08a9b63c6e10cef8d463fd8":"d8fbd557fccf31829b5ee11b05d0353e725bff15fdaac94d21ce95d40eff55edd852b264b515ec6384e2d28d014e47a2df0d4f56a4ec79309b06affc62915e231d62d02bfc60220c72b7ca7ba5671f882839b791ef534e707a04e5274c1011f7941fe1075a5d06a47af9fb2f65c1f211" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"0576bb2d4c663b781193509251e2f76b0a8bb792e79449600c2c154feb70cf33ca942508":"ad15e4fce9f4dea43c12ff9f9d50c963b335a01332541154":"3c8a4d6ab96cebf9d02b5663dcb0e0db23699623455cd4b5":"43d2d3a8d023fa1785ce4781a15eb20ad787685a47da08f0":"a68e648cb07da2eb795a8c898c8631e565f33c2fe9c35e686d6f85fef145446cb79bb6d17bdc8224bfe437468a9630ed03c517caf1226c278ae510c869d67d50b6bf1cb378a34035041f290d8dbc123650ab4fbe5cf6074ed0ba90e45d9a8ae08566ea3d3a00ee3741c8ec8f56dcc78c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"f597ce05b9a5b1cf3847bbd4171e5085384cc256f77ac61573b435726cbd538b93de9f55":"573cf859f8fea05f16c6d03cb4e524b91e917f39eeeb1d68":"2a842454870c3f7936f8036b453d219557ca341f261d2519":"7afd8cc269899acd88f5c55af29fb0c4ce678a0d8ebf924f":"8162c16c1ce3d5c6b7c96f0281f4220569a882277935752b86e7d3f54646b276cb77ed96da73799911fca3d19d34c1f0b21068a472afcb77410412eff2abd03c753a009ce02b0e995477546366020294eff0ef0da66f31a413313e2774ca04f09a4d5076e0e85ca97d5bb6faac4c0c27" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"d5b5374fe143035c4fea41667bc8bc7d46000998cc82ab32a0040c705e01f9b354e8f16e":"ed8bb219e67515874c5b9e3f6ae6e4dfa9c42d1e69204e8b":"70f03fe6e78cc34ec1678b2708fcd8ae3300183ea15ccfc7":"9c641d7e73d1a2b819e113747d74a979b74c444ed36b7391":"d50df8e3e17c0f5e19673ba2097d1d0c4cf7a9def7465a5b91ac8d49ae1b6a821fe9efde841ec9064555c0e2d6cdfa41f1089f22a5c27090c5a136660d1af586a1e131a853f19bc3c8f4c79aa09e39c2f22b4456c667ec907e2a4124218665e7cce50399ae1e19ba9c2399f470444839" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"74d7c8c9b170e59e4f128c8df1955838df5c8071a5e85439d71e785c68b37e10efb39c9a":"be3d54203a1078d051519137774d5d851e81be026155eb78":"23f7b6758d79de580ed3eb995fc173da74939837aa8d9eb4":"6f0d5a333ddea0d38362df0dc3ebaa2be2fe5825ddb0ce84":"4462fc32110b25b3797c5cafaad830e8a4346d9270fed98b30f1345a7a8dde19bf5365d6f3788e7f715feb2762af263839c8c8188908c61120743d977d71c51f6324d887bbda380fc07eff09a31c2332e7b1aa1692c59c3379db95fc21cf711c004c4d385fe14f48f2f2a31bcce6aaec" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"eaf27c3f69279fd523c0c3a1da5fc4f01ed64c27ffcfe3c1c596482f5baae1434e8c687c":"b038829fc95dcba8645ce40a306491c893f48139ae30a071":"fbbf7abb8cc2612eeea6d9463efd55c47245e01713332bd6":"ccd7e81f529de1ff4e65fc63d34c262ffde7ee49e6707197":"96dfb7445057633b2f0deb69135d10d0a2dc53faa9cded55ddfb8edc63f5424f8fec7627597a30328177dde7963f76f9e5412b5b440256c6a3f0c7c7fa02ca49e19ea176abac013696e9d529f65e51d4a7348e42dd254bbf19d9632d6c875b8ecd7a4139f1bf020a159d2a30af8d645f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"319cbf2b11b37c831c654b6cec2570dc6d7abeeab185272a518eaef30faa5acf5c8b254d":"9effa141f7466b659eaa50c32c8e683c2640f54027ab6aa5":"63b3acc237588cdf41c0d4bef16c4890cf3d458fcf1de8ea":"573d6a7960aeccc3280a8aee4d72e587e9d196b7b270e329":"8a568086fdd9f01206a5aaee34d253bbc9339112d3170699b9a1392e97062d5d0f16240114dc1789269217c5b4b2974895b20903890f7dacfef46fa4a4d02891c70425ab3b42f53d72f852faf3713ac7b8207dc453279f4df345091b8bfeb54983095c2d190358293ba507bdfdc39b24" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-224,192+96,192,192) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"56f3f5b08da10ead0c986dd2ae5553e4b2eeeb47ad5d22197b12b89b4a871c51c0d85554":"96c8630a1f4187fb0794601cf51e7e333e71756a0421ff43":"875e5bc9548917a82b6dc95200d92bf4218dba7ab316a5fe":"4d3f5678b00d47bb9d0936486de60407eaf1282fda99f595":"90969961ef9283b9e600aead7985455e692db817165189665f498f219b1e5f277e586b237851305d5205548b565faeb02bb7b5f477c80ba94b0563e24d9309d2957a675848140f5601f698459db5899b20dda68f000ccb18dcd39dfae49955b8478fd50bb59d772045beb338622efa5a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"ca851911349384bffe89de1cbdc46e6831e44d34a4fb935ee285dd14b71a7488659ba96c601dc69fc902940805ec0ca8":"":"":"":"e528e9abf2dece54d47c7e75e5fe302149f817ea9fb4bee6f4199697d04d5b89d54fbb978a15b5c443c9ec21036d2460b6f73ebad0dc2aba6e624abf07745bc107694bb7547bb0995f70de25d6b29e2d3011bb19d27676c07162c8b5ccde0668961df86803482cb37ed6d5c0bb8d50cf1f50d476aa0458bdaba806f48be9dcb8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"79737479ba4e7642a221fcfd1b820b134e9e3540a35bb48ffae29c20f5418ea33593259c092bef4129bc2c6c9e19f343":"":"":"":"cf5ad5984f9e43917aa9087380dac46e410ddc8a7731859c84e9d0f31bd43655b924159413e2293b17610f211e09f770f172b8fb693a35b85d3b9e5e63b1dc252ac0e115002e9bedfb4b5b6fd43f33b8e0eafb2d072e1a6fee1f159df9b51e6c8da737e60d5032dd30544ec51558c6f080bdbdab1de8a939e961e06b5f1aca37" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b340907445b97a8b589264de4a17c0bea11bb53ad72f9f33297f05d2879d898d65cb27735d83c0708f72684ea58f7ee5":"":"":"":"75183aaaf3574bc68003352ad655d0e9ce9dd17552723b47fab0e84ef903694a32987eeddbdc48efd24195dbdac8a46ba2d972f5808f23a869e71343140361f58b243e62722088fe10a98e43372d252b144e00c89c215a76a121734bdc485486f65c0b16b8963524a3a70e6f38f169c12f6cbdd169dd48fe4421a235847a23ff" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8e159f60060a7d6a7e6fe7c9f769c30b98acb1240b25e7ee33f1da834c0858e7c39d35052201bdcce4e127a04f04d644":"":"":"":"62910a77213967ea93d6457e255af51fc79d49629af2fccd81840cdfbb4910991f50a477cbd29edd8a47c4fec9d141f50dfde7c4d8fcab473eff3cc2ee9e7cc90871f180777a97841597b0dd7e779eff9784b9cc33689fd7d48c0dcd341515ac8fecf5c55a6327aea8d58f97220b7462373e84e3b7417a57e80ce946d6120db5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"74755f196305f7fb6689b2fe6835dc1d81484fc481a6b8087f649a1952f4df6ac36387a544a5f2b78007651a7b74b749":"":"":"":"b2896f3af4375dab67e8062d82c1a005ef4ed119d13a9f18371b1b873774418684805fd659bfd69964f83a5cfe08667ddad672cafd16befffa9faed49865214f703951b443e6dca22edb636f3308380144b9333de4bcb0735710e4d9266786342fc53babe7bdbe3c01a3addb7f23c63ce2834729fabbd419b47beceb4a460236" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"4b222718f56a3260b3c2625a4cf80950b7d6c1250f170bd5c28b118abdf23b2f7aed52d0016fcaef0b6492bc40bbe0e9":"":"":"":"a6da029b3665cd39fd50a54c553f99fed3626f4902ffe322dc51f0670dfe8742ed48415cf04bbad5ed3b23b18b7892d170a7dcf3ef8052d5717cb0c1a8b3010d9a9ea5de70ae5356249c0e098946030c46d9d3d209864539444374d8fbcae068e1d6548fa59e6562e6b2d1acbda8da0318c23752ebc9be0c1c1c5b3cf66dd967" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b512633f27fb182a076917e39888ba3ff35d23c3742eb8f3c635a044163768e0e2c39b84629a3de5c301db5643af1c21":"":"":"":"fb931d0d0194a97b48d5d4c231fdad5c61aedf1c3a55ac24983ecbf38487b1c93396c6b86ff3920cfa8c77e0146de835ea5809676e702dee6a78100da9aa43d8ec0bf5720befa71f82193205ac2ea403e8d7e0e6270b366dc4200be26afd9f63b7e79286a35c688c57cbff55ac747d4c28bb80a2b2097b3b62ea439950d75dff" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"aae3ffc8605a975befefcea0a7a286642bc3b95fb37bd0eb0585a4cabf8b3d1e9504c3c0c4310c1c0746a036c91d9034":"":"":"":"2819bd3b0d216dad59ddd6c354c4518153a2b04374b07c49e64a8e4d055575dfbc9a8fcde68bd257ff1ba5c6000564b46d6dd7ecd9c5d684fd757df62d85211575d3562d7814008ab5c8bc00e7b5a649eae2318665b55d762de36eba00c2906c0e0ec8706edb493e51ca5eb4b9f015dc932f262f52a86b11c41e9a6d5b3bd431" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b9475210b79b87180e746df704b3cbc7bf8424750e416a7fbb5ce3ef25a82cc624baf03599c10df6ef44065d715a93f7":"":"":"":"ae12d784f796183c50db5a1a283aa35ed9a2b685dacea97c596ff8c294906d1b1305ba1f80254eb062b874a8dfffa3378c809ab2869aa51a4e6a489692284a25038908a347342175c38401193b8afc498077e10522bec5c70882b7f760ea5946870bd9fc72961eedbe8bff4fd58c7cc1589bb4f369ed0d3bf26c5bbc62e0b2b2" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"27838eb44ceccb4e36210703ebf38f659bc39dd3277cd76b7a9bcd6bc964b62839cfe0210db2e7b0eb52a387476e7ea1":"":"":"":"e5e72a53605d2aaa67832f97536445ab774dd9bff7f13a0d11fd27bf6593bfb52309f2d4f09d147192199ea584503181de87002f4ee085c7dc18bf32ce5315647a3708e6f404d6588c92b2dda599c131aa350d18c747b33dc8eda15cf40e95263d1231e1b4b68f8d829f86054d49cfdb1b8d96ab0465110569c8583a424a099a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d7129e4f47008ad60c9b5d081ff4ca8eb821a6e4deb91608bf4e2647835373a5a72882773f78c2fc4878295840a53012":"":"":"":"0cbf48585c5de9183b7ff76557f8fc9ebcfdfde07e588a8641156f61b7952725bbee954f87e9b937513b16bba0f2e523d095114658e00f0f3772175acfcb3240a01de631c19c5a834c94cc58d04a6837f0d2782fa53d2f9f65178ee9c837222494c799e64c60406069bd319549b889fa00a0032dd7ba5b1cc9edbf58de82bfcd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"67fe5e300c513371976c80de4b20d4473889c9f1214bce718bc32d1da3ab7532e256d88497738a33923aa003a8d7845c":"":"":"":"b44660d64ef7bcebc7a1ab71f8407a02285c7592d755ae6766059e894f694373ed9c776c0cfc8594413eefb400ed427e158d687e28da3ecc205e0f7370fb089676bbb0fa591ec8d916c3d5f18a3eb4a417120705f3e2198154cd60648dbfcfc901242e15711cacd501b2c2826abe870ba32da785ed6f1fdc68f203d1ab43a64f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"de8142541255c46d66efc6173b0fe3ffaf5936c897a3ce2e9d5835616aafa2cbd01f9002c407127bc3297a561d89b81d":"":"":"":"64d1020929d74716446d8a4e17205d0756b5264867811aa24d0d0da8644db25d5cde474143c57d12482f6bf0f31d10af9d1da4eb6d701bdd605a8db74fb4e77f79aaa9e450afda50b18d19fae68f03db1d7b5f1738d2fdce9ad3ee9461b58ee242daf7a1d72c45c9213eca34e14810a9fca5208d5c56d8066bab1586f1513de7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"4a8e0bd90bdb12f7748ad5f147b115d7385bb1b06aee7d8b76136a25d779bcb77f3cce4af8c8ce3c45bdf23c6b181a00":"":"":"":"320c7ca4bbeb7af977bc054f604b5086a3f237aa5501658112f3e7a33d2231f5536d2c85c1dad9d9b0bf7f619c81be4854661626839c8c10ae7fdc0c0b571be34b58d66da553676167b00e7d8e49f416aacb2926c6eb2c66ec98bffae20864cf92496db15e3b09e530b7b9648be8d3916b3c20a3a779bec7d66da63396849aaf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"451ed024bc4b95f1025b14ec3616f5e42e80824541dc795a2f07500f92adc6652f28e6ee8de5879db1eccd58c994e5f0":"":"":"":"3fb637085ab75f4e95655faae95885166a5fbb423bb03dbf0543be063bcd48799c4f05d4e522634d9275fe02e1edd920e26d9accd43709cb0d8f6e50aa54a5f3bdd618be23cf73ef736ed0ef7524b0d14d5bef8c8aec1cf1ed3e1c38a808b35e61a44078127c7cb3a8fd7addfa50fcf3ff3bc6d6bc355d5436fe9b71eb44f7fd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d3cc4d1acf3dde0c4bd2290d262337042dc632948223d3a2eaab87da44295fbd0109b0e729f457328aa18569a9224921":"":"3c311848183c9a212a26f27f8c6647e40375e466a0857cc39c4e47575d53f1f6":"fcb9abd19ccfbccef88c9c39bfb3dd7b1c12266c9808992e305bc3cff566e4e4":"9c7b758b212cd0fcecd5daa489821712e3cdea4467b560ef5ddc24ab47749a1f1ffdbbb118f4e62fcfca3371b8fbfc5b0646b83e06bfbbab5fac30ea09ea2bc76f1ea568c9be0444b2cc90517b20ca825f2d0eccd88e7175538b85d90ab390183ca6395535d34473af6b5a5b88f5a59ee7561573337ea819da0dcc3573a22974" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"f97a3cfd91faa046b9e61b9493d436c4931f604b22f1081521b3419151e8ff0611f3a7d43595357d58120bd1e2dd8aed":"":"517289afe444a0fe5ed1a41dbbb5eb17150079bdd31e29cf2ff30034d8268e3b":"88028d29ef80b4e6f0fe12f91d7449fe75062682e89c571440c0c9b52c42a6e0":"c6871cff0824fe55ea7689a52229886730450e5d362da5bf590dcf9acd67fed4cb32107df5d03969a66b1f6494fdf5d63d5b4d0d34ea7399a07d0116126d0d518c7c55ba46e12f62efc8fe28a51c9d428e6d371d7397ab319fc73ded4722e5b4f30004032a6128df5e7497ecf82ca7b0a50e867ef6728a4f509a8c859087039c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"0f2f23d64f481cabec7abb01db3aabf125c3173a044b9bf26844300b69dcac8b9a5ae13232b43aa19cfe8d7958b4b590":"":"ec4c7a62acab73385f567da10e892ff395a0929f959231a5628188ce0c26e818":"6b97b8c6b6bb8935e676c410c17caa8042aa3145f856d0a32b641e4ae5298648":"7480a361058bd9afa3db82c9d7586e42269102013f6ec5c269b6d05f17987847748684766b44918fd4b65e1648622fc0e0954178b0279dfc9fa99b66c6f53e51c4860131e9e0644287a4afe4ca8e480417e070db68008a97c3397e4b320b5d1a1d7e1d18a95cfedd7d1e74997052bf649d132deb9ec53aae7dafdab55e6dae93" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"53c56660c78481be9c63284e005fcc14fbc7fb27732c9bf1366d01a426765a31dc7a14d0eb5b0b3534e717a0b3c64614":"":"3aa848706ecb877f5bedf4ffc332d57c22e08747a47e75cff6f0fd1316861c95":"9a401afa739b8f752fddacd291e0b854f5eff4a55b515e20cb319852189d3722":"5c0eb420e0bf41ce9323e815310e4e8303cd677a8a8b023f31f0d79f0ca15aeb636099a369fd074d69889865eac1b72ab3cbfebdb8cf460b00072802e2ec648b1349a5303be4ccaadd729f1a9ea17482fd026aaeb93f1602bc1404b9853adde40d6c34b844cf148bc088941ecfc1642c8c0b9778e45f3b07e06e21ee2c9e0300" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"f63c804404902db334c54bb298fc271a21d7acd9f770278e089775710bf4fdd73e45009ea9cb2a36ba1aa4bf39178200":"":"d165a13dc8cc43f3f0952c3f5d3de4136954d983683d4a3e6d2dc4c89bf23423":"75106bc86d0336df85097f6af8e80e2da59046a03fa65b06706b8bbc7ffc6785":"6363139bba32c22a0f5cd23ca6d437b5669b7d432f786b8af445471bee0b2d24c9d5f2f93717cbe00d1f010cc3b9c515fc9f7336d53d4d26ba5c0d76a90186663c8582eb739c7b6578a3328bf68dc2cec2cd89b3a90201f6993adcc854df0f5c6974d0f5570765a15fe03dbce28942dd2fd16ba2027e68abac83926969349af8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"2aaca9147da66c176615726b69e3e851cc3537f5f279fe7344233d8e44cfc99d4e171f080af9a6081bee9f183ac9e340":"":"d75a2a6eb66c3833e50f5ec3d2e434cf791448d618026d0c360806d120ded669":"b643b74c15b37612e6577ed7ca2a4c67a78d560af9eb50a4108fca742e87b8d6":"501dcdc977f4ba856f24eaa4968b374bebb3166b280334cb510232c31ebffde10fa47b7840ef3fe3b77725c2272d3a1d4219baf23e0290c622271edcced58838cf428f0517425d2e19e0d8c89377eecfc378245f283236fafa466c914b99672ceafab369e8889a0c866d8bd639db9fb797254262c6fd44cfa9045ad6340a60ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a2e4cd48a5cf918d6f55942d95fcb4e8465cdc4f77b7c52b6fae5b16a25ca306bef036716440db6e6d333d9d760b7ca8":"":"bfa591c7287f3f931168f95e38869441d1f9a11035ad8ea625bb61b9ea17591c":"c00c735463bca215adc372cb892b05e939bf669583341c06d4e31d0e5b363a37":"e7d136af69926a5421d4266ee0420fd729f2a4f7c295d3c966bdfa05268180b508b8a2852d1b3a06fd2ab3e13c54005123ef319f42d0c6d3a575e6e7e1496cb28aacadbcf83740fba8f35fcee04bb2ed8a51db3d3362b01094a62fb57e33c99a432f29fce6676cffbbcc05107e794e75e44a02d5e6d9d748c5fbff00a0178d65" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"95a67771cba69011a79776e713145d309edae56fad5fd6d41d83eaff89df6e5ebe5b5164e31ecc51ba6f7c3c5199eb33":"":"065f693b229a7c4fd373cd15b3807552dd9bf98c5485cef361949d4e7d774b53":"9afb62406f0e812c4f156d58b19a656c904813c1b4a45a0029ae7f50731f8014":"f61b61a6e79a41183e8ed6647899d2dc85cdaf5c3abf5c7f3bf37685946dc28f4923dc842f2d4326bd6ce0d50a84cb3ba869d72a36e246910eba6512ba36cd7ed3a5437c9245b00a344308c792b668b458d3c3e16dee2fbec41867da31084d46d8ec168de2148ef64fc5b72069abf5a6ada1ead2b7146bb793ff1c9c3690fa56" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a459e1815cbca4514ec8094d5ab2414a557ba6fe10e613c345338d0521e4bf9062221392e2552e76cd0d36df6e6068eb":"":"0a3642b02b23b3ef62c701a63401124022f5b896de86dab6e6c7451497aa1dcc":"c80514865901371c45ba92d9f95d50bb7c9dd1768cb3dfbc45b968da94965c6e":"464e6977b8adaef307c9623e41c357013249c9ffd77f405f3925cebb69f151ce8fbb6a277164002aee7858fc224f6499042aa1e6322deee9a5d133c31d640e12a7487c731ba03ad866a24675badb1d79220c40be689f79c2a0be93cb4dada3e0eac4ab140cb91998b6f11953e68f2319b050c40f71c34de9905ae41b2de1c2f6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"252c2cad613e002478162861880979ee4e323025eebb6fb2e0aa9f200e28e0a1d001bc9a8f2c8c242e4369df0c191989":"":"9bcfc61cb2bc000034bb3db980eb47c76fb5ecdd40553eff113368d639b947fd":"8b0565c767c2610ee0014582e9fbecb96e173005b60e9581503a6dca5637a26e":"e96c15fe8a60692b0a7d67171e0195ff6e1c87aab844221e71700d1bbee75feea695f6a740c9760bbe0e812ecf4061d8f0955bc0195e18c4fd1516ebca50ba6a6db86881737dbab8321707675479b87611db6af2c97ea361a5484555ead454defb1a64335de964fc803d40f3a6f057893d2afc25725754f4f00abc51920743dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8be0ca6adc8b3870c9d69d6021bc1f1d8eb9e649073d35ee6c5aa0b7e56ad8a59d1265f7d51fdb65377f1e6edd6ae0e4":"":"da86167ac997c406bb7979f423986a84ec6614d6caa7afc10aff0699a9b2cf7f":"e4baa3c555950b53e2bfdba480cb4c94b59381bac1e33947e0c22e838a9534cf":"64384ecc4ea6b458efc227ca697eac5510092265520c0a0d8a0ccf9ed3ca9d58074671188c6a7ad16d0b050cdc072c125d7298d3a31d9f044a9ee40da0089a84fea28cc7f05f1716db952fad29a0e779635cb7a912a959be67be2f0a4170aace2981802e2ff6467e5b46f0ffbff3b42ba5935fd553c82482ac266acf1cd247d7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d43a75b6adf26d60322284cb12ac38327792442aa8f040f60a2f331b33ac4a8f0682f8b091f811afacaacaec9b04d279":"":"7fd3b8f512940da7de5d80199d9a7b42670c04a945775a3dba869546cbb9bc65":"2575db20bc7aafc2a90a5dabab760db851d754777bc9f05616af1858b24ff3da":"0da7a8dc73c163014bf0841913d3067806456bbca6d5de92b85534c6545467313648d71ef17c923d090dc92cff8d4d1a9a2bb63e001dc2e8ab1a597999be3d6cf70ff63fee9985801395fbd4f4990430c4259fcae4fa1fcd73dc3187ccc102d04af7c07532885e5a226fc42809c48f22eecf4f6ab996ae4fcb144786957d9f41" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"64352f236af5d32067a529a8fd05ba00a338c9de306371a0b00c36e610a48d18df99ed2c7608c870624b962a5dc68acd":"":"da416335e7aaf60cf3d06fb438735ce796aad09034f8969c8f8c3f81e32fef24":"a28c07c21a2297311adf172c19e83ca0a87731bdffb80548978d2d1cd82cf8a3":"132b9f25868729e3853d3c51f99a3b5fae6d4204bea70890daf62e042b776a526c8fb831b80a6d5d3f153237df1fd39b6fd9137963f5516d9cdd4e3f9195c46e9972c15d3edc6606e3368bde1594977fb88d0ca6e6f5f3d057ccadc7d7dab77dfc42658a1e972aa446b20d418286386a52dfc1c714d2ac548713268b0b709729" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"282f4d2e05a2cd30e9087f5633089389449f04bac11df718c90bb351cd3653a590a7daf3c0de9ea286081efc4a684dfb":"":"2630b4ccc7271cc379cb580b0aaede3d3aa8c1c7ba002cf791f0752c3d739007":"c31d69de499f1017be44e3d4fa77ecebc6a9b9934749fcf136f267b29115d2cc":"c899094520e0197c37b91dd50778e20a5b950decfb308d39f1db709447ae48f6101d9abe63a783fbb830eec1d359a5f61a2013728966d349213ee96382614aa4135058a967627183810c6622a2158cababe3b8ab99169c89e362108bf5955b4ffc47440f87e4bad0d36bc738e737e072e64d8842e7619f1be0af1141f05afe2d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"13c752b9e745ce77bbc7c0dbda982313d3fe66f903e83ebd8dbe4ff0c11380e9f1a533095d6174164bd7c82532464ae7":"":"4f53db89b9ba7fc00767bc751fb8f3c103fe0f76acd6d5c7891ab15b2b7cf67c":"582c2a7d34679088cca6bd28723c99aac07db46c332dc0153d1673256903b446":"6311f4c0c4cd1f86bd48349abb9eb930d4f63df5e5f7217d1d1b91a71d8a6938b0ad2b3e897bd7e3d8703db125fab30e03464fad41e5ddf5bf9aeeb5161b244468cfb26a9d956931a5412c97d64188b0da1bd907819c686f39af82e91cfeef0cbffb5d1e229e383bed26d06412988640706815a6e820796876f416653e464961" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5cacc68165a2e2ee20812f35ec73a79dbf30fd475476ac0c44fc6174cdac2b556f885496c1e63af620becd9e71ecb824":"e72dd8590d4ed5295515c35ed6199e9d211b8f069b3058caa6670b96ef1208d0":"":"":"f1012cf543f94533df27fedfbf58e5b79a3dc517a9c402bdbfc9a0c0f721f9d53faf4aafdc4b8f7a1b580fcaa52338d4bd95f58966a243cdcd3f446ed4bc546d9f607b190dd69954450d16cd0e2d6437067d8b44d19a6af7a7cfa8794e5fbd728e8fb2f2e8db5dd4ff1aa275f35886098e80ff844886060da8b1e7137846b23b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8df013b4d103523073917ddf6a869793059e9943fc8654549e7ab22f7c29f122da2625af2ddd4abcce3cf4fa4659d84e":"b571e66d7c338bc07b76ad3757bb2f9452bf7e07437ae8581ce7bc7c3ac651a9":"":"":"b91cba4cc84fa25df8610b81b641402768a2097234932e37d590b1154cbd23f97452e310e291c45146147f0da2d81761fe90fba64f94419c0f662b28c1ed94da487bb7e73eec798fbcf981b791d1be4f177a8907aa3c401643a5b62b87b89d66b3a60e40d4a8e4e9d82af6d2700e6f535cdb51f75c321729103741030ccc3a56" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"565b2b77937ba46536b0f693b3d5e4a8a24563f9ef1f676e8b5b2ef17823832f4ef3064ec29f5b7f9686d75a23d170e3":"3b722433226c9dba745087270ab3af2c909425ba6d39f5ce46f07256068319d9":"":"":"d144ee7f8363d128872f82c15663fe658413cd42651098e0a7c51a970de75287ec943f9061e902280a5a9e183a7817a44222d198fbfab184881431b4adf35d3d1019da5a90b3696b2349c8fba15a56d0f9d010a88e3f9eeedb67a69bcaa71281b41afa11af576b765e66858f0eb2e4ec4081609ec81da81df0a0eb06787340ea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"fc3832a91b1dcdcaa944f2d93cbceb85c267c491b7b59d017cde4add79a836b6d5e76ce9eabafed06e33a913e395c5e0":"ffc5f6eefd51da64a0f67b5f0cf60d7ab43fc7836bca650022a0cee57a43c148":"":"":"0e713c6cc9a4dbd4249201d12b7bf5c69c3e18eb504bf3252db2f43675e17d99b6a908400cea304011c2e54166dae1f20260008efe4e06a87e0ce525ca482bca223a902a14adcf2374a739a5dfeaf14cadd72efa4d55d15154c974d9521535bcb70658c5b6c944020afb04a87b223b4b8e5d89821704a9985bb010405ba8f3d4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8009eb2cb49fdf16403bcdfd4a9f952191062acb9cc111eca019f957fb9f4451355598866952394b1eddd85d59f81c9d":"09ff1d4b97d83b223d002e05f754be480d13ba968e5aac306d71cc9fc49cc2dd":"":"":"9550903c2f02cf77c8f9c9a37041d0040ee1e3ef65ba1a1fbbcf44fb7a2172bd6b3aaabe850281c3a1778277bacd09614dfefececac64338ae24a1bf150cbf9d9541173a82ecba08aa19b75abb779eb10efa4257d5252e8afcac414bc3bb5d3006b6f36fb9daea4c8c359ef6cdbeff27c1068571dd3c89dc87eda9190086888d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a6e4c9a8bd6da23b9c2b10a7748fd08c4f782fadbac7ea501c17efdc6f6087bdacdc47edf1d3b21d0aec7631abb6d7d5":"c16ee0908a5886dccf332fbc61de9ec7b7972d2c4c83c477409ce8a15c623294":"":"":"a52f93ccb363e2bdf0903622c3caedb7cffd04b726052b8d455744c71b76dee1b71db9880dc3c21850489cb29e412d7d80849cfa9151a151dcbf32a32b4a54cac01d3200200ed66a3a5e5c131a49655ffbf1a8824ff7f265690dffb4054df46a707b9213924c631c5bce379944c856c4f7846e281ac89c64fad3a49909dfb92b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"59d6307460a9bdd392dfc0904973991d585696010a71e52d590a5039b4849fa434a0aafb95917cbf8c38fc5548373c05":"0407b7c57bc11361747c3d67526c36e228028a5d0b145d66ab9a2fe4b07507a0":"":"":"299aba0661315211b09d2861855d0b4b125ab24649461341af6abd903ed6f025223b3299f2126fcad44c675166d800619cf49540946b12138989417904324b0ddad121327211a297f11259c9c34ce4c70c322a653675f78d385e4e2443f8058d141195e17e0bd1b9d44bf3e48c376e6eb44ef020b11cf03eb141c46ecb43cf3d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"9ae3506aadbc8358696ba1ba17e876e1157b7048235921503d36d9211b4303429abf7d66afee5d2b811cba358bbc527d":"0d645f6238e9ceb038e4af9772426ca110c5be052f8673b8b5a65c4e53d2f519":"":"":"5f032c7fec6320fe423b6f38085cbad59d826085afe915247b3d546c4c6b174554dd4877c0d671de9554b505393a44e71f209b70f991ac8aa6e08f983fff2a4c817b0cd26c12b2c929378506489a75b2025b358cb5d0400821e7e252ac6376cd94a40c911a7ed8b6087e3de5fa39fa6b314c3ba1c593b864ce4ff281a97c325b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"96ae3b8775b36da2a29b889ad878941f43c7d51295d47440cd0e3c49991931091fe022a6fc0237b055d4d6a7036b18d5":"1e40e97362d0a823d3964c26b81ab53825c56446c5261689011886f19b08e5c2":"":"":"e707cd14b06ce1e6dbcceaedbf08d88891b03f44ad6a797bd12fdeb557d0151df9346a028dec004844ca46adec3051dafb345895fa9f4604d8a13c8ff66ae093fa63c4d9c0816d55a0066d31e8404c841e87b6b2c7b5ae9d7afb6840c2f7b441bf2d3d8bd3f40349c1c014347c1979213c76103e0bece26ad7720601eff42275" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"33f5120396336e51ee3b0b619b5f873db05ca57cda86aeae2964f51480d149926f1f6e9807ba5393edcf3cb4e4bb6113":"3709605af44d90196867c927512aa8ba31837063337b4879408d91a05c8efa9f":"":"":"8b8291126ded9acef12516025c99ccce225d844308b584b872c903c7bc6467599a1cead003dc4c70f6d519f5b51ce0da57f53da90dbe8f666a1a1dde297727fee2d44cebd1301fc1ca75956a3fcae0d374e0df6009b668fd21638d2b733e6902d22d5bfb4af1b455975e08eef0ebe4dc87705801e7776583c8de11672729f723" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"ad300b799005f290fee7f930eebce158b98fb6cb449987fe433f955456b3530006aa2514e4bd114edf7ac105cfef2772":"87ada711465e4169da2a74c931afb9b5a5b190d07b7af342aa99570401c3ee8a":"":"":"80d7c606ff49415a3a92ba1f2943235c01339c8f9cd0b0511fbfdf3ef23c42ffff008524193faaa4b7f2f2eb0cfa221d9df89bd373fe4e158ec06fad3ecf1eb48b8239b0bb826ee69d773883a3e8edac66254610ff70b6609836860e39ea1f3bfa04596fee1f2baca6cebb244774c6c3eb4af1f02899eba8f4188f91776de16f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"130b044e2c15ab89375e54b72e7baae6d4cad734b013a090f4df057e634f6ff065fd6ac602cd44107d705dbc066e52b6":"f374aba16f34d54aae5e494505b67d3818ef1c08ea24967a76876d4361379aec":"":"":"5d179534fb0dba3526993ed8e27ec9f915183d967336bb24352c67f4ab5d7935d3168e57008da851515efbaecb69904b6d899d3bfa6e9805659aef2942c4903875b8fcbc0d1d24d1c075f0ff667c1fc240d8b410dff582fa71fa30878955ce2ed786ef32ef852706e62439b69921f26e84e0f54f62b938f04905f05fcd7c2204" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"716430e999964b35459c17921fe5f60e09bd9ab234cb8f4ba4932bec4a60a1d59533b711e061b07d505da707cafbca03":"372ae616d1a1fc45c5aecad0939c49b9e01c93bfb40c835eebd837af747f079d":"":"":"a80d6a1b2d0ce01fe0d26e70fb73da20d45841cf01bfbd50b90d2751a46114c0e758cb787d281a0a9cf62f5c8ce2ee7ca74fefff330efe74926acca6d6f0646e4e3c1a1e52fce1d57b88beda4a5815896f25f38a652cc240deb582921c8b1d03a1da966dd04c2e7eee274df2cd1837096b9f7a0d89a82434076bc30173229a60" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"7679f154296e6d580854826539003a82d1c54e2e062c619d00da6c6ac820789b55d12941b0896462e7d888e5322a99a3":"ba4d1ed696f58ef64596c76cee87cc1ca83069a79e7982b9a06f9d62f4209faf":"":"":"10dc7cd2bb68c2c28f76d1b04ae2aa287071e04c3b688e1986b05cc1209f691daa55868ebb05b633c75a40a32b49663185fe5bb8f906008347ef51590530948b87613920014802e5864e0758f012e1eae31f0c4c031ef823aecfb2f8a73aaa946fc507037f9050b277bdeaa023123f9d22da1606e82cb7e56de34bf009eccb46" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8ca4a964e1ff68753db86753d09222e09b888b500be46f2a3830afa9172a1d6da59394e0af764e2f21cf751f623ffa6c":"eb8164b3bf6c1750a8de8528af16cffdf400856d82260acd5958894a98afeed5":"":"":"fc5701b508f0264f4fdb88414768e1afb0a5b445400dcfdeddd0eba67b4fea8c056d79a69fd050759fb3d626b29adb8438326fd583f1ba0475ce7707bd294ab01743d077605866425b1cbd0f6c7bba972b30fbe9fce0a719b044fcc1394354895a9f8304a2b5101909808ddfdf66df6237142b6566588e4e1e8949b90c27fc1f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5d3286bc53a258a53ba781e2c4dcd79a790e43bbe0e89fb3eed39086be34174bc5422294b7318952ace7055ab7570abf":"2dba094d008e150d51c4135bb2f03dcde9cbf3468a12908a1b025c120c985b9d":"793a7ef8f6f0482beac542bb785c10f8b7b406a4de92667ab168ecc2cf7573c6":"2238cdb4e23d629fe0c2a83dd8d5144ce1a6229ef41dabe2a99ff722e510b530":"d04678198ae7e1aeb435b45291458ffde0891560748b43330eaf866b5a6385e74c6fa5a5a44bdb284d436e98d244018d6acedcdfa2e9f499d8089e4db86ae89a6ab2d19cb705e2f048f97fb597f04106a1fa6a1416ad3d859118e079a0c319eb95686f4cbcce3b5101c7a0b010ef029c4ef6d06cdfac97efb9773891688c37cf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"c2a566a9a1817b15c5c3b778177ac87c24e797be0a845f11c2fe399dd37732f2cb1894eb2b97b3c56e628329516f86ec":"13ce4d8dd2db9796f94156c8e8f0769b0aa1c82c1323b61536603bca37c9ee29":"413dd83fe56835abd478cb9693d67635901c40239a266462d3133b83e49c820b":"d5c4a71f9d6d95a1bedf0bd2247c277d1f84a4e57a4a8825b82a2d097de63ef1":"b3a3698d777699a0dd9fa3f0a9fa57832d3cefac5df24437c6d73a0fe41040f1729038aef1e926352ea59de120bfb7b073183a34106efed6278ff8ad844ba0448115dfddf3319a82de6bb11d80bd871a9acd35c73645e1270fb9fe4fa88ec0e465409ea0cba809fe2f45e04943a2e396bbb7dd2f4e0795303524cc9cc5ea54a1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a33288a96f41dd54b945e060c8bd0c094f1e28267cc1dcbba52063c1a9d54c4d36918c977e1a7276a2bb475591c367b7":"6aa528c940962638dc2201738850fd1fe6f5d0eb9f687ff1af39d9c7b36830d9":"37ee633a635e43af59abdb1762c7ea45bfe060ec1d9077ecd2a43a658673f3c7":"2eb96f2e28fa9f674bb03ade703b8f791ee5356e2ee85c7ed5bda96325256c61":"db2f91932767eb846961ce5321c7003431870508e8c6f8d432ca1f9cee5cdc1aed6e0f133d317eb6990c4b3b0a360cdfb5b43a6e712bd46bca04c414868fab22c6a49c4b89c812697c3a7fbfc8ddf10c8aa5ebf13a09fd114eb2a02a07f69786f3ce7fd30231f22779bc8db103b13fa546dbc45a89a86275281172761683d384" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5f37b6e47e1776e735adc03d4b999879477ff4a206231924033d94c0114f911b7d12d62c79c9f6234ae0314156947459":"92d4d9fab5f8bf5119f2663a9df7334f50dcde74fb9d7732f7eba56501e60d54":"c9aef0d7a9ba7345d08b6d5b5ce5645c7495b8685e6b93846ffcf470f5abd40d":"50d9d1f5074f7d9f1a24a9c63aa47b94da5ba78db1b0f18e4d4fe45c6875813c":"20d942bbd7d98700faa37e94d53bf74f2d6bd1d8c95c0b88d842c4857797d59e7c8788aeeac29740122f208f703bf35dc32b0035db0648384feb6aa17a3274bc09b2d2b746c5a06fd82f4469fb86131a49482cb7be7d9b4b95042394cfb18b13f333ec0fe5c227bf1d8f33ecb2e42e358b6c3e034cb585331bd1d27f638029b9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"2311c5afd64c584484b2729e84db80c0b4063fe9ca7edc83350488d7e67264a06a6dfd975a0dc7b72df1f107c4b3b3a6":"2abd870ec5fe26ed14dfa57a3309f920131b70580c3639af2645cd1af93db1b1":"c6e532a3b25653b6002aed5269cc2118749306e736bde039d4d569d4f967773f":"5e7d26c4da769c373092b2b4f72b109fe34bdb7d169ea38f78ebae5df4a15759":"cacaeb1b4ac2305d8714eb50cbe1c67c5a2c0bbc7938fdfdcafef7c85fc40becbf777a4cfb6f14c6eee320943a493d2b0a744a6eb3c256ee9a3763037437df9adce3e2260f0c35e958af0edb5a81debd8bdaf2b8bb2b98b9186e5a222a21609ff58df4cbe1d4898d10d6e7c46f31f5cb1041bfd83a5fb27d5c56c961e91403fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"362ece9d330e1172a8f9e50258476d0c79c3ee50346524ba12d970ee3a6ef8c5cf11bcb4d9d51311ceacfca8705e833f":"abb5a8edde02e526449284ecc31bc713383df3ed085f752e3b6a32f305861eed":"746302ab1f4a86b17546bea762e929360f2e95c7788a63545a264ef997c8c65e":"b907c5b2a8833a48e56e819228ce9a050b41b3309f5ca37bed720311d92b33af":"73c7131a558350590053580873ef956ff952f2aa6ff1bea452e013d1bc2afddea2311756dbe756e63ba6258480c48f3f6c1319b5f572f67ca530af09e39413d1d432bea8f89206619618cb0e7c88e9f2033639d0eb0efc20616b64f940da99b88231984c3fb23f19e890576f555fde394dbd4351f17a7ffd5c369379001bda03" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"cf614bc29946bc0095f415e8bdeda10aab05392f9cc9187a86ea6ec95ee422e177fb5ec22dc0432cc13f4693e2e3bd9a":"e4ce77914ffbc5fddf1fb51edfafdc196109139b84c741354135ec8d314c7c43":"e1e83ee1205acaf6164dc287aec08e5b32789e5be818078db39e53cad589db51":"4e20c0226d5e1e7e805679f03f72452b5bea2d0ba41e0c12329bf60eb3016dd1":"838fdf1418a746aa52ae4005d90c3fd301f648c5770ffef2a9f3912e37a93850cc4b8bfcce910aead0cb75958823b1a62e283901c5e4a3980e4ea36257458e2e4953555819b8852a26489b1d74821f80c9908469b43f124ff7ea62497c36159a47353098a1b9ec32e54800d6704371cc37f357ad74aacc203e9b6db97f94d0c4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a8da1d3e233f393fd44d204c200202f7d01896e72c5ac652940cfd15b5d4b0bd0a112b4cb0890af0a495e0f49fcf6874":"d2e32799bc822b8d033299bdf63dc35774f7649e935d25be5b10512c430d1bda":"920a82d76fcd2cd106ada64bba232b7b2344f3afe6b1d1d20ee8795144571009":"eeaac5878275372025f8231febed64db6a11273c3c00d625fc80a95f18ad7d3f":"5f6dae489b53d89027b2cc333c700f090152d77b3eaf01d47f56ce6eca9893ef877b4cb560fab0fbdb34e3d1c6cd8480b33c053d2661a10aa531df4961b97d659c7492584236582b3fe701055efa59c328194cd1e07fcffd910d9ee01b7b9e8c8fda7f7ac01a8e203b8b26eb8078a9b9a5021562c44af24089e3ef84c1d5a6bd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a77b1ed4ecaa650374e1052c405f1d88881c25c87d13dbe1334d8c1a847fa76b05c143e2f145db216fe7be9ed23635d0":"b5c750968ff09ed251d4a1c05342ac843db5246b19045728a634fa4f6e752e54":"ff5937bcd01a363696bf8e40adc8e4ab3e56dbf7e7d09451c99e538785fe6697":"4acb34eea8266badcf8f6557a0eecf3eb4d7a295c876d6175598cb66a388efb8":"ec13eadfcc84e77d2a2efa1a2cd8b1355587cb27feb3d19d75b37f0446333ddb8236e751c63b7a6e595ec24a25051a696dbe8c062dd8896d1446db228a2f10e8094ee07e7ee648ed6bebb2f5ec5aae24c9c640665c28355cc11c116795ecc070790f7fdfc4398900311b6695d5da0175091ed1828d2731085bfb4a20bd86cce0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"491686c781e83eb4e21d9989e8d718100b0d21a2c56295888baef1a65f219651499085296d21065feabf3106101c8d6f":"d208a72f9ae34f0817669fb04f49239dd31700f3dc9a93db8d75fb79f9b686c1":"9ffc61893a293a864008fdd56d3292600d9e2ec8a1ea8f34ac5931e968905a23":"4ff3a397dfdae0912032a302a5e7a07dceca8d9013a21545689319b7c024cd07":"3c258ebf2203fca3b322ad1b016e21c7f5c148425f81e4fb0a0e462dce9dfa569c37a006527768297a5b68461b08912642a341b88c85597e30e7561206886098c4e2d861f11513f0ffdbbc78d3a2dd60c105abbb33c5e05ae27081b690fb8b3610917aa9bf1a4ad74481b5ff8334f14e5ad6a6a1eb2259476078076fb7e3a992" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"36a5267eeeb5a1a7d46de0f8f9281f73cd9611f01198fdaa78c5315205e5a177b66b5337970df36219321badacc624eb":"c2a7b164949da102bece44a423197682ff97627d1fe9654266b8527f64e5b386":"a977e2d8637b019c74063d163bb25387dc56f4eb40e502cefc5ae6ad26a6abdc":"c5c9819557b1e7d8a86fa8c60be42993edc3ef539c13d9a51fb64b0de06e145e":"b471711a4fc7ab7247e65d2c2fe49a50169187187b7978cd2fdb0f8318be3ec55fc68ed4577ad9b42cbb57100b5d35ac86c244c4c93a5b28c1a11c2dfe905d608ec7804dec5bb15cf8d79695534d5e13a6a7e18a887ec9cf184da0cbbc6267f3a952a769403bafcdbb559401be0d8b3300ea7258b4026fc892175efd55ba1a67" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a76b0366df89e4073a6b6b9c04da1d6817ce26f1c4825cad4097bdf4d7b9445e773d3cc3290176773847869be528d1a4":"1bfd3bcfb9287a5ad055d1b2b8615fa81c94ac24bc1c219a0f8de58789e0404a":"edd879fa56f21d93029da875b683ce50f6fdc4c0da41da051d000eed2afefefa":"f528ffd29160039260133ed9654589ce60e39e7f667c34f82cda65ddcf5fff14":"39d1ff8848e74dd2cdc6b818ad69823878062116fdf1679942f892c7e191be1c4b6ea268ecdff001b22af0d510f30c2c25b90fc34927f46e3f45d36b0e1848b3a5d54c36c7c65ee7287d325dfbb51b56a438feb6650ce13df88bf06b87ac4a35d2a199ea888629fb0d83f82f0ea160dc79ed220d8ef195b9e80c542f60c2d320" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"46571e1df43e5e141235e2a9ec85bb0faf1dc0566031e14d41a2fbd0315653ecb60ef6a3347967519aabeaf748e4e991":"759fd8593e3688b23c4a003b655311770d670789878570eb3b155a8e6c2d8c45":"033128460b449e1accb0e9c54508759ddc2538bc64b51e6277553f0c60a02723":"a5e4a717240bdeac18a0c0e231a11dc04a47d7550f342fa9a7a5ff334eb9327d":"9d222df1d530ea7f8f2297a0c79d637da570b48042ecddded75956bba0f0e70b271ffa3c9a53bada6ee1b8a4203c22bfde82a5e2eb1b150f54c6483458569422c1a34a8997d42cc09750167a78bf52a0bd158397af9f83caabe689185c099bf0a9a4853dd3cf8b8e89efebb6a27dba873e65e9927741b22968f2875789b44e01" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d63980e63bbe4ac08d2ac5646bf085b82c75995e3fdfc23bb9cc734cd85ca7d2d33ed1dcae13fb634ba08272d6697590":"acd0da070072a5340c4f5f4395568e1a36374e074196ae87f3692ee40487e1df":"f567677b5e12e26f3544be3da9314c88fc475bf84804a89a51f12b191392c02b":"c01cc7873e93c86e2bfb8fc984cfc2eab5cc58eeef018fedb5cba5aedd386156":"b133446f633bcb40724bbf9fa187c39a44b9c094a0a0d40e98977e5466dc2c9adf62a5f4551eeb6406a14658de8a0ed7487c3bf6277e811101284a941745ce16176acc875f1435e14161772fa84609e8123c53dd03cbb868030835c0d11d8d6aa04a1b6f908248b028997737f54735ec4ed7a81fc868199ffb61a779d9340334" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #14 diff --git a/tests/suites/test_suite_hmac_drbg.nopr.data b/tests/suites/test_suite_hmac_drbg.nopr.data index 81c946c2d0..3f5f3453d1 100644 --- a/tests/suites/test_suite_hmac_drbg.nopr.data +++ b/tests/suites/test_suite_hmac_drbg.nopr.data @@ -239,243 +239,243 @@ depends_on:MBEDTLS_SHA1_C hmac_drbg_nopr:MBEDTLS_MD_SHA1:"4e8227e8422d674cdb79e52cc30b7b84f81cc05b03339704dba3e731fc81949e679a4257c5fd68a7":"2d6e4af02acaf230bf746157ec624ba7":"deebb368a79c1788528b589056b1194b":"1dbbc7a131e98344fd748edc6fec11a0":"0266e8a066dcabaf6991c7a91e1c6e56":"e51fc833a60b099e56996a66820368f5332822c8f9dffe8459c80d2512d451e1669ecf6e562a1c295fa6981fa651fdd3d8d936c18f88d5844393a2a371aaac8f485cfe92926f1a54980500edc43a0a6c" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"09effa3906a5e93d05530edc71e62b39c5e4da020537176c23823da52dbdbae8307656cdaf8f861471dba14533c880505874098917e338f20ef8d8a1":"":"":"":"":"d5de8a3388b11e45085f6d9a009462947631c4e74523080ccd03a0196aa56b63a93a2939f490e9456e9fce3e9000e58190991b9aed6d145ac18f65cf2b1c17eb021acc5256eb6a7e9023f62aed87d15ea4e4b328f265cc34adbc062d54524365cc9c5073a8371f35dc2f459e1d027515" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"29a7071e686936e60c392061f71b68500dd6f11c563732fca9dec3b2f859e06a857fd94e3ca1817872d94c2b7c2f283a0d2d12a6443e95f7e700a910":"":"":"":"":"72c0f3cb7792bfebbc1ee6f65d40d118a6a1c4e04e589c8f70273b4c7b718c9df383658572b894838a311fc0aa2aa6258758b33783e192b0c3c1d322809375dc925a05605fed8c7e8fb878fb63c84ce639fd277d9955f91602a9f4777b7c3b15404c4e761ec8d466674e32136c7b8bdb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"abd3dafc85b23025792bcdaf9f410829d3201c1e8ca450e217e13ec2e3b744e8c54107174a6e69ad05f643ee5cec49cd47ea88c80b96a0944154b458":"":"":"":"":"152333e16b04283dfb8c43dbb3be43b5db2ec49a399facb65cebdf7ca3ed267792ba308cdb0649b0c19cb1126b144d5766b5afeca98036a1f85cd2cfe3b8071011b69b2aec382f8562d9dd4331a554f3a3ee632cff308488b30a7416be8bbdee7e250cd12f371d069a097e9eac43031a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"caa286c160d22af10922ee6088c269d0c963034e5fd2a85d2fc171d0c4ba0833b630a64ab09965f132a744656631bf2dd27430c7c2d1e59cdcf43a97":"":"":"":"":"4d6132b9ce70470dd36f551584ada639e74b85fb9bd3c3e350011d99f2dc0371f874e6b9d92eba3fceafe34e574c1441d0d476c475b704755a28733e31637962cae67e849bed18d77501383cdbc27ab6f60d5d8d26634ef39e2c60fcbb04a9bdda8bcfb9b2d3aeec12a21279ed553343" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f79156a2321ba930e15109501ead80a3b26c1747b7a9aeb922d1a9d474df64a1fc3483f10e88a7fcdde91dc06940c58bf4d747b5a9cd8cad2c2e9870":"":"":"":"":"1b3aeaff973b2e20cee947ff283277991842a22f45cce9d22c1705daa51a56ab43aaae1b51bad7a7363edc7b548a0cec6b376b925a6e35bc7dc3b4a33a7f3b57d66b1b35256908bd2d8f0495caf2539ba4475d766c21c2c2e4acff87fefb07c662eb344d9c99ed407165f8a09a22816a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2dfeb70fc433426e23378d048b836f899cbff52d4a92c6d7d218e3aa54c06793339a752f86f03b7fcf89bef725339f16ab1cd28ec85c20594bbdf3be":"":"":"":"":"d403dd8a6f3a914933253db9cd043421e54243a34043f5ee11a3b6a627e25d944434eac22a00172caa607ebf7de55b4c4305c2b93428d5fb4cf0a649451ec7fc5da65c4894cf4d2f3d52e90993544237e5c58745441c9cb2e047513ff81d9cf980d8b12769c21cc8c06f6d583b8be3dd" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2c6ba987bb61c4131138bb8acd877763c2c7e1f86289a81b6b54d1d8b399b5a5ac7171c0c9c0b5943bd7f54bf72b20307834e971bb637b351a756823":"":"":"":"":"7ff01def84626825fc22a62cfe28f5f95403bb2618eff22529b6531aaf1032100944d5f9703496d165c5756c0aac55b1812a72940aa5317fb6a2944d124e7f65766f231b6bda06100c5ad0d1b37c488e0e9f11a6d8f7e4cf7337e04d094ea9de2db1bbecf40e0cc8d1fc1cf5a01cd081" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ba08acc3a00b9b40d2bad8cca4909d3bbec5471f78d0bf89a805d839b8b29fb753c9e5d3674365a7055a187a238ea1cd04f482d24d856b67eb54d71a":"":"":"":"":"9ec6ad840270051313c5825295a6f7527a8b1b9b3e7c867e5642a984b11911be60614e5737d3a0d109eea4223f0d2ee63cb19be702291a771b2e2c277f2d4559176fc5adccea52492e3d3ba7d17bad5b5f487d783639467997d7668ce2173ef777f9e31dbecb6ee716b5cedc8bc5098a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"95413345228eadb85b67674b9981af34bd6a4ae04866229921be928c06e6a6a6fde8d31a6a88f24d6a1114ccbe08ded9d7c50c3360bcb8908a615381":"":"":"":"":"d4dc08e36f94e88f8bfb1919c13186139591edc681affb61c421d32dfda69e507d59495bcadd39b73c4036ef440dc598e339473caba60e0770ac4729264b1dbfdaf32ca6d136ef6810a6660fa5cbac91940a28053c0fa405c7b6ca5e3f147b5e0096f36b67da9fce64247cfdaad70fc0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"9b6bb9589f41e8ed6969dbf1a3b3d242dd5e133711f72549334c74190e4efb1d0452016ed4fffca9561aaf219e6793bfb6fd3dd9500bd61e6a62db66":"":"":"":"":"cee02e4fe0980afe6ccbb1b0d80041ba9841461397494f0fae5188228fbe9822e3ffc5397b7caa29950d95536e7000e1249e5bb93a593e659a49689add16d2f5e02ff251c76716dc426010c2961a176bd63c29397f6e36cd4de2f2b11e1260b9f9a00bd49b4b6617fb056b82c92c471d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f276ba0da08274a082f3b8ad989a713908873b742f96bbbf8c81b4e1a7e4857bc99aeceabe534c45105306b14860883cd56f2438a7812b43f0d911f7":"":"":"":"":"24dd3eea9a8e1f9929ebbbc2a68379caec77fb42531a97f7f3a75d16ad053799ffc25cace4f4553c271ae360eca1f5131ef87bf0390b26785880db0d92bb351e6e22409d600f6dab5cbb2278b8784e67a40be4d8ea6d994115c67b7224d721d1b3c7fc5b24e15f97eb3bbe33798d1bb8" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"fa5ed9189f21d7e94764bddeff23050112868cfe35220b863e8112f691c57e6d6c4a91c752c5f0b37b97d5f3e383480054877f319a568b064e6562a4":"":"":"":"":"55eb5ef1248b5a34c741f2076ea5d568da630ce4720b7e2c86a9dd535b48faece2229866a36024fd4114249be4730e554b772d557ce3f8b9d4d86d91202582213a676a076b87f941351c7606a452816db5d0f8194825d402d2fe7ebb2815532091b3830a9616918bb0e3298faf037bf6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"d0c5003a6168163f707b25191b51211dc1ae361df1e069d0f284f66967aca4199809dc89368164213ae17285674e5574851582372fcae8cd2733bf4a":"":"":"":"":"24910e1a9304471d053af458bc3fdef527e8796e33133f5af005106b203e8fdefb274f1c0e8ff44e92c63bef3082c6e5607a7981a6076f1a1d15368f4330c7012509d5f61b4349224a87960bce9873725145f187aa931394c449f502d12b60655a0ab2a221134a51786c3683f9ffa2b2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"bf5b5d1c891f7a6f2dd3f4d486d693fbf67f49584b7f053aa96ddacd9fc0cdea0fab8209d8f4335820ce68bfa04899b63cda15242e9cd3f7acb1f103":"":"":"":"":"710c8b33ab034b50a29de657b93f3c71df4727a5219a474350c88b4e3974ffd0d3452e8c4d26f579e348f39cfe0d20045a70a866c5e16a0c22aa0d69b739f74cbe8b046bc14cf82b86498460bfb26af0771371c2750f7c59320c6f6fe1d04cfb40c048686b6c1b69dc641b8957c2c341" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"525615164dce0dac5397b357546aad049dbe5982da2c215a233557553460f8505a3e7c8224af561190099ee21a06d62f9f00e282b32b486e8d0e338f":"":"":"":"":"3fe96c9b10c4c8e43cf3cd76ced4ad85ae576f32ea6671ef284f7c97491b72152a18a1060145e4f5e7c0c373c396cb4c8c0b6d625c1f0d2ae95b0691cb1c80a3dd5eaa21632a82aaa28e09a2bbdeff7fd8812fae46deae14bbb16da24d06878fc417b3554fb47b0ef9fe18d1b9d4f4ca" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ca81953d50430bfb09537a318a1a7b90a9200077abb721e55d9ac28946fbf75d9cebc81f11cf6d4db712a3b91d479e00ba30d736a763cbfe40b91448":"":"e50aa8bec96339cf2608bb82cf038d5fd6bf93e65271cb72":"5c5eed0d98c7fc7eb30acddfee002d5b99c965949d4e2095":"a1a7cbc79bfaf4571cd8020da094118d241b3f018ec823ba":"c8b7d9c15624ae018a8612edf6444354c45c6a788272281c16526c689a3dac36679e44d89c4acd7eb58ff40a577c3d1a9f4d0175feef9ac5674c115d5e4cd17f2369e0135e33b018bdc99e4099713ace986a145ef55e868f74846feb3592d44ca3ebba6044a928e9284b5ea75063ae81" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b96ca1202fa959ef55a683a9021068e14c75376e15d1f0394b1c091a8b6dd6b98b6f63747dae58c29186179b4155b868f5a81ca206a5086a5759b025":"":"a35096086c1fdeb1fb60dd84fa730eccedd53e5b127eecf9":"a3269fa749e55850d4aa9e466bced0beab2edf86b926c2ae":"29f6799f7c78fdfa2d0dbdde8381aec5af249556903f6313":"c63ea73e1ddc9d55bd64a63cf73f730136ab4f6d688a9cd56b945f9875ef4ff48cdbdd8b78b898486a685d8af8cccbc2a834a9804e566ee7138c7dbf488d263fbd387041f835ea46ad27cbd66721428ed5795f6ed044cdb17c8e7e3ecbf61dd68239e8fd644ae85776050afbaa06caf7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"59af1213cfcaeea29e31400ab6b30f108d4a9a77d3b370972d29032cdc612b7c360c41f16b0c9d794219300fe0551e0e66d634a4eec396c50ec9604c":"":"66ed9352bed73224d35508754aab68fcea10aac06d60e888":"198a3526a67a0ce31ad0348bbdfecede4f82d4203d1d5ca1":"03faa2f4c34577cd8b2ed53e10c68c83c1ebc8d877379178":"5e24f1a9083f13274ed1020ab6935222cca644d0920839c2b142e2780983204453d2e6c58518cb351188bc3e5e3b64015882130d745511f004cfb6b64831139e01ae5bba64b74f1a1ede7e220a6d29b1067d7c68ba3543f4dda2fc97a3dd23590c2c18b85662618462ba2c05231534b6" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e6cc94c72f37999f28b5fe350bff622b433ae19111786c747d954adaecba47abacfea8cdf5eab05e2f750c0a679cfb9c2c2c071461178a054af40967":"":"3032528703dd66e42c7b6b5881483eca41e9eea503852eda":"ce8c03b0a05982ceadb516b1fe513da2403a9e6dcd7a39f0":"3f7ccb55376f23dfac1dc13be617894931f9c13d15fd3dcb":"558656cad7da2ad87a7a29ec5e612addcca96d72ac7b224cde80ce386c6efda12113fe9aa8e511714a42edab53ea0289c75d34b42f2313ac366f51f5dd3f6968bbd4c09ebf840dfd03852dedc1e3b6209d932889cb04062c644482106cf8b7a237d2937840f0c4d752d52725b5590d15" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"cd4dcc8fb50672611f19e0cc8adcf9285f9d76e7e28bcac34e931163f8057b9f86424e5d514a13c0a25bbb49ee485501ec5e21061e006ad1569d2610":"":"24480094a44067b86ef47db38ec3e62914351196358bd9d7":"c6ac3b879adb6c150a8ee44428c333574ed9b0d6806848d8":"92bdc1514d87daaa321655d56c6302878c2bde37700163e8":"21c51a1568aafb56af1fd424f6fa146113d14d6d63e1a24e3168130ebc10dd84925bc4077c41897aa8b3c73aeb5bcf392d496dedcb6487379bfb3e12bc07fcf5c196d59fcc1fa730e55c00edaa2bca7b1e32a40ba06500ed3dd7fcab361995319979a0fa9cdc406a4d20650814e8bfac" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"fdca0039e8485a06e6a9afbde5b07a1bbe49e13659a2164034289639d23dcf3f9874b8fb1a1af8495b6b2129b88475cc529c96271bc1bbb5c7c2ea03":"":"841f765ed5f00be838a270730ce5926659cd7cd9d5b93ca5":"825fa13ed554973768aab55917cc880183c3ebb33a532305":"736e9de931198dd1c5f18a7da3887f685fbfa22b1d6ab638":"dd8596a62847a77da81818dbbeaf0393bd5e135069ba169f8987f01dc756689342cba61d87a79d4bce2311790069d10709c3a53df974c7d6793ae1298253f13ecdbb5680928579b73d73afdcd24a703dc9b391f303d8835ba1129c3d46237ede5e44732a74f8f23b60a3a45ce42f042a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e246e3f95d89c166768aac69fc95fb49eec49aa633adb938ce1705b68987aeb0fae7f57b7e99e4f3e3e1b1db2d1fedf443bd2618e95193cefd905e1d":"":"130701f88cc1e7545980e6c6f6cc76b0336f089bb66cc347":"95533f4cc247c887d6a7cc0ca753009bf034ba95b7b1d3b2":"464fd16f011eb2986d9982879d79349a3ce4f5905bbfe832":"0d4e6b03af7a648337abec2efa585908af40e88d1f104b3e8c352aa29ac79fe8e448f36b0dfd701a1fc0f1d86dcab7e8a8ecada6ba218d9aaea1c40aa442ca51f3116ced3c9b8ba7546688ed4f3a1378f76b8a29ec763784fc82906dc0f688c5e60d59e6d5284fcd96f361bc5b285465" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"cb0405e58270cecb34a9951adeb694c5513c499cf310f6a99985d4fb3973463e907705740e01aed4ca221d4b03ef30e69fd8dbfb4ea919a913800a1a":"":"0b57e688472e9a05baa3920417a2e8f9a9c12555fd0abc00":"cac05f79d9837c97bb39f751792624983c397fd288dd1d95":"344d2aa2b3bad1485429b66606bf215acb0a65bf2a318f6d":"b2a13d75ad389514149763199d711092a9b0e4f1e50809355cfefc1884a94f4d4a50ac5c5da0b4e9bd7537e413bb451fdd2fa77f1f894444cb5c81e4c43978ebfd96900a2c8986c885d0faf89a2ad5c6ef922dfba1b5219b0f3c4ac2095340c3b8bf0db037171b6545741c76217b2aa5" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e38ea7584fea31e48ab085c44f46b4cf68ff24b4a6b0b25867463e4a46ddc9a4de23f7272af1e9c4e0391aa9491ce7cdb5f96292e0d65cb9a9a4a3cc":"":"afe267e1491de3934054b8419b88b16731217eb4ee74c854":"bd0f3c43229a0ffc9e143e16738111e16d6a06ebf3eaa5b0":"23bd14ef8cf797cff7ff787df8ed8b87684fe7a9a33bf695":"c27a6ee5bab8f8e93783840e72894f3b024c7d3206a4a1869ce6fa8b5674bcbd24d4aab30f9866d797d850423c57684b7697913b9ef7bc0be933d0e21535bd50fea0feeb293985261fb9d4eb1ef97ab5ec6b691a08db4c8171e63745d14fb4c3a03c41f906daaa2877b7622b254f0449" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"71dc625242dcb94e6ba2bd013beb2112cfca576774e102830503b7aeda24c2c9d862f5212975ccc019ad2ea0442595f74d1d37dbcba0719d8ea32ba1":"":"0fef9f0934bb4485bfab2431f8811d963ec7fa7953ffc213":"a6a7501c4a5a93c396ef8cc969ebd93cac1c30b4783a0617":"c58ea233f35a22fd9b01592c6026aa17922070b3604c7118":"a1452d85799b54370cff65fd6dd74b575199606cc8fa64880b26972c913c372010b4c3f4ce9b7b565a8f5305072404c7b9d70f7aef6e2709c1694eefae66ffa80f16eb4b91f8041f4487427e69daa437e183e83d3b9718ba6a23fb90365884899e0d2f0bef56b27249f65e1c00c5411a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"36c1e048d16f9d6035c6b62515afb929633f356fed6a654282663e2284fd4132116d21eef66d29629bc712965d960f18cf3f7dcbf8a3ccd61b5b5fb5":"":"93bb372b7ae1035de6f13b2a36c3ae5682b9a3ea8f444383":"9715b72e4755993762e11a93857f1d50a051e70d094339a5":"2f1e73945863b237f49d6d20d0999a0203f295b9a046dca2":"ca135891b47f27c26ac891df49c80d085f90c13d236a60f1372eefd81eafc5819f4ae5aee5b32d46681be01629b078ae965f67b81a5268ef0b303d09e048f4449f5aaa11af51f80151b4697b13700930167cdcb3b6e8260eeb8bec7f6a67a2050a6ea569c825d61d4858a1cd15f70fb3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"582425e13356e7a840cae9fa435b220af6a96fb53ac91e7ee22023cf6a0eef3923907883ae540be816e0631c894520b86e8c6adb8152e55cb6aed5ad":"":"227762e137f9eec6d2b3c63476b404dc5b0c68613a93034a":"fba72c01a9e51c93ac00c1232c717d32fd4d4c791556e716":"f5258bf318457769a93ef5b3ba95fa2753ad1c5c1b81a785":"c753a84ba7f41af2ab757ac1e4c9c450d2112767ff55a9af8f58edc05c2adcaef7b5bf696e5c64f71d5685593f254a87625065ee0df51ab4f7bba38faf5799c567d783fa047957f3f965571a7b4cb477566d1c434d6b2e22ae16fdf473a6c03057d934a7e25f0ea3537be97238d74bc4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"836f5d7521f26d884dc34af2ca56ab4a752ea18b909085a87cb6d07dba32b654390a25b68ea7ba8fb790271c712f387145052ca46cb40534355c1666":"":"99d9aec334666d7c399e453455ef6ae884c2173e12e31cf2":"d74d20dc22c55c35f0b66a464dfbe8f349616916fc726298":"407b0951404079fb3b54559c0286143d9cb18957bed7fb1d":"809f372d1af60ff972049193fe9f173684a2fc9828b60b32164c1b6738e1ba6aa12cf739287a74c6ad528a3ec00095b590b44705b4975236a0b7ea02c1213f0e830f275f53bb79efd98679c4766cad27738e6fb777e98cdd606b971fa60745289d5ef72a99e1919686a53a241fe36cf0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"e555ed6c7ab344fea68d73c6432e4e6da2e67d8b33ab79e5719a2def258a852d17d93212840583fe23900949c301a29fc92095f4716018144e64583b":"":"5262cccd138256fa8424801435d118f39b9aa1db4d11ca9f":"9b55d76b743bd7fc5700fde8ffca956c0ed6091df1a22aed":"f8c99af8029110c41a6a01fd2d3d12b7103aa39cbeea90c8":"d1ec06e38af7c6e0a70b73ac62bc3556183f99a47bfea0f0c4a59e7ba4b0718df5438e369ba14be84db40d5ffe8a1a5952edfb83f61ee4d984e3d2fa67f557aacc58291cc688fa29be530e66c228e68607e25c013473b4ffbcfeda721ee35f5dfc8809528eaddad8969ce719a411216f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 0, 192) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"12f2cabd3b6f640daaf27ed6cf6bd7d06e2ac372733c6971739e36afe2ba1ebf4e7e5e9f5591480e3fae752fa59bb99a1949bdeccf0c100f6afe886d":"":"7766c36e6583cc8e3c26a8058fa0923bfeb3ee22033f46c0":"63e60d1bba9aa29adc3f3b8a5db53f3b703c7ae69bcbc2f7":"f416f36717ba5f0a78125ca52ccd004b2f4f2dcdd401f595":"6196b2b4adff14a26d64f440b6c160210266d7f5b77d5e292e94b8c67bd9cc774274741e7c0c9a7ab21c31f1194ef4218ddcbbe94059042d22ef44ecfecef214a73db64505d46d5493d7475d0684fc0e431c5265c12b35310d4404b3c4db6029facbaec88b0c0ae9799e5af0aa49e842" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"2c50da90a1f7987d5216950ea22689584b237647d96c1239f9251942f4d13d16f418b0cf7265b91c4ad97a7acbbda065a48bc1bc5c7a9ee1523c50e3":"a74c108fe870b91a2defa971fa1efcb7a209f293d29bb5ea":"":"":"":"8853eb47c4ada94a3d58a1b517784bccc8f831d02dd5239c740fd7caa3869c5ff7bbf522a78be2d510c49c496a6657a09f0ede00daee9fd77061b0f04e7342518dc6ec1f4a7ff99dd7c783882b58f5e8bc467516c6b85985fab65c6761d4fe756ffc27fd62cfb92778391a258d3b0b0e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4606e3e19a8a53e8aba05d9d1fda1ddf15e7709aa2bae8b54efc4a14e734b45a5cbbad00a749d2bde540258de74ff8fe886d05570300af2086d0b9a2":"23ef5fbde4b270c084a745e0e299a5eba228a37074fd4f07":"":"":"":"8caf86df25de5cbc3749fee4b64fe041cf4ef2859e20704bb01abe126a90ead8cffc427c2f98aac400aab97184846125a2a66888dea9c8aa108e96e03b05bbd30e566fb90c661dc1990ebfe75f73f5b0de7be419c225bfcba3713805455dffbe5d6fcc98141743b59c2cbd70e78f5977" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"08e2e2175fb34e4111179fc2580c05afa16d224440cc7eff24082beb16133a992fc4f4e2762634fbf68177dc3f11c4d057b71661ade56e7768ab9e6b":"0a4af33e2501ba409b132459ba97603888e727aca0a0cee0":"":"":"":"39c60b6d9f85cb69b2128bde86aca2b055e21ffd7716d789f834ecacc69a043893b09459991793571d3d8070f03382a11bd1c1bf38e86fae13a932c6dc82c540fab8c8eff478e598d3295663ab75ee8a56376c0d607fe43b74ac39479b8f694a3a13826b1b96344ec67b9eb0a5858eec" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b436ebeda1119de3fb2b2e532f7ebf59fac632a4d784d904f844bb73f2cade5a88d4790c8c1d5973fc73f6b7f929303b62d30b6818a25ddf705bdb9e":"07de5589726c49dc5a764de9b41bce74675e4ca3c71769a6":"":"":"":"2099fc754ecd19a19de8afd21d2ae2ce456c32d6ce7772a98e37ed47f54001f44fad8e9b591a70d3bb28f19bca22940321ba17c33193613b7b5be1ec54efa470b70cbd6be2931193c35cc73d80c139bb4e670e1a2cb74d3bedd3610e9d0f9d154372a70b608fef824c346fb16241b301" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4d3e993c296c66983b9c751d2c0aa2d519f801a764ac9f1fd8d86b57eb226bdd9f69efd9ad29bf16af483e7dc170f8af65c16426c2ab7c0fa9df0175":"52ae4cfe985348408d3678d60259a78369aac02953911e74":"":"":"":"bead2cfc29315133e6f5ba2e85bd7778dcf9908081032ee634f90b0124ed9371c9009419b9e2a409fe4abd6295cad57cddcb6042986cc98f2fafdff99f7cc1185f3ba0d5f1e5f5452ee5f9df03c0e8a4f8426ca246afafe81079c2f0d165b87056e7c8528e8cccac5f49d0bb5ccfbefc" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"c7c4e18c56e9191ba43c967cebe48e55bf9aff4d6449c3e6a1f9846bfd7f92d535bb7386c0155cdc5aa2beec888de0d432f695ec79b1c78841ad941e":"c36a381b1b36e6ab00ea80557b5e7451ec9771101dc22580":"":"":"":"da74b23d309fc7cf7670d7feb6cb6ff4da1b763ae2e8616edeec12c71511f5a24b9c466532283f4151a902ffa5ae211d7c1efa84477b93fc393ac95522f3673f97aa9e379e48d198d5929684875150633fcf8a0918d2050551d8daa91887f3d2685737b6456d0c61c0a117413f193346" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"78426f865483ffbcc6330db2ccd65bf8f247706cedf68d4cbcc289bacb1ef32e5caf05f28a21146a9b18e77b3a7ed0d24a0803c9af7264fe4e23d692":"e5026090f9806ff6f158c4a834588f6a39e9b4a44ef2dfa6":"":"":"":"111cd64a9950cc6f20a1b38811fce4a08929ca2654bed66c0cdebab0b81552826c06ef12ce463fc9c91c81a35d2ca0553905922b9a4975fa8fee2c7f9ffa9f2ed8cb2609f4b7d32a44927c7b5baa8f43dda137aba9b49a2b0394f7f67d37b7f71a5e4f4c151db6b96e8e4dd9cd0bd84d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"43ca11d53ad0198e4db5e136de8136bc461851a30ce59521f931ad0596d13365bd8297a68dd42b7dab7f40808b3ce6c12f14d4de741ce451b6637a10":"532b05891fe406ce72421013aceb434581be8a3a13549dfa":"":"":"":"4c42f791dc8322d779f9a1ed9a28b0cf352601a4ef6d74e4e822ee5d9eef06e700314acb7a47dcbb62805babdcfdd236e3022374defd44bbf747764f72fbfccae10893b54b29966aba448435987c22ace4c931d01dc945091860cae7744365bd9b619059b8b646b229878966049cf83f" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"ddcb3024b681e30e16e05026d8e23977497fd0b2c0ac24017de2744edcb097d3a104d4e3c6b8adcb554746f9a43671f0692c01a8f89fa98ec3a54ac7":"bd9e41974f6627ac5bbb21ec690eece459e1dcedefb327f9":"":"":"":"741b2a8e82aa3ca9f3a609d05a6e2d570be463ef957f235344cdf9e0f89b3610951aa1ef0b9406785b75e59c2de8349d435e4db82fc2a4a8b94e366f4eb13c432fcf8fac08f0c7fdbe67a44e81706b53b460f78befb8cb6dd2a0ffd13c87df84f8a5197ed47158cee171e5323593df4e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f81c4ba8605dc14072e2bda2d2ef64e71ad856061056b8d8374fff5a6fd9a54a814fd725bda8944037197492c52c62b97ea02df33325b35b91726839":"217137084f4519d046ec896144cf2c301baf911e1440852e":"":"":"":"14efd71fa13dfbd498bbe13ffa24e646d04ee0ef32c99c11004c3e9d8f748ac2f956f9899a72c8d97ae988d06275855f77a92bc30f1b957dbcfc93fffec3852715c239c5313e765affbed257d302b6d1b74977b8012522b69902adb86efc1ad768d99d657a5375dff720b4cad886877a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"8181fd2cc5f7ae2d4ed2c96b9511aeeef33e50ecf164afc4eddebaf76a96d97bfb40377959e1edc44d24df041749ec6239ff226e40d5a5feccdbeda6":"7d6ca5ab652a37cd79367d84299f1ff2c5a3c2331c77b98e":"":"":"":"5a2cac8110a24e1d8c5f8bff3e82857ec8cfcd469c316fa18b0f65a0d30866e49fed2a228121f50901dbbba561732c4fe82a98f341bbc0a397fd257a5f8a4a9122c991648b1a6507c82f866d26f9b22e0ee7c9a51c4d8e5104f0b4570043c9257bb9dd6f3730f1daf94f80baf8907acb" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"a0ad012a978bed2268d05086b823f5d0dc9bb98ee03980d755bce968f9ac81db886a2a05b59df40d8346334a0276b73f528db03a118545acb7f2d70e":"1a8aca3c118f2bc0c2196df81ef22c267d20ed7c607cdae0":"":"":"":"b9dc0eb1e4aeb482dea1b4a5e6f6ef9636366face696811db2d912e9430b303f23ac95d65682694ef9513ac5b3e56a053b2e1a2ffbcb901c375cd122cab47d31fca5a0606daf8cc2e5e6e99b90fc8ab4fa67794caad91985cc92b2187dd2965be0980240d9be2fb1c4bf06e60f58f547" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f28b143468ab87794230cef4361d047236444180d0cfda58cbb9494cd1ad21be96297ff799011042013789a928f18831ffb0169126dd046c774a4fce":"ea7fc50e1eea3d84bffcbf83b240e921348b532e7b33f094":"":"":"":"5c22e92f25acaf98f55ff06e1bd80d382da754d1d33cffb6fca933583ba758200357551640c439770f77f843e9ce1e9a054f69588d76acb9cb92b7a2fa2903bc51391bd7001ccc1da67a4cce9e5dd08c2d489295c36de2c148ce27311d0789310de1cab2641e92f859b036383a8058a4" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b628cb448e477cb439a2de687861a992e738db6b2b25cc6c27aadfc3a0a640b3411de49c920407303e80abd7a1d4f45c4749980fe1550bff69518210":"d5f4f8266da9b7f17ac97734201544104a5c0acb53c6bf22":"":"":"":"34a834dbb7da0b6a2e2353bd9795bef369cdde4d172b3feae7b1d9fdfb0446454cfb1adeff423d0a143c33c0e0d8e7905bd1720889e8b1121f1ef82cf15443c2f9c8999c5573e7df60b52ef395ca1d1b60e7eb721c012c344d06b336d519fa2b7b6dfbed8383456504bd0b4893bf2ba2" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"5c7c9690a1926a4580c691c2e5327e736d5c3aec0ce8f5d32d4946bc4b607f712a8759428b010ba1b268b0de64fc5eb32d3f7fa9b8d4f20fab45c72d":"0310b2d8b5655cbb0fc2041ad15a248a7b1f2ac78845e29b":"":"":"":"6f8b6df55d9d8acf87dc2af20b7f4512f9425987495f512975de8059135e7ebb8698cb0301a8816e7299e76053cb66051c8b35bd2b00b4695cff4847f168d2d60697495cd9007ab7dd74ee7f61ee90b7827543f624b7c1412bba3d6df1242e6ffd90534ed393341429fc00bd97d9bcb7" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"96ae702af50c50c7c38818a5133938bd7ce51197fc78e21815b6c5a7ff9c0395d764159f707d5813e5bf47c1b8232b44a007bf7decfef499d758ed53":"e96554644097e9932585b7f4bb14d101f24c8b0376f38c05":"3f698a5f6f4fe67ef2ddf23bd5a67c1a2df4f3b19425fb85":"fe1f6a90fc0ed396bca21c0d40a1bb583eb63df78c98adac":"5942b56148f27dd5388f00caa47ffd4925e854237fe14454":"150b9260ce9aa419fe1860332ae7c9f42d9ada1649679b53f46bc9d20de3431186a54afb5df7b6269cdc05540a93fdd50a2cd3a862372d862841768df02846b057993dd6aa32f874b7220a5a1fd9cb573d720a54af5715cedfc16f0d9a467735e253b2b1a6e97421fcee1f2d670dec1a" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"4834717f669d9b599f0ee526129057b5a7c5680724ae0459ceb0e0d4eda21e5fe92e63fd23f08f8a0b094a85f3f377fdf1018ada0c461b5a05c334e8":"870b7857dae97cd361a005c3005013e4dd55ca76e46b62bd":"522534ba1a09cf9abf29bde66ce1dacd0e273e8954eccafb":"45f54169665f59d92211f266892009958ee515f14d09581a":"4633819c2ae83c71059ec8ae41ed2c68cadf9b2085a5b8bb":"7afd6cfafd9a7bad155b59a8bb2094f76b915b93764e92858821d5c32ff4a29493788d3dc1627ffe7980950394349eba88b9c2f6869ac5086296366b6f4ee37e8529d291c9d962e30662423faf375b7820e0b650db03e3c99791d8042da790cce1a1997ea21441dba4b936bd8b393300" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"f5d1d27eb344b63e907d82a2e57494b25dabcae440ac88738512d9602ac8bca243018f2495599e618dde0261e43ea38d45e7c09ccdc4bf3dd8e5c100":"12ff844e5c5bb3fd871feb37ab796002846ffaca5a741c54":"f642c19602754584afa3083f567d80fdcd1e5c29202ac3ad":"cb6dbad8ce1a5677b4825cca934336b936ccf841ff98d894":"c11fcc157c643a943e54274f1d942d998fd1ea0333e21588":"6f25ae8bf8c26d5f0b9d2a81acaf221790a09241b6e83c9e527c7784881d1f7398c2d7771174f92aab45134b4633ad96430df30b130ae34af52de90b425405959ba24a41685a04d2411e2f0e8564bf5bf3280cb6d75d0b910d06c73a625cd56646eebff14fcff81411c055921cdfb4c0" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"49a10569d87a790d34bcc3c8fd77d075a1cef9eff337e8929b51bdb8d6c5df3ad31045684fd1dabb1fe6f052fc9886384fe43c0a7abc7adca043d35e":"34d6ad434a436a690e7644f0dc2207131148192ceb2e91b6":"8707328fc5a1721e4d72b23c2b8ca3c30ddd95664ac478aa":"82c8d83a9f5d5639a6a1ce26d244bd30dceb1cc978627e19":"2a53b0b80b29c7d071983b65ba835e4eda66bcfe7b3d90b5":"08e24ccaae3b44b7248b2d735af985dcadb84f74d202bca726de1cd663bb5ea1bb67c669126ac97218a9ca45491df90beb387615474249bba1afd4534be7a74c61fef308f13661ddfcce40f24b410cffb1cc3cbba2c6d20a5e4c4814d44bef07bb697cfcf1e9932e43349376dc04865d" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"9a4232a59cc579867f8330c288a9218251030c00ebe50c9cd97d6cff6e49ad079df509644ec2ebe3ad4e515654af383da265d7b348dd4b89ddd49cbd":"b4498a32f664d4b489c2b47e67845d2d2bed5096e88f86de":"b8471ee87531817d81ee32578d27fa3a190df33561da7a2d":"2e74194aa62ef911599b37a51fa742817e3a4e6c254ec179":"afc7f13ae55e738cceb976ebdd01698de4d103db797f799b":"340c28cb7cf4c3e143dac3e133de864b1f458c76e3d47f3cbb6845f940be174b8819fc539f42005f4485fddc657f064c34873094e25a9bf7ec341a98cb97014a1d694b1694170ca5a8976e86f6e4e41232f526ec8536facd02394f492fbcc7c298ef0eddb3c5a148399ded7677366cf3" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"b89744009793d2c118365b1d2f343d6b6c59374b41dbd805e793f27882467c5342015cf968b080a88a15fd6a7be3757b05313528525ab1e2cbd08ffd":"f3c02be0a880e194013c21b09b6703a61a7ccf7a73e8a541":"bca27f10060bb8d16d499b3f6ca05ed8462b51b0b43a1fd7":"eb6fcf75884be9112219d359013f45fcb1959ea971bd0bc8":"50a03bc3652f50cb9ed1167ea70ec1e74f896f81a8090216":"d2a529722365e7ff3e660964eeb27040a0e92a4d19bbe94592cfebad71047414676ca6ca72234f5127f313cb7f5be613b44d989fe141c9a0ec1f0b4d83c36e744cfb1c72c32a02b68c21d28832da008c57664046255ef18488ed750ec5e73b18eead939f932d2809f12939670c3c1033" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"6d2918c15be7871cad99dc9e06f73253ef905d9705c4e4ec38664043b04f9a150fe5953bfa7aebd926be162b7edd72fdc14ff97e67dae6257ad654f4":"489243eaac215f76a573b92f0709d116bd3c817eb95c2c39":"0a84cad7a1cd21a5afe6557d7d2875d9c62183cbbf49a123":"0c14578ac9504902cb9aa654086246d113039f926a87b325":"1aaab1e3a29e144cec825d29c3f42dc945cf2772ed30cb5b":"33438ba4edd0c38db99f2b6a50b35dd89aecb3491990ec4e60460bb32eb0186ff9fdc973b1b0df23ae65da31b8af5a37a69f81ab3e577a4c2c31e51cfcc4e844b044fb597e937524f59a0019ad5120c460329c982fc93e8e7a4b4e1de5619103b23a7a579633fc925d147d8fb856a277" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"1330c4aef54ff84387e0372f7c8d273cecf0af2ceb32ef6edb6a4f1ace802f3b95fa69cf578e2cda1d6060ec2554eb3152507387f325d8e26009bd80":"89d7bf8f5754cedc2e1a249f693e29276170f62c29c5edae":"a6b58f33d57570f4df05bbfb792a00087d331e17417e09ef":"f57fc701e4f8f5cc2181b5357824f932f6e07679ec0d3cc7":"586c4e8c5769156cbb54c025fb01aad0b61aa6238c231656":"0bcb6ad4f2acefb549c46271d5a4ed41d7decc095137e2044b60273388c6c6d79cb89016abcad1d6a138621720b71fc11ef82fae04026e08926e94042694a0c008f99281e03da580fbb6543aca2b4596d39699b97f1fe65ec60a70b88770eb825b716a10ce41383f31db596079a9d54e" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"3f0564b9ceee32c8944c8f2bc4b4d2179b38acc880bdb91eed466b881e2cc21df77bc3901ab5ce5ecf029a066784503f80d1857979b09c4563944433":"5d54fc715556c20f5b2d01d6b0992f1c596e5ad77f81da75":"35cb6d07862fbab4f50038097cb463aadf14e519c8834651":"abb21e501e85ad1edc66108e3b88380fddf810b10b883317":"3c690cdd997dfa9c5677bee976fa93cac21f5bbf382f7f53":"bae872c9d221b1531f85c15f466b7a3af3fa9c9c6b72bb8f5dad77f3d12df52d10347ba5d6504cd0a285c3be578bb67f0a9f0137463dc01cdcb847e7853c5db4cbb6a115ebff7b80db0406baccb0e3e68a4a4a95364c2da29466e160fece7b8ddb65dfab000c66cc8109380a601d5ed9" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"115c973d6df41ead464e22572dbe0761dcdb9aad930b2e55a5558075fb7c51c94efc5f8fe5dfe24d30175a89f1bbcf146037a07b324f572d0d4c27e4":"d3079ee3a3c9b2d69ee0fd316a6448bc7d8e3b730948c46d":"2348ee87bd5a3bb45d51a7b6a109043a9b6ee3db011dda28":"937fe1a7a790754bff99ad51782e8ef5b4928d0057b0c380":"3e89899f4aad241a9189ffa127c87c15b5e3bcfd80bc316d":"0ffc883aa19b3cbdeb39039fd3760160a93cd663b8b358e9fbb6300df164689303ee5f2489ab4ab2d522f6a33c93350eab553a2499b15f8ca198303ff45e946a06d8a40959f33a759c5381b3a59da22e68032abf3da3da6aadb410cb41f54b3146ce57f9bb5d28bc823e3e03c0294794" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"c28541425a7cf33e29adaa91f326f216de89976031977f104f44fcbcdcf4579337434613801fe4661642392db29f15f0924566e72b596b23ff7b18d5":"44650a29972aa8521d6fb9dffeb15c00903a283f20ea9914":"43cf4de0276483be1382f3cecc6a803551a40602584cd84b":"03eaa10612895db8f66d50a2210d73d1f563c3ca929d9f54":"8d2b20abc4e8890c772bcaa05cb7b3eb5025ac4cacb5f7ce":"aed27ff8eb54a7d2787e73ed2a51877c1250c0d4eaf10aaddb30409624289a9b7742cdebba54218c7c448b57f209182e214014cd180916a8c125ad438af2e5f5ca5b00f9cf063f0c307560ed4378382b4572b97088f8d24e0bdf0fc3489f64074f1155fbb1163b54c93098b841257c30" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"dfa52082afb4dd137cb5209f6771f04eda25794280983ba1d8cd2f3d7f9dee556ac26d8a5a368d29096ed643089b65e9ab17b5f58ec816570499fbff":"16ccfd20408082829aaf8a818885164581c9a1bd09e9fc12":"abe13d12a9f0133bdebe14785dfef5f08a133a6cb5c26a92":"485dad7804de594356cf3c571d5f22263c0b7cbd4dca1f1b":"5961f8177b6015ae0119d22e0a45a4aa1bcdc580f7e7f975":"ee48e57f1b5bd72c99c911d3353952c2c143689c3cd9b474a46e4ada83811efc67f2557d323723526809825aa338a80e833c95297d6b16490db633ac1f1648071c3ad4cdcea056c41b4eb157ffc83c3454b0cf001f1e01c31e48a61587381e293e6cff97270c1f157b069df3e591c2f9" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"95f3a1aeacd07218a2ccee44c807f790e568e0032a42fdc7c8dc9a71f76bd725aa909ddbdf5457f1dc4e69746426a9c56fbec603867633ee36a7fe62":"658b7326cf6adbf7208d37cd69547805bc3f58fdd874e143":"d44350c7a668e64873ff97c31d79cb23b0f1620aed7c9d23":"dfefff80f10c3143b82de3392c395ab94ac8a2f4c0a30048":"a6d21a762aaaddcdbae9b9ecefbcb3149d514c94fe83eb21":"4f5e544491b72b84a0d0532d7f9ce01ec2de6a05ab5056fc75d8f73bbcac5ffc38e20745d0e8aa1eacdefea6dcbb92475b5cf9ce0a617e5603b7b9fe34f4f4cb04ade2db35cce1fd315140e3e4ab8472216c7cfdaf004181351f210b397c3147dcd279f6fc2ebd96050e996f77ad6ba1" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"29a1897d6ea5de66e551f8c106f601e421ddd940812530df00f634682f249aebdaf86938c895c11f9fcb0bd1fcdb183b4f8cf86b3429a5372caafe1d":"d655a179edaf4b8381a9f6a332ed5b754dbf34f650d19867":"31c87be686b6f90f3d1b0ea90c541e16f3430292a5c4755f":"ed49403700cebec30d1057503be7baacbeb45bcdfd9a43a2":"952763380af3243c6c327f23cb74f8368919e0b6b9c25934":"fb29067bdb23c0f0153932523edf32d0e3c18e46616e07f39a4b78091eca90349f636ffcf26b68a4cd0902431f2ada91bcc86dc223db4aa7a42e7cb57a852095704a27f9f07962880a50d2ce16c125be1e8d4f54a0cc5eaf63150c32408db6f39b22fc93b853caaba9e49581f13a8815" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-224, 192, 192) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_nopr:MBEDTLS_MD_SHA224:"387e31bcfffa51323a92d90713b438a1f4ded69707be3aa517e1e72d448abbdf0a17989b3de7c43c621e904f52db52ad823daabff9c10b3fca93acfa":"e08fff320a493d70ea4cc85a4cc604664a0deec8f6c7666d":"969cafc33e99964833c4d0f88f906f5429b5daa552f53bf0":"8d6e6f05301ef5cefba752f3d0ef58a25775d6b69f6c15a4":"72292aaa69fbef6f010fa4d5bb63d6d7a595395d79a8c110":"77ead908484044482da529f9a6f4ca6e6d8d49954d2e2d5c7dc455e03bebf484021673727bbc40adc8812600201b8c2de8e658191422b80d23502329c84c0ca061b212952fdb2ecf3106dd20e6455f1f231e1dad1cfbf2fa019dfe9c162a670ae20b252ae2e5a4ca0eaae1c679a7fd3b" HMAC_DRBG NIST CAVS 14.3 PR False (SHA-256, 0, 0) #0 diff --git a/tests/suites/test_suite_hmac_drbg.pr.data b/tests/suites/test_suite_hmac_drbg.pr.data index 8bd5e4f4a6..9dbb005b85 100644 --- a/tests/suites/test_suite_hmac_drbg.pr.data +++ b/tests/suites/test_suite_hmac_drbg.pr.data @@ -239,243 +239,243 @@ depends_on:MBEDTLS_SHA1_C hmac_drbg_pr:MBEDTLS_MD_SHA1:"567d3f4c0de396ed67569c070d87f2b535ec874e881418983ec42ceb295b7d312e715e46b96f9da5998f9cde45b1dc22db6d2d7bfd4f3930":"43c16ab49ca5174f907d7899ebd242e9":"6c0b479d9e847dfbeae230bd4601d0db":"0d5a2183c9f9ca6941f6a617892f5e47":"934fe82b0951b97dafc5ba16e87b0459691156b42ff2dbbbd8f6ed9b04be952af267c6a17fbfc86de91f9f07eed482a5362b176216a8963af485503ba93b2e82c03a3ee6225077d90cd961e24f6026f6" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"f3a709bb47a36838cb998fb6986ff074c57932a669670570ff6cd1b202ee1da014a011f43fc02c51ffcb4048cc060763f2c58de2edd494275da14118c9cb7fd50475c66cc7e792406213a7d00cf7623d931a5947":"":"":"":"bbe3daefa61fe302bdaa6d4d379680acfd0d456b5d35f137c145b72626f2fcf39fdf7f3708d9e88c1710408a3d7ece3b0261ff538846fd5452149960215c0c22beafe6cd24a7c392d5845774b87528912c322119a2adf4d35a0ba61dd36ffc8a7e7475afec58ad4a8cf343afb677f087" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"0f508c6330b9673e94861ae2057e200ae8f2b330b74634d79fe8a4c698211080db07e58b762a2387379f0c0e2d01b2ca40ef82fec35eb81a5493ccef709dbaa0b0e4494e460530062c8db7446bc6af2d852fd875":"":"":"":"583367bde003eb2061cdb6f51db9c6827cbcefbff0497ba823e112edbf7f2066fcffa3e92d1e8c531007783554e6aa8a633bc925690ca6d579fbedbf9cc4d6cb08133d0cf8d4c25fcd3b6fed95f00b1bb17477cf67b97a557e7da933bdc121481755f628fdf0f0b1189a097c7147169e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"9082871e73b098bbc58f324f12f6a83c321360c9f5b400d00a9bb865ef5265083d9309657c40ac94b579995902df0e2084eb4a6410cac605e482ea4abe5c8eb73bc63f68baaeaa56d47f7d74974d940555fd3861":"":"":"":"67c2fd4397af79297782af9baad2a26b993efa48c689a74531417ae102d4ea1d6a82cb0321aee3dc2572ad27299e81a7a77f1cf837119e746988f2ec60bb01eb2ac3d110a948c1c33e86833757e2670cc3947658f3b2d32ac59242f152e889d03d03056f0a265ee759d3a4488b55c63a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"4701f34326930cf93deaeb3a9c196e307a890c8ccf44a55f84593b3388a196238fdd97d201998ec734821998e7d6bef7b31fa2a81343918056c01d65f519c8576e4120a3d6b9ce28ccf57eeabd012d2c14e47045":"":"":"":"b499b86b0a25a0fc84a9a1b902972e2bb5aaf9b84f13804d6180491285b9316218cde0e73eacf722b5c664f4e618625ed35c5facbfca153cc184309754ecaad9c3678ce51ade96dfe3290e125d661e2afbdadfa73240c24939bc31d171712c7c987bfb434f1db6ed44b321bcd237f149" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"a912b6755cd2d677d63268a5203739b0785d7d956738a596e269128a583921aacbba1adb7c6d1714c164143c8f44e76711965514651680235068476ab137d5962e5e5872f3b899d0e9ca5ae8fe71bdcfaef1d241":"":"":"":"0f410304b6d88e52c8d6039ca674a06c49a5fa1094cf341c4034e39990236d9e5bb8ebb6e59849e7df82e2d02981d8df21e4ba3381e606b99c16de62860a470109c0123c69ebaf970603f451f9e6acf83e1c5951c3cb87170ef319d9a791110aea0c0dae5623c287d4c454ec93227654" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"54fb376707de02a1c385a3da78523485111a0a099066206f210ad848f29d3c270d2fd2f668cdd3a57cabed71f9d784c209259d1e4a3eee2046846a55a46965e495eb29725a86bd630dc43cd60ddb4fc93c59980d":"":"":"":"a2e3ab5390b5b79786ec7b434de48e45f590b85513106008479d8a3b7b236c884b0f871d8dee539c712509bd70de351f3881cd87c9cf77c1a9d8879986ff0f6678549c5c6acd15aeb6bbe653a9bc76829df2f194c5f6e8c7dd3058971ce15273a2d559c1ac60a0014e5e32352d6be2a1" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"3a0c24b5a6106d28c02957538e76e96b3ececfa80ba4c7d01fe642a88fc822884cc36ac2703e8952ee635948715f78c542e6e3270f2757f1652474df4706490b18e649ffd95dc518a8b4259da193600af5d5bde1":"":"":"":"55dc24206aa59d34ea990ac6b31250f15ac056c8ecd52e159f3464c38e1f28840eec4c6423b0fd9971d11c5ab99225eda5d173c08f9439bb56eb1cc487fdaea934fa816f9c9e0d628f111cbe60a647e03892084f80775248d41cb587617671d99b508644476b66c1c96979e5061e025a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"ae7ff70bb69c964f05c99c0e7868210d567bcb5eb02db7708de162e6bbfd91fa17f30656420dad1ca69d356cbab80456cef922a9206f07d32c3f198c1a68e673c5583674bb1df1f2a69c554fdd3411c81a90c83f":"":"":"":"f1f3f79b1d7f988d4caf7308416f3d02371cc029a28eb4f0247c8625c4680a2dcbe9f3d56d92de6ee4d4031a254bda8a657bc147fb90c2f7783a8e3749b60633e5a921d015b846b3cb38830bc7554308af08ee8219e5acd1b699f1ac538930d257da4ef567ca570a7951bfb236d4d36b" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"86704ad0286f88dbc60baebc2ed0571de7b5ab64bc8554ba8645557fa10159ec03cc9f6f299c1c3011c73b2563e571fc24f5b5b50b4bee514d7c808873ca804b147201ba7ed43430d89b066c04b00b0a17694523":"":"":"":"6b1a26d7d21308d217bc8988067ef3e21f5bc10d34e89937f2a89f8da256acef50b6ea7d9ea877bc1d15002b1766e9bc7fea3d681b147e42359ce29d6d4f8c73e7c29b9ec14277fce2f6a0c518d24aeada44990f7f92b0d1184ff96b20c76d506f6f9d963391abec5bc247a2ac6b24c7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"d0b30341b4fd48281f76a83d7de5769d05d5cb9e565b213c8e2bc8d4adcbae90107fc12fc1ed2a19f20beb563de8f05bc5c437637148154a12b1606bff071dbb366458b74a07a1c14114fab487772d436d4ce159":"":"":"":"fe2a7ced1965f013d475724eaa7d31b62740be411d899afa79f9fa6e73f18ebe0907f2f21388b6498cd365798f27f882a2c5c2744a9b25e8d351e77b9fa4471ceb1dd6c72fdef75977e4e4a246e24f56a615189e1b2a8d6782e8c5062b744a65ebe1f7c5fbcab333fdc155bfee300503" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"4a1a697e41537f28b381e05f11ebc905bd66c2c1d905d8c0b78c10c26cdf547a1b6f85ff58f48298a11bba41e3ec015d41a24d9e335e6e13b06b84b9f56b3e803bac569dae2d74c444bb58b3a6344bfbb9eee765":"":"":"":"15060b2bc827dbeefa2170ade633b0f0075a4b9b03fc24f73522174be4e4b08b93b421fa98c7c5a445c3aafed47a2eeeed63f19ef4f67e7726d8ff84bd94daa3338e397d52abea4c7d1191e30f3e8a11864f10ff56b2dbefd860655d34cf63ea22bbb54dfd0c5f64284c303a2ba2f49e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"e80b8c8896557d596e192c3226347c336dae455b50bf32a78c61b9a98c949096be51538e293d338a464eae0eb18f1ab21f9903d07a8b98ea2ad7f41fe7ffdc4b4bd0fd06138a84dc5217cc8fe39b92f9558aa619":"":"":"":"55574491d07db3aff94dcb71f519cffe2f96ef57219262860c3c03f9a5b8a1eb88869e69587f8bc0693c9919bb277dc84fa55187c0dbb20101f0c4e301dcd2fe21664e5a2f0dda3eb4f11df3878c5becddbfc3ca032a17f740d424b99be0a9bedfd99907229ecccbf459f5495533560e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"5c25f02bef1f1319cb6868d836c9cbc182fd8d86ecd87bc5cba41c163710074e80d1a30ddfd0f5d88c6682292cd50c68966d15e6ff95e117d342d974ff074ee872719d15745da624f8503a6141b0ac4b887ead5f":"":"":"":"9c5204d5471c25203f1d9786d38f71081a872f1c56604dc7570caa5439f17cddb7feff01cadaac8e0f35e7a5433cbbcd2dd4f11cc7dd14f6af629fd72a3145db6924d2bdefc262662367b7258cff36172263460f4dd52dd08faed3460bbffe18eb10ff5b3c6a97faddf65b3e21ecc98c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"68b4e1ddfd16a1c1ecb0f4221306e77ad02b07993457eace086f66566afc5f12489633c605d11d53916eee96ed778d6d6518c5681f0fa9b0160da1c71740a94ab33310bc20a18710015af25d3d667c40dc619f34":"":"":"":"5c4c9b3276d546d3b6277a3a2089d4969146d833e0ace3e1ddbd9f79fa2158531f8bb26a28b08dc64bb1e610f13eb14c9fb23559dc2f38326e145ab509b9f69259a0d1a32f471d5abf154a2585288063845f99306f9bb875ccb0d32e9d49b42900257ebaa532e8ec223aea60abc9714d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"d5ee5e2e629ea17487e593914012575daa8baf2d0e9671e1b8aad16524dbdf7d04c11130cdc10e50c630ccb235579a72b6eb4502fe146aabdab62a085c820ea46bb9091054d75a892a83c3850da0a31c15e0d021":"":"":"":"e32c0798b2040620fbc5d2a44ec7fa8038444c1910fd4a24312c8c8eadb57a78606449cf05ac51a3bc4d58ce78742c1be3a0fab6e3f5ebc92b82b5d5d64ce29e8c2787ace0f4e718a7f6cb669a0a43ba1aee0d9aef55cb7c6f5dff57c8acfe883ffd8a496d44afe06803e4c9ff62df04" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"6e531842b9b7fe2c0ee66899a1255135f784a2d5259c93ab3d63a5cb708e2e6cba955897d9b66c7fab274aa388a5db69713c86faa4a19709e9aab04638c670ffaa83806abf79a43e613e62cccafc637e1a1c0c14":"":"e628db057250fbc6fc5aba01b6c8b47062ec5632a8566730":"bd12e61e3d5218efb0c103dc49402800cfb863ec8925e76a":"037650ddf66ed42ea38cf44aaa94884effc5f831c593fb35886b5d601a58f74f868d89f2dba450b9c160e28f69fd24e30fb7a44189810e29afd0d11762d3ef07b4527f4134d6c53bdc9b024cebb6b40fbacd68b6acd4bb4d011d6705ce22f90d910ac4017d2426db7a48db3242161aa8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"3fadabd2d8879bd2298f53c54b573db2584655e08a83289cb58a4ff5170fdc30d71bb24efbb5a50def315dc69146111462e204289a64ce72767499f299c74c934f0007ddb34bf5183bc1e5afd8c15eebdebba882":"":"742f7022892c2123e62379e9367787302fd18dc3835de0bd":"b60325136fde7c858054983a977262b6390a48419725febe":"3bfa419f9bad259b871703681284c5396fa94a323d646ddbf5339398c4d8314a999c230894ac60bf231762acada672f58154a86f80a8c4e3bbc67132e22ef50c0377193cb0d13c7e2c97cb24ce5bb69c73be2e5cd3a07ca2b000b2d7eea940053156bf55d846181e3748a91c342e191f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"0784a499424dd1c2c13f765e9ed88d752fefa83cec61154f82b3fd645f642ff103db9c8d1c10b5979c56a22d58324669d4ace3994927222fa87fd049558a48adcbd6ad5a2380d2d927be57fffaae037bf8a34384":"":"9f853db57c3da0421914d2f71f9317817580c1de4ca43d50":"27071ad475b8541c1a80234bb2d110637fcf4b4e20e06a7a":"2c879a03bd719595211b526101fe85702161711c67a81184cc42c1f9da5761e853ff4b8d19deb95a2f3323d1cd58a2e066c66e7a30059732eba43a4bf3b22fffa5bea5161fd775160dc53d7cbb4c892bc122e4e0139f8f550219cf6fbccf55d16d8a4d8d7776aa143c00d9e7bd1c847a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"addb36bc9ad134c7b8fa54881db1b18e040de4f253be28efbd36b12bfcf4721b08c5833eb0a97c668c7adbc7f04a9e0299549126172e25b9e624282c8e63eccf358c0ef1a71f8fd0a8fc49451db7757eae344e48":"":"e32540418ef68c3dcca1e7a0546e5dc7d4c5e92019b8cb0f":"327e31a0619305c93e9b5eef87102d447d21e21e2d8c1cc2":"178bee4059af0282854c833e11e7bba923a1e2f1126fe8cd7e1694602c180802d67b845a88ff786147f22a74e6ffb0f8b86d352cec2714ff8f308b1f9705603faf5b04bea3c75c87c91d5e6cf7583b5c45eb5f5a74d2bac490c8415d2fe07726bc334c88e3fb7284058b006f82e89ae7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"412431badcf06f87551ec63c3860baf4b59667cb4753363d0f82fe7c968ea6f8bc5d015418adeae206005725dd9693af6f7060a2d5ba53f66dd49dc148de581737b67acd4bb70ff2f4cf20abc001ae1eb50cb75f":"":"d67f94a953e7e4e4bc0cbd517f963e599d68851cc333644a":"385281961ecf2d8175c0a718347d2132f059964c55f39f57":"357876e78a69cd4bc4e06b2c52ad28434520d54a4a310ee0eb026b87993514ba1442e25eb1ae22a3ce98529625d8db9b0e5b680d7e027523b0ba0184d3f2e4b9cdee027960ac1612295bcdbf570912ed05108541b97e3bb30ae0a122d74cb536e5db34b7d5ee5a042897d5d29fa3c126" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"ae914c3d74acb6e2d9b8487927db7992b838ede73dc918b60bcc94f0f456f454a6d100c90e119342154bc3ddb059f48db3a8d7b7288eb42d0ceb07532a2a357d20506ead28d9bd4a127d437a657a61f5d30b04cf":"":"2afb537c13fee9c4103cc6abb11225046d94df2e9838f73f":"6a9f670cb49cd9ad98a17cc19d00d4766344108f0c86804b":"2ed0c4140420c6e3798a13f917cd998b2ce6f98bac27f0fdb09e2538f573caff16904edb371f98f50964b7de552e997007fcd267b36abed12cd95d9a08852a4ca862872edd32c707e7a60e11fe0a7db4c0d34f4c70ff16e5c75e6f5d7ffaec3be383b8790ef0ff3a0d9f79850c9749c0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"38a93c3ede148c91eb7f0cd327cbe8b27ff0e569bc5262aaf30b86d31be35f83b4ff50b84b5dfd649908d0c55cd5be7ad36d4f5f7f22cce066d3b589adef804bfaf52253a0e4c6bb03e000d649541e523ae52f1d":"":"e12c05f2bf463d24da9abe89301d2acefb7957dc1bab9ef8":"d70065fa713e2d691bf554a00d063222755e7204a3e53968":"3e5ad7e96c8cee899889640d8268cbea296aee96fca7bb60308bcdc08eed36bdc8a5b3126ed8be900577e60ec0f8b3d3014deec41ac650480e08dd3a425843b37fa5d1d621b5053ba4b2fc1804d407849a84e9eb5bfcf94f27c2a535e2756b8202ede1f18e81f65e3f7f51a064b401a4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"384d6f43e7d77a381bc6bfbfbfe1a17aa35525bef01be8aaf6c488c46517d9b94380c73d3fb45a4f1b4d70375021c7df78eadb61df5d9efc6e08fe2d81ffa65df33667c23e3cc5c89893988f04be1d3634ced443":"":"a0271fd2552e037568cc857a60a550db050680fc03904fce":"ec095cc9e3bc301071a901d0289b54aefc796bffad6fda8e":"aca2571a9cf6bcd10429e146e6e94d1ae43a00db28bee2b60eb6a1bc1cde3d452dd6e04617aae7a3f813feaddc0f8fd25890004607f45ec995df970e1a3abb17b416bdbf62b6ba5625a80cb100e2b87260a73ffe15d9e6f24abfe9e6f9ba66bdfbfe71380d832418e2a4b460dd7415f4" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"98c8df867d234553e504fcdf807fb8bba51d23ac65dd8b160943bd45181764cf6df0049cad23e6aca490db57d12dc6c631604c943f153927d6d04af042e1da1b225eb8bdf4ee99dd405e3586acf8e44bb0184d68":"":"3338baea79c06f0d48ec2d47004e61c1c1e5056bf8bbecd3":"79007bfce109a682b746df074e87c845eebd665532867fa2":"ba7040193e38c4495971827fb1ddb747ea80cd0bb1fd6aaabf85ec1959c29eba8f818ef55aadadc8c34b6a7c00f210a899092b9704f2e03abf3e5e8fe6d127cac0436441d0a6f1b02a00e5fe948539c66a8c78e70f35cfeb600e1cc68c06553f47ca053b64a0534a028a73d0890034fe" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"6150b7280b3105b86b66c2a39a1f0461cfbce17e746791afb241b298741454e174650ab1e7f08500bd7eb096e40d8114e5a60668636b6ff66d2622154b7d239eaefc9ab2aa3351eda2af4fe51de36e22e70235fb":"":"6ece8aa447d2cf51d8497e303c1a202e39e06bd723c847b7":"21d890666d2c8ce4440bb453f4284c3928650f8cf38576d7":"7554b8cc8e79330ae55575f9157cd10d8eeb58af30eeebe9daa021f4b55ce365fbdf3629be7547a89c78bb9df79d35179e5d2924aa032e60d5a00281f19ee2255c17a69345ed86bf36ecfd694be0405c8b6c077b43a8c8bbea603ddc632a1aea6771a6bc117dbdc365e2714bdaa8b377" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"cb25eef7230ac2da249fe30ea94d3a3332147022bb2207aab4a50822b1564c24a047ebb46d57f45f6680f909629b43129876c75381e3b7c6d06887f68083fc423f06ecba159a90edd394cc0ca9473e9cd0f23c89":"":"2f30b005ea5d5965439bf15220b1c010e6c79306e700e6fe":"9937bf3edb3603cbbe190f3616b021fad652011854e6f6d0":"040a30b82981f71e4607c20c1f2d6e6854824c90b127517f65b6c7da99fd33dee32dc52bd0dbe902509c50492a88e5963b2b6e27d046334b356e5909f85763af2de70e93a89d6a00e2ef81ddd74f4a33d3f8406d05b383fda569a5a574fb5e3c0c86a5096e94174b79b2a4eadebccc2c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"1d7dbe4e83913bad3fa918262ab0f45cdb9e4e61667694f361ddecace06bf352b18dfab4c32bff9a013d3b92a2da8ed698168155ddc492f8ad5d65cda8eed212793cd9aec8acde7e00f952bb5d00c53c5c181e89":"":"f9c51ff8f264cae722734502f6799e4fc5bee773d31e3e31":"6a171a0a8801017a1d924f80fc5d9d6592b8b28a342f30de":"425024bd1d1a66d4527a3e8a8307b3206923bc1d693f5b7f9017f0d5527cd6591016758794ac89e2f682cb2d66f8d28f9a2f5ae2974a75f4d0de17dcd02e93bf29c69175fceba262378bafbe3eb7e3dabe974889306d0a2ebd0ad9d934c37b1ad89ac1fc28493e6b1f6f24620e40eaf7" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"a6887fe41ed5a615eb030b31b86315d32d13dd5ad506566ea23ea3b162b8dd621129736c8dde31708a7fa4a4c606dc212b3440617111e94a5c6722c3a729d84d2e5858c23ba8bb249456a11d63dba9d4260a7213":"":"a52036daa8172111e89c8991ca818bdd711095a1602f2f15":"cba427a2b7bb64002e1da3159d643e002516bed279e0d442":"cf0f5881032606c21a8ea20adba6a72e176e968f10b08ab6d08f997b24fc2a24f2c5d44d1b99deb7db4f388dc8ac268f966a34c857cc5f43efc601674bc548ffeaee1c13415df6d0240835832cb75840b60711cb636f509dd9b87b698615959688e9afeffa50671ada05faa564c87ad5" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"a563459889ca29b711086adfbf18f284fdd18601ff69916af1ce47510d33f205d4dcd0080f9dfedb2bc1e2e60fa0b9cae094102bc7a705cc223279e0fc3b0020b4facafc2b31b9bca92382f3810d5a4e3ef626a9":"":"5fc83f1f6dc0ad454bbacf2df366c803cc1d2fd46bf78d32":"1a9654667cfd6ad0aad9383be04ec1480a494262b3fee823":"cb45ce96a973728bdade51f91004ac09e155173769063b3fb4712493d8877f088127a3492588e99fef648a101cf1c238fdefd798dd4928b5bb3a851eed693f37d67360a28a2b27c4406e9ddefdffba662529b91a980bbe4eb381cf9734b336e2b64e7482e0328c2e2bf81e39edc30d97" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 0, 192) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"886d098731abf3140d512e0d348a384d25372667fe7e4f0ce713b1d2eca7b2ad939b25af03f78edad75bf0ab95b4110710d0e12e714e03f7df35db59fc4ef2906cf36c6c8897b802200a83e60d16f7fb064abd2a":"":"a4f42d83a492db3fc053d1275c6f264706fa932955c3da62":"4505c0664e59bb4388020470838bb098c4ae1338c268adf2":"4f9c3c60ee32042735cc539b9a23d04c2bc6bcd68db04a58240305f165bccebbb98e0f4796b283a0d78bdaccfcc8daf19f21a72945be07996bbb0b606643c7753f76ee6371292d3e681468b714e16bc32db14ad6d777677137ebd3731186ea72b840b8c4ae79ecb2c61352ea056d2d6a" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"a26af93571ba84b58e14e921a6bada73083ec17f21580a152703e1741392fc9ce6046f77d6eda5000f3225ef28425e30cec138a16b0ebd885fef074c6da2a7b126fcd1f056e3a5fd5627368c63681cc10fbf750b":"0627d10b1e5b4f0fff96d0c7e684deb9fb6a4e48959dbc29":"":"":"98d6bc7ec7cd72da4c750d9173518a9a17120fe9af10cd1a7d872fac505d9276c551b821a868cb8b4d8b10eb3b05845827717d2975814b5080a2f4aa50c5b112bd01b8652f2d1b56a88c6c891db5f3f40d1d1f0648d84e6ce2138c2c879884eb4847856198579eac759a065a5d384c46" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"5fd08930ba404d13a7275227660869e7eff10e103548e6ea15f0816ea93b649f6aba408ac710c49eaddea0b4d1e219577e6f6ba4f193386228f6fdf9cdcc50d5bdcf6d1f249e9cae0a097bb341e2ba3581a3f2ca":"7a463958302109d5fb9fef1a232b5aea13ba58a60b70911c":"":"":"a1a5c9d90f9340c807efa2068c6a0b872a4ad51a7cf90e14b4797dd894361712fc9507bd61d8ba984ecf1345fa3cbcf3031e2bc4302354cdf3f615c3a1bf43f60a464698e250726c37a7a9a23e1ff7e8d96df03957e3a0b5e6c4c4fdbdcff487e467b12dbc21e07eb8a7c4cd7f779912" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"625d6a509ec43c55bbec45b4244fa0bce24c74cc270851f2d32e4bb4f1961476af40088b5ea81f7a86efba78abdfb50be09e1a68851899e0e9acd95f77f16e8b0aea5a9bf29bc1a18d32158cf69c794f3f47fe61":"bcfa259c919f6e56c77914a272959cda6d2cafeaff87d91b":"":"":"b5bc1f03099547ce1a359bede1f9f3b76b38e8b9cc781fb3909899144f4d0a4ba93272552bfb0ddcda51165d0ca3eae47d10961a62692bd9edf2a9339c8ad14469f1834eee3c3fc1074cb1493054f84273e4adc73e5eec6cba284c5b7fd8005f10cb67b0fe16ae0b4ff30d50ca245c5d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"bc0c83de31217ff6b22c719de8c6653fcbd8aff7925f04624c76f586ed3bab324b64fa8a1ec14efa8d8d0b41eb6735d517f6c647ef8bedf3036a6ca90fa1d2c528722de33f76f7375711b6b4127b86fe096e72cd":"d7ef6b5dd09c08437313871078ac730c2f85a5abae6d6e24":"":"":"6d415afc0151c3cb426eb3b90c209feb726c01e28785678bb0b8d9143d4b7f31ae07e384816072e2df31350b133a8f4e3ee18f04b154d194513d9b072a695e52bf03eeb4c9a1df85dd6ef98d2453dc39390bc3a17f3ce499d9b182c89d0591dc3dbdb7aecb626b07f0ad2737bf8200b2" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"caca2b8631502fbd8bec33e89066e77b97a57b09d21a92dcc7b65897e50d7a312f287932c529f6a6fd8be6fad5c467f6c15f9bc0f39653a6e4963c0d4c4baa9d6ad39f4ad2a1d6587377ec3898e63e02cc0c454f":"33691da7461d3355659c4ca927b4d3e3bbfd8e775b535538":"":"":"89abe8e656667299705c4c8b208f0fc400897397d15aa3574cf86c0a6415dd30ac5d7d8bc629d8ba52e6e5af63818475874266e98a43ab5d3085d2856950e8d487ea22e01f9ab7fe1862be1fdb9a97cc24eb9ad05beebb202716607e8b164cf63cacb92504e80e68e641af71ad6ee47d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"5d97de97d6f81a858ad6ae0262e58169b27c25adfc2bff506854e6bfd37f3a4d8c4b46cd78d0a76b0dc67e0d3f90fb04c2131bc31239defc8eabe9be0fc589a554a4b77fa79c64c03bbf87a32031530d99bbe397":"a0d8be30a0972002f21ce2d7cf3c8e84907c638e0093354d":"":"":"67536d7352a49a1a49110a1dc1b77dd1924be34123e027aea0ba6064ae0aa051d4470ccbf923e0c96c86f2d440f17f45b67c4c7785a6f5006bf0cadc13269540b2c59bb75f642e9668feb601fc60c18b94d65ebea0dfe5fb284e003a58837f9e9e120481ec2ba972c755c6a9134af683" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"9ca7149b0c5ccb7a0f7ec5399c644dba98c418373460c59978d91db57ff714897ee71caf459c1dc164655140810992fa6cbbb708ba2e61053d5866ba6a1bbdbc639fd21be4383beb4a4d370e86d0e9739ef849ae":"2ade2ffc19de7fc94767193223aa1fb3461cb29d970c8f05":"":"":"b39d6db529fbb3c6a90d6b7057759c26a9fa26024d2b65e3bf459881ff0f88a5b93b87e0779635022cea81db313329b61613742cc82b52fff1a2e6e24ae0eebc0917d5e4573466e4aee3f0ee0053445566eaa080c3e701bc35d40ce5105b4b6572baa7b4c84a16e4aab501e6ef670164" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"cc751171d828dba023f430b3f5a7134f733f4cc1ec76495e98a6dc2a627d97924716d7e6b043cf15c62ce8da1dda2a930c88d6d4d12ca992a501f773dff5d38e42f150f1c55ee358aba1e73cbebf465baf9fd0a6":"4ba50a75424970526022c7351831c58ee75f1e3aa0c47749":"":"":"8b387e55b9c10d0cc336f5445755c0b6dbe971bf69a04682b21c9303a66e093b7dccf33fc685765c6d2bcfa3020892ed09ce6ea3e3355b3bc16741f34d40b5c96bb085c1574801d14b4f71c97cf64e75dcc330fafa1d1e626822609a9af62c894dbdd56307ccf1ebbb7ec09d500096aa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"1f2ccd29bc38e8364a4beb0e89984b88d61dcd31d48e310ae691c0e146f495b9d8cf443ed12f3ad2da7c59c2a2f6b8df4e0202414791e106c1f879879b7a46ac207f45b5fed69c38309adf15dfd0dd75742c0df0":"e0c49aee71c4c060aac1bab1f438f9e2b0c96d710ebfef77":"":"":"593677f65ca4339c0dd8b1ae9278cc49adaef1cf889760b4631a379d82bc25123dfd2e1436d0b6b890d4155e3236fc1e2cef67d8bc0454099051e220d6925b37c47408fdacdfd54cab7be70f8b3b3dfc5a86f181dd559ff7182f225f7de87dd8bd69143be270ce76d2562c6e01ba4c4e" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"f1bee9caecfd0397a6cd76f356ecacf1053981c64d315db4a51a244fe3b22ef997392f65dc13cf30f5b8f5edb7f8f55863a30156722536d02440e5f06e503795d2401775a560685f2ad3c98aaaa22726cd6ec45a":"9d42670ea4113ae02302cdcc660b497f3ffb19b9aca8babf":"":"":"78f31a24cda43acfbc4db7f17c57805a4b53353d668596247358b47e8f8deeaca312a7f9ce78832bc1da2d6b3727fcb847ca4feb1695a2edfd2ab24c486da125be1c1af4f78b749afdb57f97b4a8b892fd87228f116ba10fa739059581256de4fb865d1115c58284cb9850a24e5b7615" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"17b3146ea3ac1afdca446275f3b7539a517766b90e2da2c4c85db4802943efcd8009a9ffdd054440da16edb641a050fce3f3cab3d5f03d550111daeaa8841a9c814def76eec9c4e910788c710562428a39cd0987":"f3831c1bc859fad452a76ce513575a23e8b790c90de4575c":"":"":"c6c85936cd52b5271a6e70410e0b9d960d76f3236b548cfd4fea26504ca8a78e58ee914c6cf248f30d7ee3547eedd3a4d9869b15e326c911aaecb7f0c221f8eb9208a9b355e4b1cc7926380d25bb776f3e89904943b3fdf306012fc95d06b3b7c44ef55c9eee675150b332e2181f2a32" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"fabe526177dcd476be9950233ec56f9122a9b083e589c9264add302d4768c06020cf53e7708bc728582360cbf06a18de38e3da2642dd6751aa686dbf11734bd75a422571c9f2420915d7d79d9efea870e72d262d":"ba5858340e6a82b2ecfe1190215bd8da995ee8ef572eed8b":"":"":"10260dfc2f2322f530192e96a2396694dead62f9b206137108666cd199939184503da75598f54a89dff885a9856140b56687347c2c066a1593bfe02b8bd2cd93e939c424b33683a13678ba5f34df3f2f5f50b2a708d1d5a04683db00a607e2f80e5feb20086e3d64294e9732b0776c51" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"b7c9a1d221fe10552bb0b799e18d12cffd1f76d6a1e6dc79a36584ac7e13c355b9323d0ef2f97fc2d8a26e6c37209a485963788aeab084e923a3794c63713c2ee288ba3a99f2d407adfc1b87ba64fcc5a7f98e4e":"e563f8c8318862c7117af8946823e8570ebc64b3de1b293e":"":"":"100c460c12e5ab12a72bd4351f7b608f5578060b262f21d735fe79d13c942035a76f001adfd39fe93caa22b6274bec282e640469d3f454d108991a1b73d8acb3d392732fc24cafb15fbe248441462bb2c1278883610ba28486ef82ec2ff3d20eb9601866c7dc4eaf44cdd73e5b5ac14f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"78e5d4818964d748282fa8dd386ea9c920c4fc5ddb9d2204a3f6285082b8065dd3944ce193722e973f8300783e37991e6c4a6286a1a0fe3703dd78ae951c88a0ce47b1a23d91e0926358221713670a78732d5470":"fa058586d35f0d74d2c473e005e7f8ddc33a1f6d5bc79d75":"":"":"6b603b098ca74b7fcf3c8f9b42dde5b3b51e84cab4f67f4d87bc6575ad4fa3f1e0ee27085f88e2a5ecf4f57f9ba92638e52941535806d2cd1b5aeb5b7c81b3d44d41cf5b8073b646a9cc1b0a9f7e183b082e9f2270acd928623e8a46b46257e1b827e8b88b55c88a3a3a067cfcb9b2b0" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 0) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"50241739e3f08c910baea7f9ba481511b6ee5d69bb1a2dd34f3987a231cc25f39a1a966390e391a33dc21281372589e2a667cdbbe4267710d5244fd342c959b7272b39e5cdf67701d47665b61782541e94aa224f":"6a7d2f2dcfcae8a284802c97d77917e87c6cf8417c2b16bd":"":"":"4402afee12048c1c6a44624d2df026798930ec732884899ffd20d17f1c8d7c221cf5edac8679a21ee11b177ecfd61927d4ccbb175ee6b49cc6f371450904c2666aaf2e6cb36cd55cae3af772beb80955cf67b4e8be1fce11250a39693ecb7f8ac05aa23b949ac74bc9a67060cd60cc77" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #0 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"c3005cdc5c5b7b25ed78c9684f3faf6278f9a9c5a9fb202014a29882e50b21e56ec8b7947fe871daec2626f32372123f44a8721ff4339e0a20f978ea27609eb495c2342e9ba719bbd2b44ff503db2322ada1c982":"c4506109937e0f9352fc881b0396b0a103626a15addfe525":"6ee49c76d138eaa3fc10cf411e0b8ad5488d77f74faacf13":"8825122b506dd6f3a58811fe6c9a7e9271a6e68dcdd590e2":"e818887ca1c84717e277baf00913d65ed58a8f90b8728080a03043bb2ab53f55fa605ba0cfab29b4cb694f6aae6594dedcbe6f74e1f7573c2944f3703b89a52789b0170077ea8e66d8299ba5cc139943ab96254065a27abca2098a85162fb01d294d8671b00206b7f784319384e01b3d" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"9bf2ab19aa7e9ffc3461522f3cf85b3292b54bd3e1099a42dd6f5349d169d59a152b2dce675874b665fcff802260ea84b358f6fcf8011b511834e8447a73c1f675b7598d836dc9fbf40f1dd0f481f47f95f3ef4d":"38d7a2109c6fad9205abc22b9ff705b7f671c4bde5b662d4":"b46e928cb59eac0cbed65645767e96fd824fa95cb96a1cd7":"532c8d3748205cfaa826fba7f240e9926cd3811da8fd1a5a":"bc367839d1510316ac3ba17fb7bf633a6eb4b61dc0b03cf1cca564db8248ced0b47ccb36e730c0237b0812af30361b5dce662636b23f87d6ace82cd3e34d45a1133b35ff9b8bde8fb29fe82298820c0c87f0e30887ddb15c9644bfb12578f0878a710771ad22fe16935c66681378f5f8" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"a3bfbed559c396b807ffa80409fc4e2c23ba952f64a41c07d3af5e5b78d8ef88171bd5022d3e02efefa644f4fddbe207e59397605a0408b0201f6a882def64d973c0714555d2c7e0a6fddf49558fd1328074ca79":"4c63bef79f71fa82168928619cd09b003aeb2ba2b04150d2":"c85bb368a82d57c70cd5ad6327187c8550f7c10380b2f030":"5d467e9c06ee058ca066dadd6f6ec6b0da59ecbaa4ddd12e":"1ce311c919c67e151b51ce3060384ca95c071a295f01e54349abaa2da8ef497ea1364454133d20f57da28985bfc6d1d2f58f84d144c85dbe3c9fd5e8958ce06f2f5ad5af7e16bf90ddb4a1e2947f78008467fcc38b5a082eb1612d68e36e3c0abfbfb3a321eef3754ac16c41f96bd635" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"1b2c2419e85386716135b3c142d749f1f5bc23edbf8c0a1c53b72f474484c545761b21aeff05cdd35621d104ee393e791737c48c5a6e6b25b58c5c5be28ecf17c410c9c9c3c3aa2b6385f66759f31b61f9fe0286":"b69011f446e50880a15bb0dd00229f765bf77b2a40040109":"67eb63a168aad8712a0e7e0f162af7ac7893e902f1aa72cd":"23bb752e6232144630e3d3a6daaa1e58a5ca315f21fe1d8b":"cd8e6c6b8a1f7f98f5d796023fdd4f1da2d72eedb96a8e85cac661da24dd0a7810fa04be0491c69db7617712582b43ec4bf112d9e2932288f25b64fb7a2a09ac8747b8f71ce75e3c80b854336a0457b8013ec6dc1268b4c7e8f7d3422a4a5d432f8d9705d6a273a09b9f9273f4928c4f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"62d059e3ecb695167e93b3cfd77f96e681985ab5d68f15473a89f9cbc4012e1c090a5a9e65f738be938f44fd6cb157fd9b737d9389e4e56b6903d4d015f9d80d96336730fdf57787296d447ea91de7e686c7a81e":"d8f121b2bbdb8530c6315c63e0a52e383c163c033d3b0854":"830e2cab11331b761aed55db61681fffad3a61a1a06adfec":"c7783d7357ff30e88cfdbc90569daf03d3fec8caf89619ff":"e44c9b35d3b847a928748094ba6754d1c5de3cbe3d90d4e2bd0c0f19dc5aed7228c541044b2b14d7e67dcc148ab04abff7c22a8f1fdbec4d68ad24a7c4b0f0e507bd7f2b4845593363da484b481906fb7207844597238b9d40c14237004e275572aac6a6d84d151fa58abc0987e54e18" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"fcf3887b4505f7a1273ad5b32e064ff51682bca23ed974ca981871a5b7f63e5ceee58131f9a01fa7c37ab14150c9323a03f694e463496c4159eb8e5d3ebc62f41264beb93098a42a3dd406b983e1fb040d108f93":"9b3e97eed077155cf181829233868d27eb773c398575dfb2":"75a75a15c622e69eba698a064b0b41c8bc80ef803df0f29e":"7b6a20a222a81dfa6fd164def816c2b6708bd4c761b2bb8f":"0b3d501f728d2f1d8b0d7dffda0160157b30d0d97932315f77022d1a6fb30d9a0ee4383f2f63377ac6e57b16b0c7480a6f5dd12ed3ec0bc6f104a26c86592daa3f68a499570703306e2c2448e784b67cd6efdb4ae64a2e8ffa5929e74c95b663c9b7fe891633f07d7b50f5f16e9fe567" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"7a6a0774f2cb5ddce6b5242782fd3d7b5c7c7e31cb5fe95367c06f29a5488fa37feb34d689c646cdb162e258ad636a030ff74f6a7ff876417fb08f5c5decdcc98692538bebf9958c627ad8287633f98c587cdaec":"fb16aea72967c43b8803bcdd3e794911f6d53f2cb7946cee":"67d89947396322ca243e2c591a3adc8fd9f1ef448414fca8":"a0d568f4fce862e5e1b22acca29e60d7bc6cdcf6cc277794":"758b4685b0db1093eebde07ba11085a9dcab64c8d5adacda070fd2b292bec49240f25e158fc96cb1d0ecc9ebcccc360b981d140e3cdba54fc697313014450a9af29d9d55dcbc5bb9a38e4f10c6a3e41874d5c6688f22d0c5714301083cbbd0014880af0f7d088dabeb4e84a64f26d2b9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"19bbbbfcb755cd9dc000abfc03343ef64193141c3d3f43120f55674616e3d96b6086adf47c906981923c98ef7dd0fbb2f7af0ecbbd2de848f2b25cba8651b7e3aeaa0c59b605e6d4710a01406565ea30d0c4f68d":"e77cce9d26d283bb5d6e8300ad0f69df723324d23928c6f7":"0586c76051462d0483071213804385d01a07bcb27db05e06":"1c9363d0b3e9f42b6c722b8d62f9c633066587577fe766e3":"6d458079264d5f3940d098aae092690b7d04cd46d6d5dde753063b7194118ab67d3848459156b8f0216d85b5c583a1bfc000e68111be459743175fd114253cc24db72ecc978ff8620301ecbf18f42fc4697d91150649a8254a9850d5c28f9c4e187e409e496e2a659b2e79c06074c5c9" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #8 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"c2b577bfd802b8f599ca14bdd5fe5003ee28ae69ca5c246df4f62d9e21a7793281c48f73ffea15f3c3d444ba48367fde04cdf6d62498b8afb24966a8662461015135cb55034a63571a032d3cd2c1e6cf4a6855ef":"f0de29d4530b4af75b8defe9b3b24dcb7ce0add4aed6f72d":"90ac05703a8e0c6057dd2d8b1a6f16f0059e7c70679919df":"16935f700de9fe529a2bbe811dccad430e27dbc60549c3e5":"56988f9328a91314e4b3ae027bc6f43a01fe471615f3a319afd9bb63f55b13e681ac0ae830d4d3057882fe247ca4decbb26af811282f59ee89ea38642e4ffad9bdfae44bcdbc3a289bf431e0bfc68148c12ced1853e698e74f74e24aa434937390fd41cb4e78f823a262900f2f44c1fa" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #9 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"b5c4acc63ae5c68ca404bded2d36a391e8b2e9ef3b32eb598aa94fd6b5ede6c3d9c33ec77a195abb6f8cbcafb6c492a1d78f04439bdc442168d1eccc783d53a92e16b90ccbdb0284b383cb96af04e81728d1cda0":"b3e6df5e9ae10c63da4269de170550b92dde7c6e33af228e":"c9787b641b5c881dae53a69e2b3514ce2ea81e5879765bd1":"e4abedcfc4cc69da45467bf2bfb03d823abc19a746e3c582":"e14f46dcab0ba39965f170f01a07308090b051127685ada6601112aa236093f7a760530f856617d9e027c8279ef33d9fbc4b624ae26a277b9e6077ac71e2d2f101b84ebed007ddeddb4286aa4729cb3b28798387b757d8e99a7b6d2631601fe7ab4caad7983dede59b94f4c920ef1b29" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #10 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"7302ea40e214308136b8427e601ad61132d195f870f2a861c7b8ce1f686bf325a155d0aae1211401bb844893dba2909060c76cf9cda757d9e2cb24f5602fedf6a7412f49497c82866a8c9b56e2bbaf912f760255":"58efaa77c9bf446ce8d3f3ce73b7d1f014bdeffea2a2fdde":"68f9eab1893186d7e5cf3a8c37bf1c229344abdceecd9de5":"a0d3bf1de632fb19ca5326d936f79aafe59a0e809b13f10c":"f2c6a717ab10a9cc89f6d3a07bf6077fa33c2e5d67475ebcdd1b895fd0067941ed3fd8f251352403c2680df2319a882f39a91f8ccb7df2c06a13037f057962e23b8ea0654ef9bfc19b6ec982e539ea6afcd1145cee582d27b708691354b4c397a51d004c61687c1c9c948576009002ee" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #11 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"48ce334fcdeae603c54fc228461e7173681a8e8387e0c048c2acfdd6a78c955deb7dc25bea4e9924c4a2ae22d9fb6b227452addd0b6eda7769f9ceaaf2ca34568b3c198ebdcf5f6ed11f863097bd56f42d648862":"6bf4c173d264dce03e475fb3bde9fca2474877627bfb0c5d":"2a728f461ce1067dd38896002724b4967c1a9cfececd3437":"2b862cd7a94c1776b26022c27c0e4f2d199ccb782caae6dd":"07f80326ea781bd95efe729867d6c39465213bb698b5e486e6c5f27d3fac4fda3cfb7c831fe6291062d4db2aff59781efb4f4cf428236aad6a55111b969885a6b851d5462278d0863909a07796e5e0e8448fc0d674a4408cd9e91e98e3adcec2064ad37dcc566faa80149519f5ea261c" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #12 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"b23c748a9c9d206ed4ce6b8bacb6f7e17cacf5649ea8d1e1144a96e977a4cb22c0f37139c3eedbcc8b9024c6f21412f1600fcde1488f95744446df7b6e21a858224b9294a75829a014697cc4b363c3ad0e152ca6":"325bdbd8c14b766d4a7ff0e14128585b21af76de7ca30ff1":"2e002a406bb8090eae6c950944a4d6768c89d43cc0d8bd17":"4828622ff56d0867bbad03bac51b8c939a5dfa33a362b129":"58cebdf4676a21ded5eba4dd19452f5dec909c589751879ea4249a4c9fef834d85dcfc95ada82f7fba1476451774036246d7a496d4d427f37647ebc10fc2e1125b0b71da1fa5f1479c5681e9d7acc9b88b527390734d943bff6a76c4b22bb4f6ac331f7710b95f6806fa35a29a2fa35f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #13 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"606f388e8ae35faf979434656144370991e89b7457ca5b55d5bf2b48fe8cb64f549f48a812edbbb4cff895efb21c90eb26c1db239ed72da43504a1e09c56fe144f2d09242f2670dbe2561456d938352125b19131":"5e039f38d6f9a9c4ecc67158f40d3c8de61808fd7476fbf7":"21c7d976da71bcde51a3b4bc1b9a79cc6c4ca51ec992e479":"bac1c5904816c3040eb532622f127ac3e28cd78ba68404a9":"5f951dd774bc1a0818b249ffc51348bf1f36aa4b9d6a3348d36df84b5d3e824adcdf8b87ffecfec13fe36ca354625ae8db8a69722254c3f6e7027b866c529f9bed25360e0cee7ce41f996d50d224a08e965e0e5dd67a77142e2a3de0d559b9dae8919ad0387ba5fdef699e42016d7291" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-224, 192, 192) #14 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C hmac_drbg_pr:MBEDTLS_MD_SHA224:"be16ca52551a6a0656c40539e3155eebbc416cbfe212101f8edc2f7118472907ae9b2b9574abe81257533115472610ab401d1ce1f8998884af43fa5776a59ae38c88631a066fa85d24dfc9b2547caae598cd0fa7":"ed000ad2e479513861014e8ff45a481a494af312d2dd5563":"feb295c74975f1e1c738988fc70b9d2603c7da93832154a1":"764705681b7781573af811fa7751dbc27d667af7a1e59dce":"ba4a0583d8d6c5b4216a0875cfad594485858dc7f9ef265d4ed0c0f0fbfcaaf5ae318df2d7fc530301813d9f49826030625f7ea02d0630b3573c486b1fa0ef4269cbfb6fb86675c11fb7c0570cf7ff4fc7affdb00625ac453c23c229a4ea5f540c66f031ab3462f7d12659eec990501f" HMAC_DRBG NIST CAVS 14.3 PR True (SHA-256, 0, 0) #0 diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index cf812e6582..ac14c1dbc9 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -26,7 +26,7 @@ depends_on:MBEDTLS_SHA1_C md_info:MBEDTLS_MD_SHA1:"SHA1":20 Information on SHA224 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_info:MBEDTLS_MD_SHA224:"SHA224":28 Information on SHA256 diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data index 3261935208..b8490b91c4 100644 --- a/tests/suites/test_suite_oid.data +++ b/tests/suites/test_suite_oid.data @@ -67,7 +67,7 @@ depends_on:MBEDTLS_SHA1_C oid_get_md_alg_id:"2b0e03021a":MBEDTLS_MD_SHA1 OID hash id - id-sha224 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C oid_get_md_alg_id:"608648016503040204":MBEDTLS_MD_SHA224 OID hash id - id-sha256 diff --git a/tests/suites/test_suite_pkcs1_v21.data b/tests/suites/test_suite_pkcs1_v21.data index c785838a04..106bbf0c5b 100644 --- a/tests/suites/test_suite_pkcs1_v21.data +++ b/tests/suites/test_suite_pkcs1_v21.data @@ -885,7 +885,7 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_verify:1048:"00c75d0f9fa17d1d24b939537a434017f390c6604444c35a13360d6b1fc986baf40159b84275d37b883278df5064dd9eb0f29b0d325acc790c4b59672737dbbf3acb88f5e2f2d54c919cafd072272c494591d52e158993315e71e2ca60b1c74feff8f3d77842b415d4e71734a498206a5cd9315c87b23e583e25eb4ca97056b45c96856d":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e35c6ed98f64a6d5a648fcab8adb16331db32e5d15c74a40edf94c3dc4a4de792d190889f20f1e24ed12054a6b28798fcb42d1c548769b734c96373142092aed277603f4738df4dc1446586d0ec64da4fb60536db2ae17fc7e3c04bbfbbbd907bf117c08636fa16f95f51a6216934d3e34f85030f17bbbc5ba69144058aff081e0b19cf03c17195c5e888ba58f6fe0a02e5c3bda9719a7":"653df9730e14e03f2ffb3374d6b75295aa4a52c38540b2d501adc1eb659a4d7a050769a3d11d0d5d6f3efb734200ade241fdc271c0f5eeed85b4bf00b2327bc8":"9442a8ec48f87ebc81cc1273b03e528e7643c9e2fcc60ed85827d9341c5a36e5c76059baa8e9891df437e44c4047a266b46bcaaad3de1f1d4d3576defff080b791b013491636187fc45a930b70a533ed92abfd168f050df91b4c35d68d160a243ce589807a7d32661fc18b9547cdc0fd86d33acd349c98b34fb016ddd1bff23c58170e":0 RSASSA-PSS Signature RSA-1024, SHA-224, Salt Length 20 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"53d859c9f10abf1c00284a4b55bf2bd84d8e313b4f3c35b8dec7bc3afe39b9b8a155418ead1931895769ce2340be2091f2385bbcf10d9e92bcf5d0e2960d10e792e7d865c64e50d19ffa13e52817d7d8d8db34392c2374a2e9b69184f92a4ad9b1b8bae99ca614d204b65a438e38dbbfc8c7cc44ed5677af70ce6c4f951f0244":20:0 RSASSA-PSS Signature RSA-1024, SHA-256, Salt Length 20 @@ -901,7 +901,7 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_sign:1024:"e5563b145db6ff5a16280d3e80eff02f181dbd03324ef247f596a4d4a7b8daa32b9934e3c7f4dcf6a3105462dec63839638618418b51db02693fabb4e6838725":"d2a4ec0fa2226cde82da77653b072cd098535d3e90ed4d7224dcb8cb8b9314768dc517e22d7c8fa13f253daa7465a79956098aa4cc3a6e35e8b1fcc4f97e774f":"bcb47b2e0dafcba81ff2a2b5cb115ca7e757184c9d72bcdcda707a146b3b4e29989ddc660bd694865b932b71ca24a335cf4d339c719183e6222e4c9ea6875acd528a49ba21863fe08147c3a47e41990b51a03f77d22137f8d74c43a5a45f4e9e18a2d15db051dc89385db9cf8374b63a8cc88113710e6d8179075b7dc79ee76b":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"1248f62a4389f42f7b4bb131053d6c88a994db2075b912ccbe3ea7dc611714f14e075c104858f2f6e6cfd6abdedf015a821d03608bf4eba3169a6725ec422cd9069498b5515a9608ae7cc30e3d2ecfc1db6825f3e996ce9a5092926bc1cf61aa42d7f240e6f7aa0edb38bf81aa929d66bb5d890018088458720d72d569247b0c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"a833ba31634f8773e4fe6ea0c69e1a23766a939d34b32fc78b774b22e46a646c25e6e1062d234ed48b1aba0f830529ff6afc296cc8dc207bbc15391623beac5f6c3db557ca49d0e42c962de95b5ff548cff970f5c73f439cfe82d3907be60240f56b6a4259cc96dfd8fe02a0bfa26e0223f68214428fff0ae40162198cc5cbd1":20:0 RSASSA-PSS Signature RSA-1536, SHA-224, Salt Length 20 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"11d9e77da9c83487f7de32110fb0ae0058d86f53e2f6244af9f59acefa90320d6514936534679c836b499cccf1dac6fb9e5cdf0c953b3a5ad44ae60409502694a7c321e33ad3db37f8ab64af98f350e1679966c198d19dc5db5a44463203802a006ffbc06315dbebc48af183ad0333f8da166d3892c033d338ac1a5d1db22815":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"1d85cec0da1a74825ab796480c6e1235808387106ac1411d68f313246c65040111d74a9a45ebae10ac7686fddf4a340c4f9d24685d708bbf7b0ab4563794f5f90e0405b5d7d56c998e996b8bde2b022ae45fecf29a21836fcf362042e77e13cbf67b8a4da3f1e378dfcab2143aa8b9a145c2ee7d593e31626baa47fe623a3c3f859bb63e9336e11c5ff398a6597623318e098230b09e553ba0a4257692a0bc0a1ce1c17b2d541b52d134627229c141d351c16f1bdfe33384a9e163ecaa13e2fa":20:0 RSASSA-PSS Signature RSA-1536, SHA-256, Salt Length 20 @@ -917,7 +917,7 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_sign:1536:"d3bde85f8718388de38c7e157c7200366224fd446ab590fb31dfd8135d3c561426b9966c164912bf0cd6537e877d59bb21fa3d3c5a6115ce971018db6be1033f14a4bb5849ccb070eb83838394e9d0851f3a33c43f48935a01c31c6fea72a6dd":"c342842ed13979fe948de3d31c21e5d4407db5f08524a1d04221500901e44b95274cbb84d80575ef1514332e27b0244a4154a8b561125439772a3d2fc9db73f19679cb92f9c5b5388154b0180aa339ff0bbec819da8a84d2bb617542cf097a8d":"a180ac4b5186df0b7b1cb7a95746a5af411efa16d1aed12468de15b747a0ff32c215dd08a99287b7788e91542d9059940e4b610f741cb9c7a86b4aa0b45a7b38450b6ea25070f98e70bb7833aecd1834a8e591bea207ec55d403c76213bd9f700ce25adb265ad383c443ed7a87a57d7e5c6495c32f51ae0cc8784352cfc56f2029cdd323393a153193f41f0408cdcd5b344d20942413bd97c3b0c04ab584f685b0e796ce9b5a0cf64441f00ee7586c62fe8442d522f7c6e3f314f84d557039b9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"7224091b8f68b00d49d2ef1bfc5ca7352e852aee73a346768f7b80c8db0f9d24eab767c06b73adbb51808c523229ed56ede04fdd908dc73979264426bb801847c365b4d43be6b38d2ef21bf26d28dfb532eaa87004b3d494daaabfa18377429d45557abfc568cb6b265224637501843b45cabd0d96bc786ffc2e79a2fd9b240c":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"32e688063ea24ccb2ca998fb7091877c103ce6576b11a175bc896af454042a5731b91c1c58b4d8e38f0619f6ddc8ced6b5397545f9571a4c90767593d11c00b75eb58a0ae4932265f0ab1790be2c83dff65357a301b3b3e2ee2e3683afe0b4b35ee8b6e58a96b4009c98d8faba75f86ffb548f0501884f3528d8eabad353e28d0132c4c01fa3af5dec922f02eff22020481615e4cd35b9eccfd711cb3b0d65af95c0637d79aaa2433f2854de3560adb284248bac8cbd4717317011a5159c93ed":20:0 RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 20 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"e2b81456c355c3f80a363a85cbf245e85a5ff2435e5548d627b5362242aaca4e4a2fa4c900d2a9319eb7fc7469df2a3586aaa4710e9b7362655c27a3c70210962391b1032dc37201af05951a1fc36baa77e5c888419ab4e8f1546380781468ea16e7254a70b08630e229efc016257210d61846d11ed8743276a5d4017e683813":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"cd1fe0acb89969ae139c178bfef1cc982993521b3a020ec847c89c0cc6c869d970f43f018d495b9e991457e7501a344c33c376fd2efcf05ad6eb2bd0b3c0e7cc3c88a4124398ca16585490a0817a36149cc82cdc01b20e9026261215dd06f9db4e13613c6a569c2187a0e00bc63c281149433ac7f061bd218e79f8eca9dd9c93ebc3cc013bf27aa0bf286e124593e76d3c7012f97ae1d0c4bf5823cf17fe76d505a54cef174add58ae616f47de825049e9916bf2ab7de4d443745763b0c314cfae3a6e57ad475cc5fae47cddcad7b526c2154a15f9ee8eab02f4c36f7a41d7a19b23c5996b627270ceb2c0dbed1a6b6dd2ff94868e073cb7b1a1fa3429e487ae":20:0 RSASSA-PSS Signature RSA-2048, SHA-256, Salt Length 20 @@ -933,7 +933,7 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_sign:2048:"f7b664093cabf8334b1c0ff824564db5c13f941a279733893a7e5abed536d2b51a2beac80730b5194a0c722f57354ce4b7db447ea3286b1cd1c754548ea3c91a0df1bde3ff70820b63ef3c74a0119671d14db3e2603868a0d607a81bf14f3f41f810c3a24bf52a94f9b694078a556194dd0cb36c56a91846d3569096c631b61f":"e0a1111aa114d5b1702e34d29565d65320e05c21d794f38572ad28a60b2ffe50d0dd3df3fb5a0eef048ec50e144bfe52be30ebf2eaceec9f110a600bb0c2bcacf6b4dabec09b9387c89a8fde19de5ceec780be38dca846d795f82608cf2844e9bced8d81da2d9258c3ef412154f9e590a158ea0ad9180ac6a798614ba3410937":"d95b71c9dfee453ba1b1a7de2c1f0b0a67579ee91d1d3ad97e481829b86edac750c48e12a8cdb026c82f273dafc222009f0db3b08b2db10a69c4b2dddaaeceac1b0c862682eef294e579f55aab871bc0a7eeabc923c9e80dddc22ec0a27002aee6a5ba66397f412bbaf5fb4eaf66a1a0f82eaf6827198caf49b347258b1283e8cbb10da2837f6ecc3490c728fe927f44455a6f194f3776bf79151d9ad7e2daf770b37d12627cc0c5fb62484f46258d9ce2c11b26256d09cb412f8d8f8f1fe91bb94ac27de6d26a83a8439e51b35dbee46b3b8ff991d667bb53eeee85ff1652c8981f141d47c8205791cef5b32d718ddc082ed0dd542826416b2271064ef437a9":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"252433d4b72a33e1aa444aa9680454e9cdab208637ec2173dcf366d561a6cc65a82b7316e9aa6ef90454bf5d15a4823a49e468d0f1f4678bd547b02acb2ee22088597d3ab59a998346edd86507b6991077496e20daafd1798aa812768eec94446db6398844831b4817177d0865c20133ffe11bbd1aa7c507a21e7403d1684b98":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"2cdb0d5ea5f0aad1f7af8108bff56eec5c0dcd0522c5dc6ae4c6e0f66821cdf698ccfeace65fd6e47f95febd879e580e5ee648972cc265f9a117fc720db4f2545a432eae24a367b0aaa70a011ac8fdec94a95c3cd48cfa7102de8dc26c877e974688b3919de6cf06e27028995ac85da88cb3851a5761e17f215e5c593e13e481088c7d747ecb34d3ce61a5b56eb2a65be5363363294eb365f83c4c709644d857e2ccb14a5851724420fc81178144ef3f9e1138b5750eb7196eba3319d799c3494a7e399115a62b1ca4f1d5da079b495d35fd651a1de78d54000b06bdd3122d7404013f2ed8fdf8a7d012f9812b8e4c2e0b24192d5f899d70a3cc5c7e08c81be7":20:0 RSASSA-PSS Signature RSA-3072, SHA-224, Salt Length 20 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"1e4f71d67b8041845a6741a2e84b313f035f04d64e8c922e84718d7f0ca9b6d6ce4c50ba46b8d510d691e93c61068c89155693cb8893594307a7b2c22b942011ac004a917af0a91f0ad4853aeec42068a90931d5c1df933e16793f0d714678c6607345a142b124799e38fde4b90b55a4677ec43e21f6a9e858f11ca8094624bb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"7171c74df24272dfe6b34db78f24507a68062bd791f68796d5001be354de6fddab81e9252e151884f4cc1f3cd3e7760e263c0c34e63c557eb32c8336e0cef40855c5e279dbba3170da5a14ac60e4cc8d402633a383b88709f3306fb02708e39f3039e7e614edcb89609c8c71137de5211659a41e9e5682cfe0463f3bc97558d3bf77bd798976f09db69153123923835ac9bbd7648c2773e38b5228640fde6df005e9f44819eca31f41ccddbd45d61ae7e1ed0640f0736f52bf5fc1c62f5430de6a96d5aabccfcfef508ac299c7f3f0f7d222ef1f19b288273690b3275b68f874301afa95d243316284ed117bded69da11f5ce1435dd67717bae82ed468ff1b6ac7f2483397d310ffe91775189f671a82b493039d8c233830d20e290bc9be880a47f0b36bf2e1da2c1f23dafeb9f42d9f084feb808a98e894e8501937ba932594a6d202e20a0afddcef8fa48c1682d3179edebf8ea44ea1216a2f55c305cdf487249010909fa8a21d9ba9e3dbbeec046a823922390b7d902d77ec176bb447b05d":20:0 RSASSA-PSS Signature RSA-3072, SHA-256, Salt Length 20 @@ -949,7 +949,7 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_sign:3072:"ca7b50c5f65f2115fea7691f7d90c124866e774e68e9eb89306538956fc217593d46017b7dd7942d636e384a34c802a14d5fd9916798d7d6193ef1a29e2fdbefd955261496d8ac9713922d43bfc43a7a410752ccbc854cc85268f411e793f9b5279007bbcaca30fb16fd9033a6ea31566b4f2c27f0161107e2cd890bcf563a522ee0eb96a016e9007595a94172a4aeded11fadcb8ab5f03cd154f8b8e0e0666ff62b1ccda02599ea44bbfcfaea541a5ac26bf267a56a8177a50f6b87b460a54d":"c591723042d4b8737f4ef9dfeb40c6d62d439ee8688158a4be24c0ad130f851113cc53d776c63cd782b95ccfd266bdb2578b78439c121de34e8955a7fbd2c6ae1a1c37b24c12f5dce15175dd9e203a3abd5bf9e736b1fc183d10c4540c5cf2cbe26768e94c1eab2ba3008b32d6d50716699c6bfcbec5bbeb94a054dbcd16d10f74972ca5fe53256cd0ade8f502eceaed633414a9bdb623035a234f65c6662a23d792cc0eeb21a1f55ebca26ffa1c56c96fbb7d870fc3ffb181de8398238ab1b5":"9c43ef522cab18022297d3d70fa491d03b975b844b76cedba35d8d885ddb2825e31fd5c101bd9e9a215520bb8cdddeb6ab2cf2dc86065179477d80f733016929d7334cdfdf818c1378a4b9428fa1ee2e525321f905d0b949d3abc9e93d3f30b077795338bd55c28a1ced134bb2d575bfa44b2fd8cf1d5c54168a12a1d6c511f62ca973cdb704c233487e1fd39e5adc8870af352ec3c6a6a64152fc82a1c16ecc43d1d5817f76a1b46a5fab9db8923311edd3cc032fed7eb6252e77db69d7bf9ee35dc4ddd0fbdb9a76afe25a82f4495aa4f072cef9b1247cb368bcc8677565a47095242702e6341281f506805e20e8c89e9af28adff21c804c70cab10ee2fe5212ec07987d13e7d4b60529611e4d33a062d724cdfb16cdc48b964ba07dfa2620d5a8805d0be93380850c66f3fada059802a5946bfe3b0b10e19a8289ec01f6514abb883bb53c49dadbba42d412ea264c8a5122fda1ea9b742289642b0ea34ceb76ae8256a97845d37594cfbff8c7a4430176223bacc3bef395ceda13fd211c71":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"e990c8835f18b18562323ba5096a4e7b99bd84899e5cdd1f3badb47cbf93f13678ef81dccc6703d98566c49b6d63eef51b67fcc20cc971ccf63ccaec580db17256a573c6c455b4508153629606ffe7a43e6ba3b1991b99ff5c0968033bec7ec629ba888b6f6c2cb2fb01fbdcfbc5a150abd35f9e6bd9bc82151b770a8dbbbffb":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"607b7731ecb232f9b8e9ea03be28cc1e948acc3ec12a1222ba0f63935440c3effeaf460d7066d260d174d0ed18a9193550000c2fa0119712fb1ab1e27b4e6f5f84be9b63a1ede17a01174060e2d9e46121cc5d10515a342a26649539341eb1b44b82e346a0102e7ca45be3149b5f1444bd7fdf43da441c59deb37da9a223bcd7a8244237bb5404ea532eb470e80891c0fe9403d12734100284e99cfd96de2ab4058529d91bf348c6cbdb7fcfeea3f9925e93efd6adb3ef6946008738f4577a49c42ac0203a2d982fd77cb421ae030b81b97dd04490605179626903471cf68835dd5e4ac41acfe54e048878df89db9c2de5f1e822266c325e0be0991c7f18cd3de4b2110e14f56100e45f8ba19edf917150c2074f379293f73cb587ff77ad63e4cbec9eeaed77ca90261b2813ae8e6533b09b223a68abe2beeec888088ff91fea5c63de3b55238aef018c368f98651572bc7b8cf3d14c15b24bb5534ae07a6c4c9d5ecd0b86961b550859036ba6fa8e50d06228d89bcc943581b26e302795d1e3":20:0 RSASSA-PSS Signature RSA-4096, SHA-224, Salt Length 20 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"11bafee5c6534fe14d973d2f60a674983434ee03ace7c4f1cd00444b723e455d40ffb722dda97ec25d488159fd79fdfa148620f446d2d353fb78d7aa0f2f1310cc712c6915dc57e7e3d86bd0f67a3b81c4a822b3b67edffd93f1a39a3cb2696d9b558642d6b38157c88d241bb172d3352ce21dc862b391f57eb4d3a26191ef7a":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"3742d8a9627e2e10145c31a3548977f87f8019b1d9093c42f806c8df5ef7fad8330e2a05846c346cb64d9e8af2cd3806eb0df40cd097b3f8841525786ed53746498aa565f8945cf55e24944e8e3d86eb219f65c3385e1e7d45fe3a403773f3057bf22839d5903cd64c95a417c00b429ee068f0fe8ec17305a122979cabee8c3ad31b597da7c71fa1db3da842f7f7048f4396e1768197ccd84c5d9a0450d66f0bc88da7605cc8cdfe52bce60793704dafea504349ff14c481bea73dd761c848387d12f2d1b9227a959fec8b9eef0e9780cb6a427af946597d7e6059a07d50e878d7ae14eed8b571ac88e1c5d1a00d16c0de1c5148ec5781036676c6355e0cbca06346eebaf6c7de938cedd47a244f908ba1189bfbd97bd2667e8eba95e007a64b165dbfc4bf35878cd606732fd469f922ec141e5bc6a7d5c1875233cff612d336c28466c271764ef94e9c07e701923f1f68f39e2f003487dbe41d5505862eb4e90402e50f7b3cb918ef3eff893d0f00b203e2a511cfea4ca54c043ed0598d022c947cad5129fc47f5e79db97a0eea5afd7bb801a367a7bb8d929de1c12a54865e1e183ed926bb8da9d454c7a52b30cfcfe9ed3479799276f4a65b30f430e61fcf520e46e4eb9bea59ba064e7c9c72c9b58bf4ff633897d3ea46d989cec31ce4fc32e46e5a3d1805c35a30b387fb77afe20dba19be37252e40b252d346b69d3cf2":20:0 RSASSA-PSS Signature RSA-4096, SHA-256, Salt Length 20 @@ -965,7 +965,7 @@ depends_on:MBEDTLS_SHA512_C pkcs1_rsassa_pss_sign:4096:"f00102d29990fb36bf66dcab57fa4e05745e307c031fe6acb86df4e0487bcb8fd929e227b6e1090a48befbd642f432ea1b6cff26c1aed9f18c04f68170dc1857786faa086fa00b43e0272a1042ee53566cbb48a04f109420e3501cf56222f7a9b51a7ffe2b97a8ea71e791e0bfb259514f953473130dbe41a7978fc385150f8f78748b90538c8906e24759ce2106ede4ac40eb26776cff5abf227673407d0910a9c3f6464d48569f1b8faa62d0b3b7156b059441e1f701751339fa8dfd218c343050e8a88293b6be0407ab2534815eee742c574cbb7469998b23439a23ca4104f563883f5a35ab88d789dcba4073aebf2e1855abb839908874c1a10f150d56b7":"dda4491b56bdad20f032c8a61bc326995ee7353c3f1b4c1e677aeb4b028e45bf6566fb20f3e82bac4169a970787b8cbafb06edd24a9bebe52704f242f7203ec96aee9a9f5ee76e270191f82e3651da663b80d51688c2d40ffa932ce2302322503664ae0260617e7b79d13e4a1dec1784647d7571c1390e86294f20937740f93e0ff1bdb0c1ff648ef152022bf5f54bfcbf24564cbca7a130fb5f56be921fcc7a3ebd51114968274ab13bcc3986137eb6949eff0d42b596f7baec56c94a67a2ec0aeff18dc044cf9500b525dc98efb9992b13f81e1b0bf4c2ac1da91e67c0847cbdaf268ced549c2febd08b661140af9bf45458d13d4717eb61de86b555856ad5":"cfcae49f88b80dc12186d53c57162dbecba6e348094f9fb3743e39d99d5355d87e3efca9d488d39d705671e58634309cbd7cf53fccd52d9a84edb99ffdad0680e9ec826d625728370717b39321c7d4b6882785cf6884275f6c7b6d681bfa710593679e99b67d5bc28121dd603617dc8cfdb2557c2a04533893f593f0f7e59cbe6d46623d22642a7161a4c685b293c7edcc9aaec48e3810ec74a884a41108610d000b591fbf5da44b5501e63781264edf3c73706321ecf44d0e14b5932a2d69ca3d180c5cee86b4ccad850c766e0beb5f20e6b142055d551aeb453bd099eac67eb92cf13e34ef0d0e34fc599a6e5d4d14f74e08190c66c66ad3473de9ae8f53dd2c1c0c41f4b4a8d4690f4b77354c76e05ab76b7a6c7c9edf0955fee799a2bb42c86c6a06631398d38cceb71ec9aaa9a0fb83850f62342f3f781f9d453229b1a709bbce83a44c225ebffd4f518f94a7935f4669f65d02ff3defbbd1d5efd9191365808cdf9460371ede1eae735af03f21431239d5cd57cc0cc88fb3965d187eba98359409aaa944a7af8e85e20b67c43c82e78fa967fc0d629bcd7483d17dcaa25915571a15c3f0c730e81095139d71a28858dd9d83b65bf9c9273a8a40b12a2c87107a71f984818f7dc766374d31b4c3a1d284adb2a17f8ac85dbe3f58cf78b14c0fdce00a79daf348aa0557290ef5f9dd305c15fa73d40c6822b75fda13ec43":"010001":MBEDTLS_MD_SHA512:MBEDTLS_MD_SHA512:"fc5b9da74a8afff53e53f7558b69fcad8a924d948cace26f6eeea2d96e71d6493cefdeee55ca22de8c504c70e93db5e6b7811c50d9449ead5d28e25254ce9590e09b16918ebc7283e66792f84164b38ddbcd17ca2912fa4a6d3fc81c87828d680ee8ad569f67d52b752131b63ae7e0ea1dfca5cc251cdf90c5bdbbfeb095a81b":"6f2841166a64471d4f0b8ed0dbb7db32161da13b":"6edfb6bfb20da2621e7ca0b8e13bfc3801d8bcb43ef3822be960b96a67d3e8afbbe2ef22e206b328ce99dd8f9758052d42a8ee93e16d8e160a50687e8ffce72d258610064ebde4c4cc2ab96c8e516ec2c1eed816c8e6ac537a0570c9eff81a38147bcd8f4747390676f9d755f613687ac59dbac14f69ca6e56a26727699fa11c200eb77339ead56fc6883acf9b92c6deb6f4d79f82ccdc493fedc6165f78c174adcf32941eeb237a4ae369dbbafb4553c98e413823f6f46da0d47d47a164b792aaf1324a8be4f01601bceb809f8c08f3458b1de2c6378cf93fb293212f6bd4a7b1fd1bfa14a1af29575a5ecc4281420179758e96b4465ec07f6cce4e5e5c2307d531e400e494725eb7dceb1d8dac1000d92f62f319534063c01aec9c6ec0c7675351f2883e462b0454db364f03700d6593c9be195fbea5800ebb81578c765409ac2c37f78fabe8783c5d324fa4dfabe4f192866e34037901615304237f08028a75f00a3904bea03219ef9dbfeb48d10ec59d481eb0429cfc9ae835cc578377e61023d5ceedfd3d0a05aceddb274c13782dda9299d6197519e14791208f8d86d63e0ab7fb42a1e14f8f37f49732e23d4b7d4f07cd0bc828649a12748e8d70f53683580bca87290992a349730370bbed6ed743e705759734872c54ff03c1a97037a7b9ee3c8c42d12c3ebe0c1bf3b42854d04a9177d1a24000bd388fa289fd77d5":20:0 RSASSA-PSS Signature RSA-2048, SHA-224, Salt Length 15 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pkcs1_rsassa_pss_sign:2048:"e28da1aa250390bc8fd27d6f601830febbdd5a309bcd5d1d3cebda111110851563d1fb4d141e8129bf25721aa144b104b7c5adbb8540f02a7402788ae72c93c9f59d6d1bcf1541c3354b5cd3dcb91e35ed100d78857cf2ab6ed04b2dc1cc81fa1307bb18c635fdacfb7f656d0b4743d9f487048a8aaf5d5ec6fd09a01b28d4b1":"dea1faf22b760cbfa9ba11a486edd9b9faee04f22f15abfff5b2c079a2c932cfa641660da16213adfbbb568ecbaac18511031f428cd3ae4e0bf01928a1db6360511c26501c7bda7bf4fc4cc792d79efb86ec15ba2fc82aa41bce08e0807859a41b57e9e3f15804c81bf8ed017dea62e53489f955949651ddcb1da5297465ac9f":"c5062b58d8539c765e1e5dbaf14cf75dd56c2e13105fecfd1a930bbb5948ff328f126abe779359ca59bca752c308d281573bc6178b6c0fef7dc445e4f826430437b9f9d790581de5749c2cb9cb26d42b2fee15b6b26f09c99670336423b86bc5bec71113157be2d944d7ff3eebffb28413143ea36755db0ae62ff5b724eecb3d316b6bac67e89cacd8171937e2ab19bd353a89acea8c36f81c89a620d5fd2effea896601c7f9daca7f033f635a3a943331d1b1b4f5288790b53af352f1121ca1bef205f40dc012c412b40bdd27585b946466d75f7ee0a7f9d549b4bece6f43ac3ee65fe7fd37123359d9f1a850ad450aaf5c94eb11dea3fc0fc6e9856b1805ef":"86c94f":MBEDTLS_MD_SHA224:MBEDTLS_MD_SHA224:"37ddd9901478ae5c16878702cea4a19e786d35582de44ae65a16cd5370fbe3ffdd9e7ee83c7d2f27c8333bbe1754f090059939b1ee3d71e020a675528f48fdb2cbc72c65305b65125c796162e7b07e044ed15af52f52a1febcf4237e6aa42a69e99f0a9159daf924bba12176a57ef4013a5cc0ab5aec83471648005d67d7122e":"463729b3eaf43502d9cff129925681":"7e628bcbe6ff83a937b8961197d8bdbb322818aa8bdf30cdfb67ca6bf025ef6f09a99dba4c3ee2807d0b7c77776cfeff33b68d7e3fa859c4688626b2441897d26e5d6b559dd72a596e7dad7def9278419db375f7c67cee0740394502212ebdd4a6c8d3af6ee2fd696d8523de6908492b7cbf2254f15a348956c19840dc15a3d732ef862b62ede022290de3af11ca5e79a3392fff06f75aca8c88a2de1858b35a216d8f73fd70e9d67958ed39a6f8976fb94ec6e61f238a52f9d42241e8354f89e3ece94d6fa5bfbba1eeb70e1698bff31a685fbe799fb44efe21338ed6eea2129155aabc0943bc9f69a8e58897db6a8abcc2879d5d0c5d3e6dc5eb48cf16dac8":15:0 RSASSA-PSS Signature RSA-2048, SHA-384, Salt Length 25 diff --git a/tests/suites/test_suite_pkcs5.data b/tests/suites/test_suite_pkcs5.data index 0b94699321..65043a45ee 100644 --- a/tests/suites/test_suite_pkcs5.data +++ b/tests/suites/test_suite_pkcs5.data @@ -19,23 +19,23 @@ depends_on:MBEDTLS_SHA1_C pbkdf2_hmac:MBEDTLS_MD_SHA1:"7061737300776f7264":"7361006c74":4096:16:"56fa6aa75548099dcc37d7f03425e0c3" PBKDF2 Python hashlib Test Vector #1 (SHA224) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":1:20:"3c198cbdb9464b7857966bd05b7bc92bc1cc4e6e" PBKDF2 Python hashlib Test Vector #2 (SHA224) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":2:20:"93200ffa96c5776d38fa10abdf8f5bfc0054b971" PBKDF2 Python hashlib Test Vector #3 (SHA224) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f7264":"73616c74":4096:20:"218c453bf90635bd0a21a75d172703ff6108ef60" PBKDF2 Python hashlib Test Vector #5 (SHA224) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pbkdf2_hmac:MBEDTLS_MD_SHA224:"70617373776f726450415353574f524470617373776f7264":"73616c7453414c5473616c7453414c5473616c7453414c5473616c7453414c5473616c74":4096:25:"056c4ba438ded91fc14e0594e6f52b87e1f3690c0dc0fbc057" PBKDF2 Python hashlib Test Vector #6 (SHA224) -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C pbkdf2_hmac:MBEDTLS_MD_SHA224:"7061737300776f7264":"7361006c74":4096:16:"9b4011b641f40a2a500a31d4a392d15c" PBKDF2 RFC 7914 Sec 11 Test Vector #1 (SHA256) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 43e4c53e4c..19b4db41ff 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -21,7 +21,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":0 RSA PKCS1 Verify v1.5 CAVS #4 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"867ac26e11a13b7ac34a42a1e177648692861226effb55bb597fbde10f299bf7fffd6fc8ddb2a46a73b97b67387a461b23e1d65dc119366286979add615b926b9272832fc0c058b946fc752dcffceca12233f4c63f7897cbaa08aa7e07cf02b5e7e3e5ece252bf2fe61d163bce84c0e0368454a98e9fdebf6edbd70b290d549b":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"3bb7b1c5f3391de4549e2e96fd33afa4d647dd90e321d9d576f3808e32213e948b697ef4fd2dd12923de6ec3ffd625078a57f86af38dc07052bb50547c616ed51fa1352b3ab66788408168d21263ef2d3388d567d2ce8cf674f45491ab2b0319d47be1266bda39e343b2a38ea2d6aaaee6c4465aee1d7bb33e93a1c40a8e3ae4":0 RSA PKCS1 Verify v1.5 CAVS #5 @@ -50,7 +50,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #11 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_MBEDTLS_SHA224_CSHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0 RSA PKCS1 Verify v1.5 CAVS #12 @@ -70,7 +70,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"224ecd3b630581da948216366c741015a9723c5ea43de67e28454d0a846f54a6df167a25cc500cf21f729aaefed6a71a3bdba438e12e20ad0c48396afe38568b70a3187f26098d6ac649a7c7ea68ed52748e7125225102216236a28f67753b077cfd8d9198b86b0b331027cb59b24b85fd92896e8f2ff5a1d11872c2e6af6ae2":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"1f7938b20a9cd8bb8ca26bad9e79ea92373174203f3ab212a06de34a9a3e14e102d19a8878c28a2fc8083a97c06b19c1ae62678289d5d071a904aed1d364655d9e2d16480a6fd18f4c8edf204844a34d573b1b988b82d495caefd9298c1635083e196a11f4a7df6a7e3cc4db7b9642e7682d22ec7038c3bad791e1365fe8836976092460e6df749dc032baf1e026684f55936beb9369845c53c3d217941c1f8d8f54a32333a4c049c3f2d527125778032f5d390040d1d4cce83dc353ce250152":0 RSA PKCS1 Verify v1.5 CAVS #16 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"6ecc722d233dad1aca45e6bc3e1a0b99fb1f89c0ec63bc657e6aaacbf931f267106cff42b712819f341b1ede798964a0b1a5032c198b391111e88d0d7303c02e23fa0137e74e604579a285b2dbc0a23aebdda65c371eb403125bd366e822e72dceffe0d55dfa3155c16283020dc9abb0d150da1aef251484aa49e49e00974dac":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"3":"339dce3a1937669d9fb14c4f652378861fd5adc4da88eaf833b16020b55a24ddc83b7ae3395a9a49b426bb9a4170cb765b02652faa9594b457aeefdae4f802e93d8e65c687ddc723701465a5ef19249ed5d2617b5121c58557b34eb99a663bbcf4453a6e1db5d88723de449fcf58ca8ef514daf08cfdc71be155bb3d0724df0c0a6fd5aa7737433cc376640b9b8b4c7ddd09776bae0245729cddb56e36f28edad6aecaed0821ec8d843a96348e722bf0a84cf060a793a2179f054138f907d0c3":0 RSA PKCS1 Verify v1.5 CAVS #17 @@ -94,11 +94,11 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"ac58fd024208d7f045d81a56cd55aad40ab86b0d216ab55136c7027aca23ea13480a52c0dacce0d98139b25965aa4ff76a41dd92037195d24bc0750d52cb3467b48b7b3e71d852c5f82bd9ee85a8388ead5cd8bc38c3d4792e8daa9734a137d31963e245ad3217fad235f7dfd5584de0fe91c4526568588e08b60bdf1badd99f":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"a142b0d9456f8f4772675265a08613a66c416bd1ae712975c69d9ca5fb8c1be9c24359a04fd15460bf6136a8a11f13e3ce2de2171524f10cb715f0d71e3db15281ab99eadbe86cf8c5c518162c638ef27a4f7bfb4a1a3873f3c384a5b1c3b4966c837b9d8d192ac34e03943b7ae191355aa1ff3b9cd041bb2668f1f81cf0d015b3d3608cd9ac79398212c0f132f1bd45d47768b999fcf3c05fe2069593ceecedc851a7fc465abcfef0fabba9b9460153f6ba8723a5c6e766c83a446aef3ee327":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #22 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"027f767928a5821e2723d6f36c43e6b498b6f0b381852571794a096bd49f1c36a4d7bacec7ec402c24b970163169173bb930ec7fdc39bc9457dfc4ca051f5f28a64de1bbe007c22e8368ff9b117dbda17efd2fb73434bbbf5a4158df56813b8c904bb2e779de504dcd974a291568210d6f85810291606a1c0cd88d51ceadf98a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"0676e64daaa18f4af46e9dfbe234db389b8a527b0fe1db97eb7f404e3155226cba70d318800f83160fa1aa19916e5c09f079331079f18cb8ab1a4b884cb28501824974f683ed2b9babae9f8c15bea30802805c6b2152119764811bbf5f3994d2e97fa2fe8c5ab15a23c14d7ae56be00eaa8bc26678481ff5ba59b0acfb0e43341bff9fc638e5625480a73dbc5d8d13bd2b9e64037c6b79df0c60869980c6a22ec46f80fb859cb4ee5d2032ac1fe538cfd85c70a7f33b4af50a93395917c2cfb6":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #23 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"06dcd9d4c056b6a45b9ed2ae5f6c1cfa43aae06fe01ee098264aa7a80e901abbcf9a505e55f9a352ef0c078d48249b8298e57ea21bf0e423c3bf69002acfa541ca05007c704bc79cee7a80e1107c7b28d2b2aa6dd093b28efe9642519952a4a95ee49235f9924a0ac0aee5b2a1bce47459d70cd6e75074614199dca44561407c":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"10001":"5e08f399258e6de075b67a0a6a822ceb21b1eb7a0342eca6a4295739f644547dee3456243cf32bd6ea6f357c88632508457130f3dae04f7806efaed43d1d501e16c961dfbd6c71a42b480e95c7027f8275063d05a9aac3eef0520867b9896ebe8ec358f7d121beb4e61ddfdc3dcd835dfe265f2ba68d300ef566ed1284f9f3d7b1af363ed47bfa2e5f0492925444df7e5fcb1e79e690c746117650b543a5e82c39553552f0f44e617b5cf773c533050f4129e893ac22af69b1eb9afb4b5ba5f5":0 RSA PKCS1 Verify v1.5 CAVS #24 @@ -118,7 +118,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"4871adc05f6b3ecf296680b0dd8d86715b0d5264c064008037dc410512520b5f193c8f4d21eb6c42e10d220c0275c9b3751f03a4096e2f0e3db9df8d52068c06a51589d23ca1361e9fe27691e95663301ec1407fbf73aee99cc92362eaf6994b95038396d815052a0aef6489bbb7bcb0fffdf13f0af9e7d9fd14f6ce00ab98f7":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"180caf03781b391aacebe5b3f5e1d3b01c68a00df4ecfb6c4bf14217aed7cfca0adac099ec1d6e1f0b43b09b86788533fee6691d773807af0df6cc3bbdde3cf34bf5b848fa59c8bc10227cc3eba3452a85e0520fccdb2d8d32dd99672d302756a2d7f7f2693db3a48be17bd34d9d891f4ba44449c5bad1de91b788f524500a7703cccbaa77b9fe8791f5c8aa7b8f055336f28fcfc01733712e33cfb3d33fe71ddb9ced2a31931ec38007f5ad4a0d19acc428124b0e5ee6e0746fb33c1a4d90c8":0 RSA PKCS1 Verify v1.5 CAVS #28 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"3bba64de38438a71b95ab9c94539d5870c1fb08d7a9937600c00e9d063438edc97e625d0cd4b1eb00c31c9d94c7a0fe6d03160d1b6cbec5acdad16ada6ef253fee603df9faca8f98a477cc5456f3dfbf6414dbf19f3832e227ce291780188881e82e96a2e84744f12a34a9808a2daedc6fd00b345c6772bec26a095719451e6a":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1536:16:"a59d9b7269b102b7be684ec5e28db79992e6d3231e77c90b78960c2638b35ef6dbdac1ac59e7249d96d426e7f99397eabc6b8903fe1942da580322b98bafacd81bb911c29666f83886a2a2864f3552044300e60cedd5a8c321c43e280413dc41673c39a11b98a885486f8187a70f270185c4c12bc48a1968305269776c070ef69d4913589a887c4d0f5e7dd58bd806d0d49a14a1762c38665cef4646ff13a0cd29c3a60460703c3d051d5b28c660bffb5f8bd43d495ffa64175f72b8abe5fddd":16:"11":"8c846e75e32ce5f9964bdd8f6dcf1d2996a646b233bcf1bd6394e13e856691b89bedd18290a0f9f7c90dca307271b3108e795340490513b25e6789e93722c65ec064b4c43457295a31d1f07dd605e133fd6eaafc58cda132df2939f5f693e0205af34550afaa137f3e482885e50dfb48333a15c0821e7a19642acdddc6fea3c7487c691246a2b083dac439889d5ae741b7e08c47937530b4b069f1a260cd07fe4a0ddd530ab11534fb805e9b562118ee0e97932966008aadfc83f3b8a10de8ee":0 RSA PKCS1 Verify v1.5 CAVS #29 @@ -205,11 +205,11 @@ depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA256:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"5aee2b9dbc02a6a2d87ff64a64165dc0b9ce70c79bab2d287939e2601c3223e0493988d5468731ae4edc7d5f5d449335c204fdb0e192c1915c9d694d3a61c3be14df79c4b34d6ac73707829024d263c94f9107fa93f3783de3965522336e18d1e01a142b5103451bb97839eaf2f44703a63050a36b78aef4072ea1a8daaaf1a2918fc03ee957a9c09efdc6287bcb4d6aec4723290294b249b3e3dc63157b560ad9c867323a73ebeb360cc9e482111643b0d86c4e33dcf170155590f0eba7d170789e84de336b7fe2f6cf485ddca94607a4ff379fc49d375c730249dd1a210e7dccd763d1c23c7532e769c6aa88e38e8654ff90f7b34df4c07ba90e89099ec1ed":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Sign #3 (SHA224, 2048 bits RSA) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #3 Verify -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"9d768b8b31421f9d9ced890aafaf8b3468656419049ed268f6e1992066f45dc3e4cd349e8c5ed5a06e4ef5badaba064ba94907dfedf3d708becaf44ae9b27c3866d329311ba93e8ddc7fc284fba05d1bb84fb1e060a5b76b7fa515cfcd2c8144474623672703cac1e15ff4fdf8ef19d365c51ba86e60f4cbbcd07f956060625751bfbecc47945646459cadaddd900603a8149a93b31a6d432e1da1a67eb765f5b2f0bd1adb9af12d731c7b02931b42dbbfd8c7cecde76b817e96f664147a2c5091c6ce4dc562c5f57159d6f9dc9ba2daa212db56677839621bd4805dde62955fb2d0cc2c448109d10ecc6206ea81f0a02e1646471358f3ec146cd3c75f2d390b":0 RSA PKCS1 Sign #4 (SHA384, 2048 bits RSA) diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index f3477ec78e..a2028fba8d 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -121,7 +121,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA224_C */ void sha224( data_t * src_str, data_t * hash ) { unsigned char output[57]; diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data index d9d4bda7e3..9e2ae013a8 100644 --- a/tests/suites/test_suite_x509write.data +++ b/tests/suites/test_suite_x509write.data @@ -3,7 +3,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha1":MBEDTLS_MD_SHA1:0:0:0:0 Certificate Request check Server1 SHA224 -depends_on:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha224":MBEDTLS_MD_SHA224:0:0:0:0 Certificate Request check Server1 SHA256 From b86e588911781d5a4590e63ccdaead7439ec0a16 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:14:25 +0100 Subject: [PATCH 023/271] Remove unused MBEDTLS_ERR_SSL_UNKNOWN_CIPHER The SSL error code MBEDTLS_ERR_SSL_UNKNOWN_CIPHER is unused. Remove it for Mbed TLS 3.0 and leave a comment indicating the gap in the error code space it creates. Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 2 +- include/mbedtls/ssl.h | 2 +- library/error.c | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 7936f6b786..6b42b22e79 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -107,7 +107,7 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 32 + * SSL 7 31 (Started from 0x7080, gap at 0x7300) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2350910756..aaddd7f466 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -67,7 +67,7 @@ #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -#define MBEDTLS_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ +/* NOTE: Error space gap */ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ diff --git a/library/error.c b/library/error.c index a176deb8c5..48e99249f6 100644 --- a/library/error.c +++ b/library/error.c @@ -374,8 +374,6 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "SSL - An invalid SSL record was received" ); case -(MBEDTLS_ERR_SSL_CONN_EOF): return( "SSL - The connection indicated an EOF" ); - case -(MBEDTLS_ERR_SSL_UNKNOWN_CIPHER): - return( "SSL - An unknown cipher was received" ); case -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN): return( "SSL - The server has no ciphersuites in common with the client" ); case -(MBEDTLS_ERR_SSL_NO_RNG): From eca840f71ddda389e2d46af7a02b29dbd1049d12 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:19:55 +0100 Subject: [PATCH 024/271] Remove unused MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED The SSL error code MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED is unused. Remove it for Mbed TLS 3.0. The code being unused comes as a surprise, at is seems to be reasonable to report it to the user upon peer CRT verification failure. However, this study (can potentially re-introduction of the code) can be left for 3.x, while the error code removal can only happen in 3.0. Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 3 ++- include/mbedtls/ssl.h | 2 +- library/error.c | 2 -- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 6b42b22e79..591692761e 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -107,7 +107,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 31 (Started from 0x7080, gap at 0x7300) + * SSL 7 30 (Started from 0x7080, gaps at + * 0x7300, 0x7800) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index aaddd7f466..2dd6cc4551 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -77,7 +77,7 @@ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -#define MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ +/* NOTE: Error space gap */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ diff --git a/library/error.c b/library/error.c index 48e99249f6..1b050df3de 100644 --- a/library/error.c +++ b/library/error.c @@ -392,8 +392,6 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "SSL - An unexpected message was received from our peer" ); case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE): return( "SSL - A fatal alert message was received from our peer" ); - case -(MBEDTLS_ERR_SSL_PEER_VERIFY_FAILED): - return( "SSL - Verification of our peer failed" ); case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY): return( "SSL - The peer notified us that the connection is going to be closed" ); case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO): From 91e1cc3bd7dcfe89dd0c9c2d6ad7041f839c5c31 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:28:49 +0100 Subject: [PATCH 025/271] Remove MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE error code This error is used when the output buffer isn't large enough to hold our own certificate. In the interest of cleaning up the error space for 3.0, this commit removes MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE and replaces its single use by MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL. Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/error.c | 2 -- library/ssl_tls.c | 2 +- 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 591692761e..c219d672e9 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -107,8 +107,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 30 (Started from 0x7080, gaps at - * 0x7300, 0x7800) + * SSL 7 29 (Started from 0x7080, gaps at + * 0x7300, 0x7500, 0x7800) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2dd6cc4551..107a40ea88 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -71,7 +71,7 @@ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -#define MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message. */ +/* NOTE: Error space gap */ #define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ #define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ diff --git a/library/error.c b/library/error.c index 1b050df3de..039e7be5b9 100644 --- a/library/error.c +++ b/library/error.c @@ -380,8 +380,6 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "SSL - No RNG was provided to the SSL module" ); case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): return( "SSL - No client certification received from the client, but required by the authentication mode" ); - case -(MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE): - return( "SSL - Our own certificate(s) is/are too large to send in an SSL message" ); case -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED): return( "SSL - The own certificate is not set, but needed by the server" ); case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 75faf22adf..422df9944c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1964,7 +1964,7 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "certificate too large, %" MBEDTLS_PRINTF_SIZET " > %" MBEDTLS_PRINTF_SIZET, i + 3 + n, (size_t) MBEDTLS_SSL_OUT_CONTENT_LEN ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE ); + return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } ssl->out_msg[i ] = (unsigned char)( n >> 16 ); From 6c780469609da63915ec9930efb2a8ee0985799c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:35:50 +0100 Subject: [PATCH 026/271] Remove uses of MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH The error code MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH is only returned from the internal function ``` mbedtls_ssl_set_calc_verify_md() ``` Moreover, at every call-site of this function, it is only checked whether the return value is 0 or not, while the exact return value is irrelevant. The behavior the library is therefore unchanged if we return 1 instead of MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH in `mbedtls_ssl_set_calc_verify_md()`. This commit makes this change. Signed-off-by: Hanno Becker --- library/ssl_tls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 422df9944c..aceeb45dff 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6998,14 +6998,14 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + return( 1 ); switch( md ) { #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + return( 1 ); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_SSL_HASH_SHA1: @@ -7024,7 +7024,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) break; #endif default: - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + return( 1 ); } return 0; @@ -7032,7 +7032,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) (void) ssl; (void) md; - return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH; + return( 1 ); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } From 56ee9e5f141bb5cf3d0468fa09b6de7f5b19daf6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:36:02 +0100 Subject: [PATCH 027/271] Remove MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH This commit removes the unused error code ``` MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH ``` from the public API for Mbed TLS 3.0. Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 3 ++- include/mbedtls/ssl.h | 2 +- library/error.c | 2 -- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index c219d672e9..776013ff32 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -106,7 +106,8 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 24 (Started from top, plus 0x6000) + * SSL 6 23 (Started from top, plus 0x6000, gaps at + * 0x6600) * SSL 7 29 (Started from 0x7080, gaps at * 0x7300, 0x7500, 0x7800) * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 107a40ea88..691b0ee519 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -111,7 +111,7 @@ #define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ #define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ -#define MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH -0x6600 /**< Couldn't set the hash for verifying CertificateVerify */ +/* NOTE: Error space gap */ #define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ #define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ diff --git a/library/error.c b/library/error.c index 039e7be5b9..14aaf3d092 100644 --- a/library/error.c +++ b/library/error.c @@ -456,8 +456,6 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "SSL - Record header looks valid but is not expected" ); case -(MBEDTLS_ERR_SSL_NON_FATAL): return( "SSL - The alert message received indicates a non-fatal error" ); - case -(MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH): - return( "SSL - Couldn't set the hash for verifying CertificateVerify" ); case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING): return( "SSL - Internal-only message signaling that further message-processing should be done" ); case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS): From 9cfe6e977d14bdc56f80e6f06a757ca7ccd42da2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:38:24 +0100 Subject: [PATCH 028/271] Assert presence of server certificate in Certificate writer The server-side `Certificate` handshake message writer checks whether a certificate is present, and if not fails with: ``` MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ``` This should never happen, since the library checks the presence of a suitable certificate before picking a ciphersuite. It is therefore more suitable to convert this check into an assertion, and fail with MBEDTLS_ERR_SSL_INTERNAL_ERROR upon failure. Signed-off-by: Hanno Becker --- library/ssl_tls.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index aceeb45dff..fd77dc3d3a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1936,8 +1936,9 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) { if( mbedtls_ssl_own_cert( ssl ) == NULL ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); - return( MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED ); + /* Should never happen because we shouldn't have picked the + * ciphersuite if we don't have a certificate. */ + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } #endif From 3268d84313e16297b4f21ab251d5c5436e72d04c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 30 Apr 2021 05:41:12 +0100 Subject: [PATCH 029/271] Remove unused error code MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED After the previous commit, the code is no longer used and can be removed for Mbed TLS 3.0. Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/error.c | 2 -- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 776013ff32..73d155bb66 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -108,8 +108,8 @@ * CIPHER 6 8 (Started from 0x6080) * SSL 6 23 (Started from top, plus 0x6000, gaps at * 0x6600) - * SSL 7 29 (Started from 0x7080, gaps at - * 0x7300, 0x7500, 0x7800) + * SSL 7 28 (Started from 0x7080, gaps at + * 0x7300, 0x7500, 0x7580, 0x7800) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 691b0ee519..3ad19275ce 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -72,7 +72,7 @@ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ /* NOTE: Error space gap */ -#define MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ +/* NOTE: Error space gap */ #define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ diff --git a/library/error.c b/library/error.c index 14aaf3d092..3a84366327 100644 --- a/library/error.c +++ b/library/error.c @@ -380,8 +380,6 @@ const char * mbedtls_high_level_strerr( int error_code ) return( "SSL - No RNG was provided to the SSL module" ); case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): return( "SSL - No client certification received from the client, but required by the authentication mode" ); - case -(MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED): - return( "SSL - The own certificate is not set, but needed by the server" ); case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): return( "SSL - The own private key or pre-shared key is not set, but needed" ); case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED): From 0ec05ec75b95b14e7575516845b34a0a65c87637 Mon Sep 17 00:00:00 2001 From: Martino Facchin Date: Tue, 4 May 2021 11:47:36 +0200 Subject: [PATCH 030/271] mbed-os: allow storing certificates in filesystem mbed-os doesn't provide "dirent.h"; replace it with "mbed_retarget.h" in case MBEDTLS_FS_IO is defined Part of https://github.com/ARMmbed/mbed-os/pull/13863. Fixes https://github.com/ARMmbed/mbed-os/pull/13863/files#r601617986 Signed-off-by: Martino Facchin --- library/x509_crt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/x509_crt.c b/library/x509_crt.c index 7aefaa7432..b4fe8863a6 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -74,7 +74,11 @@ #if !defined(_WIN32) || defined(EFIX64) || defined(EFI32) #include #include +#if defined(__MBED__) +#include +#else #include +#endif /* __MBED__ */ #endif /* !_WIN32 || EFIX64 || EFI32 */ #endif From e0de27729e6afc076f5560c7a408af797465c392 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 6 May 2021 11:34:07 +0200 Subject: [PATCH 031/271] Changelog entry for no longer explicitly invoking python2 Signed-off-by: Gilles Peskine --- ChangeLog.d/make-generate-tests-python.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/make-generate-tests-python.txt diff --git a/ChangeLog.d/make-generate-tests-python.txt b/ChangeLog.d/make-generate-tests-python.txt new file mode 100644 index 0000000000..4b9009d6f8 --- /dev/null +++ b/ChangeLog.d/make-generate-tests-python.txt @@ -0,0 +1,3 @@ +Changes + * When building the test suites with GNU make, invoke python3 or python, not + python2, which is no longer supported upstream. From 99cce1dd4fe7b18b8c219a52ba49f51e6e48acb6 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 6 May 2021 11:36:50 +0200 Subject: [PATCH 032/271] Remove copy-pasted definition of PYTHON that wasn't used Signed-off-by: Gilles Peskine --- programs/fuzz/Makefile | 2 -- 1 file changed, 2 deletions(-) diff --git a/programs/fuzz/Makefile b/programs/fuzz/Makefile index fa17918fad..084fc241ec 100644 --- a/programs/fuzz/Makefile +++ b/programs/fuzz/Makefile @@ -20,8 +20,6 @@ endif DLEXT ?= so EXEXT= SHARED_SUFFIX= -# python2 for POSIX since FreeBSD has only python2 as default. -PYTHON ?= python2 # Zlib shared library extensions: ifdef ZLIB From 6326a8dd37990beff4b488aff1ea7f9138edcf91 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 10 May 2021 13:51:53 +0200 Subject: [PATCH 033/271] Fix SHA definitions and their dependencies in library and test suites. Rework SHA224 and SHA283 documentation. Define MBEDTLS_SHAxxx_C options in alphabetic order. Fix SHA224 and SHA384 dependencies in test suites. Signed-off-by: Mateusz Starzyk --- configs/config-ccm-psk-tls1_2.h | 2 +- configs/config-mini-tls1_1.h | 2 +- configs/config-no-entropy.h | 4 +- configs/config-psa-crypto.h | 58 +++++---- configs/config-suite-b.h | 4 +- configs/config-symmetric-only.h | 4 +- configs/config-thread.h | 2 +- include/mbedtls/config.h | 57 +++++---- include/mbedtls/sha512.h | 4 +- include/mbedtls/ssl.h | 2 +- library/oid.c | 8 +- library/sha256.c | 1 - library/ssl_ciphersuites.c | 57 +++------ library/ssl_cookie.c | 2 +- programs/test/query_config.c | 16 ++- tests/suites/test_suite_hmac_drbg.misc.data | 8 +- .../test_suite_hmac_drbg.no_reseed.data | 118 +++++++++--------- tests/suites/test_suite_md.data | 64 +++++----- tests/suites/test_suite_oid.data | 2 +- tests/suites/test_suite_pkparse.data | 72 +++++------ tests/suites/test_suite_rsa.data | 2 +- tests/suites/test_suite_shax.data | 14 +-- tests/suites/test_suite_ssl.data | 2 +- tests/suites/test_suite_x509parse.data | 30 ++--- 24 files changed, 269 insertions(+), 266 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index db730f2b18..09223b9bdb 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -48,8 +48,8 @@ #define MBEDTLS_ENTROPY_C #define MBEDTLS_MD_C #define MBEDTLS_NET_C -#define MBEDTLS_SHA256_C #define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h index 8e90e88c8c..0d58e49287 100644 --- a/configs/config-mini-tls1_1.h +++ b/configs/config-mini-tls1_1.h @@ -56,8 +56,8 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_RSA_C #define MBEDTLS_SHA1_C -#define MBEDTLS_SHA256_C #define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index 066048e5a4..d4948de991 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -73,10 +73,10 @@ #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PLATFORM_C #define MBEDTLS_RSA_C -#define MBEDTLS_SHA256_C #define MBEDTLS_SHA224_C -#define MBEDTLS_SHA512_C +#define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C +#define MBEDTLS_SHA512_C #define MBEDTLS_VERSION_C #define MBEDTLS_X509_USE_C #define MBEDTLS_X509_CRT_PARSE_C diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 51f4e0580d..2d09c15e27 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -1249,17 +1249,6 @@ */ //#define MBEDTLS_SHA256_SMALLER -/** - * \def MBEDTLS_SHA384_C - * - * Enable the SHA-384 option of the SHA-512 module. - * - * Requires: MBEDTLS_SHA512_C - * - * Comment to disable SHA-384 - */ -#define MBEDTLS_SHA384_C - /** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * @@ -2623,10 +2612,30 @@ */ #define MBEDTLS_SHA1_C +/** + * \def MBEDTLS_SHA224_C + * + * Enable the SHA-224 cryptographic hash algorithm. + * + * Requires: MBEDTLS_SHA256_C. Library does not support enabling + * SHA-224 without SHA-256. Future version will have + * this option disabled by default. + * + * Module: library/sha256.c + * Caller: library/md.c + * library/ssl_cookie.c + * + * This module adds support for SHA-224. + */ +#define MBEDTLS_SHA224_C + /** * \def MBEDTLS_SHA256_C * - * Enable the SHA-256 cryptographic hash algorithms. + * Enable the SHA-256 cryptographic hash algorithm. + * + * Requires: MBEDTLS_SHA224_C. Library does not support enabling + * SHA-256 without SHA-224. * * Module: library/sha256.c * Caller: library/entropy.c @@ -2636,28 +2645,25 @@ * library/ssl_tls.c * * This module adds support for SHA-256. - * This module is required for SHA-244. * This module is required for the SSL/TLS 1.2 PRF function. */ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA224_C + * \def MBEDTLS_SHA384_C * - * Enable the SHA-224 cryptographic hash algorithms. + * Enable the SHA-384 cryptographic hash algorithm. * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c + * Requires: MBEDTLS_SHA512_C + * + * Module: library/sha512.c + * Caller: library/md.c * library/ssl_cli.c * library/ssl_srv.c - * library/ssl_tls.c * - * Requires: MBEDTLS_SHA256_C - * This module adds support for SHA-224. - * This module is required for the SSL/TLS 1.2 PRF function. + * Comment to disable SHA-384 */ -#define MBEDTLS_SHA224_C +#define MBEDTLS_SHA384_C /** * \def MBEDTLS_SHA512_C @@ -2667,14 +2673,14 @@ * Module: library/sha512.c * Caller: library/entropy.c * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c + * library/ssl_tls.c + * library/ssl_cookie.c * * This module adds support for SHA-512. - * This module is required for SHA-384. */ #define MBEDTLS_SHA512_C + /** * \def MBEDTLS_SSL_CACHE_C * diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 5fee1d1726..9466845d67 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -63,10 +63,10 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -#define MBEDTLS_SHA256_C #define MBEDTLS_SHA224_C -#define MBEDTLS_SHA512_C +#define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C +#define MBEDTLS_SHA512_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C #define MBEDTLS_SSL_TLS_C diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index c883596f4a..9b69dfe0d3 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -84,10 +84,10 @@ #define MBEDTLS_PSA_ITS_FILE_C #define MBEDTLS_RIPEMD160_C #define MBEDTLS_SHA1_C -#define MBEDTLS_SHA256_C #define MBEDTLS_SHA224_C -#define MBEDTLS_SHA512_C +#define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C +#define MBEDTLS_SHA512_C //#define MBEDTLS_THREADING_C #define MBEDTLS_TIMING_C #define MBEDTLS_VERSION_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 1deb8a5687..331403791f 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -67,8 +67,8 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -#define MBEDTLS_SHA256_C #define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C #define MBEDTLS_SSL_COOKIE_C #define MBEDTLS_SSL_CLI_C #define MBEDTLS_SSL_SRV_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 0787b5f4b4..ea3e321d14 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1448,17 +1448,6 @@ */ //#define MBEDTLS_SHA512_SMALLER -/** - * \def MBEDTLS_SHA384_C - * - * Enable the SHA-384 option of the SHA-512 module. - * - * Requires: MBEDTLS_SHA512_C - * - * Comment to disable SHA-384 - */ -#define MBEDTLS_SHA384_C - /** * \def MBEDTLS_SSL_ALL_ALERT_MESSAGES * @@ -3104,10 +3093,30 @@ */ #define MBEDTLS_SHA1_C +/** + * \def MBEDTLS_SHA224_C + * + * Enable the SHA-224 cryptographic hash algorithm. + * + * Requires: MBEDTLS_SHA256_C. Library does not support enabling + * SHA-224 without SHA-256. Future version will have + * this option disabled by default. + * + * Module: library/sha256.c + * Caller: library/md.c + * library/ssl_cookie.c + * + * This module adds support for SHA-224. + */ +#define MBEDTLS_SHA224_C + /** * \def MBEDTLS_SHA256_C * - * Enable the SHA-256 cryptographic hash algorithms. + * Enable the SHA-256 cryptographic hash algorithm. + * + * Requires: MBEDTLS_SHA224_C. Library does not support enabling + * SHA-256 without SHA-224. * * Module: library/sha256.c * Caller: library/entropy.c @@ -3117,28 +3126,25 @@ * library/ssl_tls.c * * This module adds support for SHA-256. - * This module is required for SHA-244. * This module is required for the SSL/TLS 1.2 PRF function. */ #define MBEDTLS_SHA256_C /** - * \def MBEDTLS_SHA224_C + * \def MBEDTLS_SHA384_C * - * Enable the SHA-224 cryptographic hash algorithms. + * Enable the SHA-384 cryptographic hash algorithm. * - * Module: library/sha256.c - * Caller: library/entropy.c - * library/md.c + * Requires: MBEDTLS_SHA512_C + * + * Module: library/sha512.c + * Caller: library/md.c * library/ssl_cli.c * library/ssl_srv.c - * library/ssl_tls.c * - * Requires: MBEDTLS_SHA256_C - * This module adds support for SHA-224. - * This module is required for the SSL/TLS 1.2 PRF function. + * Comment to disable SHA-384 */ -#define MBEDTLS_SHA224_C +#define MBEDTLS_SHA384_C /** * \def MBEDTLS_SHA512_C @@ -3148,11 +3154,10 @@ * Module: library/sha512.c * Caller: library/entropy.c * library/md.c - * library/ssl_cli.c - * library/ssl_srv.c + * library/ssl_tls.c + * library/ssl_cookie.c * * This module adds support for SHA-512. - * This module is required for SHA-384. */ #define MBEDTLS_SHA512_C diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 5e6a855c87..a348fc1b53 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -101,8 +101,8 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \param is384 Determines which function to use. This must be * either \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is not defined, - * \p is384 must be \c 0, or the function will return + * \note When \c MBEDTLS_SHA384_C is defined, + * \p is384 must be \c 1, or the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2350910756..7ed99e0181 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -827,7 +827,7 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl ); #if defined(MBEDTLS_SHA256_C) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA256 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 32 -#elif defined(MBEDTLS_SHA512_C) +#elif defined(MBEDTLS_SHA384_C) #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE MBEDTLS_MD_SHA384 #define MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN 48 #elif defined(MBEDTLS_SHA1_C) diff --git a/library/oid.c b/library/oid.c index fe4636632c..4ad8b29b6a 100644 --- a/library/oid.c +++ b/library/oid.c @@ -357,11 +357,13 @@ static const oid_sig_alg_t oid_sig_alg[] = MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA, }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { { ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" }, MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA, }, +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) { { ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" }, MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA, @@ -672,11 +674,13 @@ static const oid_md_hmac_t oid_md_hmac[] = MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { { ADD_LEN( MBEDTLS_OID_HMAC_SHA384 ), "hmacSHA384", "HMAC-SHA-384" }, MBEDTLS_MD_SHA384, }, +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) { { ADD_LEN( MBEDTLS_OID_HMAC_SHA512 ), "hmacSHA512", "HMAC-SHA-512" }, MBEDTLS_MD_SHA512, diff --git a/library/sha256.c b/library/sha256.c index 264d33ae9a..8f18af46fb 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -103,7 +103,6 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst, int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 ) { SHA256_VALIDATE_RET( ctx != NULL ); - SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); #if defined(MBEDTLS_SHA224_C) SHA256_VALIDATE_RET( is224 == 0 || is224 == 1 ); diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 8dcb04fb9a..4343b1186d 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1675,8 +1675,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1684,8 +1683,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA, @@ -1714,8 +1712,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1723,8 +1720,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_RSA_PSK, @@ -1753,8 +1749,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384,MBEDTLS_KEY_EXCHANGE_PSK, @@ -1762,8 +1757,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_PSK, @@ -1792,8 +1786,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1801,8 +1794,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_RSA, @@ -1831,8 +1823,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1840,8 +1831,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA, @@ -1870,8 +1860,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK, @@ -1892,8 +1881,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1901,8 +1889,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, @@ -1931,8 +1918,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1940,8 +1926,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384, "TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA, @@ -1970,8 +1955,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -1979,8 +1963,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_RSA, @@ -2009,8 +1992,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_GCM_C) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384", MBEDTLS_CIPHER_ARIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, @@ -2018,8 +2000,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, #endif -#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA512_C) && \ - defined(MBEDTLS_SHA384_C)) +#if (defined(MBEDTLS_CIPHER_MODE_CBC) && defined(MBEDTLS_SHA384_C)) { MBEDTLS_TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384, "TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384", MBEDTLS_CIPHER_ARIA_256_CBC, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DHE_PSK, diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index 22484f7f4d..ee2085d3e7 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -48,7 +48,7 @@ #define COOKIE_MD MBEDTLS_MD_SHA224 #define COOKIE_MD_OUTLEN 32 #define COOKIE_HMAC_LEN 28 -#elif defined(MBEDTLS_SHA512_C) +#elif defined(MBEDTLS_SHA384_C) #define COOKIE_MD MBEDTLS_MD_SHA384 #define COOKIE_MD_OUTLEN 48 #define COOKIE_HMAC_LEN 28 diff --git a/programs/test/query_config.c b/programs/test/query_config.c index f4252372b6..2acb4d60df 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -2067,6 +2067,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA1_C */ +#if defined(MBEDTLS_SHA224_C) + if( strcmp( "MBEDTLS_SHA224_C", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA224_C ); + return( 0 ); + } +#endif /* MBEDTLS_SHA224_C */ + #if defined(MBEDTLS_SHA256_C) if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 ) { @@ -2075,13 +2083,13 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA224_C) - if( strcmp( "MBEDTLS_SHA224_C", config ) == 0 ) +#if defined(MBEDTLS_SHA384_C) + if( strcmp( "MBEDTLS_SHA384_C", config ) == 0 ) { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA224_C ); + MACRO_EXPANSION_TO_STR( MBEDTLS_SHA384_C ); return( 0 ); } -#endif /* MBEDTLS_SHA224_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA512_C) if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 ) diff --git a/tests/suites/test_suite_hmac_drbg.misc.data b/tests/suites/test_suite_hmac_drbg.misc.data index a5a22badc2..c513f3dbf7 100644 --- a/tests/suites/test_suite_hmac_drbg.misc.data +++ b/tests/suites/test_suite_hmac_drbg.misc.data @@ -11,7 +11,7 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA256 HMAC_DRBG entropy usage SHA-384 -depends_on:MBEDTLS_SHA384_C4 +depends_on:MBEDTLS_SHA384_C hmac_drbg_entropy_usage:MBEDTLS_MD_SHA384 HMAC_DRBG entropy usage SHA-512 @@ -43,11 +43,11 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_seed_file:MBEDTLS_MD_SHA256:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-384 [#1] -depends_on:MBEDTLS_SHA384_C4 +depends_on:MBEDTLS_SHA384_C hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"data_files/hmac_drbg_seed":0 HMAC_DRBG write/update seed file SHA-384 [#2] -depends_on:MBEDTLS_SHA384_C4 +depends_on:MBEDTLS_SHA384_C hmac_drbg_seed_file:MBEDTLS_MD_SHA384:"no_such_dir/file":MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR HMAC_DRBG write/update seed file SHA-512 [#1] @@ -71,7 +71,7 @@ depends_on:MBEDTLS_SHA256_C hmac_drbg_buf:MBEDTLS_MD_SHA256 HMAC_DRBG from buffer SHA-384 -depends_on:MBEDTLS_SHA384_C4 +depends_on:MBEDTLS_SHA384_C hmac_drbg_buf:MBEDTLS_MD_SHA384 HMAC_DRBG from buffer SHA-512 diff --git a/tests/suites/test_suite_hmac_drbg.no_reseed.data b/tests/suites/test_suite_hmac_drbg.no_reseed.data index fc084306b7..eb49ee3e47 100644 --- a/tests/suites/test_suite_hmac_drbg.no_reseed.data +++ b/tests/suites/test_suite_hmac_drbg.no_reseed.data @@ -479,239 +479,239 @@ depends_on:MBEDTLS_SHA224_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA224:"56f3f5b08da10ead0c986dd2ae5553e4b2eeeb47ad5d22197b12b89b4a871c51c0d85554":"96c8630a1f4187fb0794601cf51e7e333e71756a0421ff43":"875e5bc9548917a82b6dc95200d92bf4218dba7ab316a5fe":"4d3f5678b00d47bb9d0936486de60407eaf1282fda99f595":"90969961ef9283b9e600aead7985455e692db817165189665f498f219b1e5f277e586b237851305d5205548b565faeb02bb7b5f477c80ba94b0563e24d9309d2957a675848140f5601f698459db5899b20dda68f000ccb18dcd39dfae49955b8478fd50bb59d772045beb338622efa5a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"ca851911349384bffe89de1cbdc46e6831e44d34a4fb935ee285dd14b71a7488659ba96c601dc69fc902940805ec0ca8":"":"":"":"e528e9abf2dece54d47c7e75e5fe302149f817ea9fb4bee6f4199697d04d5b89d54fbb978a15b5c443c9ec21036d2460b6f73ebad0dc2aba6e624abf07745bc107694bb7547bb0995f70de25d6b29e2d3011bb19d27676c07162c8b5ccde0668961df86803482cb37ed6d5c0bb8d50cf1f50d476aa0458bdaba806f48be9dcb8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"79737479ba4e7642a221fcfd1b820b134e9e3540a35bb48ffae29c20f5418ea33593259c092bef4129bc2c6c9e19f343":"":"":"":"cf5ad5984f9e43917aa9087380dac46e410ddc8a7731859c84e9d0f31bd43655b924159413e2293b17610f211e09f770f172b8fb693a35b85d3b9e5e63b1dc252ac0e115002e9bedfb4b5b6fd43f33b8e0eafb2d072e1a6fee1f159df9b51e6c8da737e60d5032dd30544ec51558c6f080bdbdab1de8a939e961e06b5f1aca37" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b340907445b97a8b589264de4a17c0bea11bb53ad72f9f33297f05d2879d898d65cb27735d83c0708f72684ea58f7ee5":"":"":"":"75183aaaf3574bc68003352ad655d0e9ce9dd17552723b47fab0e84ef903694a32987eeddbdc48efd24195dbdac8a46ba2d972f5808f23a869e71343140361f58b243e62722088fe10a98e43372d252b144e00c89c215a76a121734bdc485486f65c0b16b8963524a3a70e6f38f169c12f6cbdd169dd48fe4421a235847a23ff" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8e159f60060a7d6a7e6fe7c9f769c30b98acb1240b25e7ee33f1da834c0858e7c39d35052201bdcce4e127a04f04d644":"":"":"":"62910a77213967ea93d6457e255af51fc79d49629af2fccd81840cdfbb4910991f50a477cbd29edd8a47c4fec9d141f50dfde7c4d8fcab473eff3cc2ee9e7cc90871f180777a97841597b0dd7e779eff9784b9cc33689fd7d48c0dcd341515ac8fecf5c55a6327aea8d58f97220b7462373e84e3b7417a57e80ce946d6120db5" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"74755f196305f7fb6689b2fe6835dc1d81484fc481a6b8087f649a1952f4df6ac36387a544a5f2b78007651a7b74b749":"":"":"":"b2896f3af4375dab67e8062d82c1a005ef4ed119d13a9f18371b1b873774418684805fd659bfd69964f83a5cfe08667ddad672cafd16befffa9faed49865214f703951b443e6dca22edb636f3308380144b9333de4bcb0735710e4d9266786342fc53babe7bdbe3c01a3addb7f23c63ce2834729fabbd419b47beceb4a460236" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"4b222718f56a3260b3c2625a4cf80950b7d6c1250f170bd5c28b118abdf23b2f7aed52d0016fcaef0b6492bc40bbe0e9":"":"":"":"a6da029b3665cd39fd50a54c553f99fed3626f4902ffe322dc51f0670dfe8742ed48415cf04bbad5ed3b23b18b7892d170a7dcf3ef8052d5717cb0c1a8b3010d9a9ea5de70ae5356249c0e098946030c46d9d3d209864539444374d8fbcae068e1d6548fa59e6562e6b2d1acbda8da0318c23752ebc9be0c1c1c5b3cf66dd967" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b512633f27fb182a076917e39888ba3ff35d23c3742eb8f3c635a044163768e0e2c39b84629a3de5c301db5643af1c21":"":"":"":"fb931d0d0194a97b48d5d4c231fdad5c61aedf1c3a55ac24983ecbf38487b1c93396c6b86ff3920cfa8c77e0146de835ea5809676e702dee6a78100da9aa43d8ec0bf5720befa71f82193205ac2ea403e8d7e0e6270b366dc4200be26afd9f63b7e79286a35c688c57cbff55ac747d4c28bb80a2b2097b3b62ea439950d75dff" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"aae3ffc8605a975befefcea0a7a286642bc3b95fb37bd0eb0585a4cabf8b3d1e9504c3c0c4310c1c0746a036c91d9034":"":"":"":"2819bd3b0d216dad59ddd6c354c4518153a2b04374b07c49e64a8e4d055575dfbc9a8fcde68bd257ff1ba5c6000564b46d6dd7ecd9c5d684fd757df62d85211575d3562d7814008ab5c8bc00e7b5a649eae2318665b55d762de36eba00c2906c0e0ec8706edb493e51ca5eb4b9f015dc932f262f52a86b11c41e9a6d5b3bd431" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"b9475210b79b87180e746df704b3cbc7bf8424750e416a7fbb5ce3ef25a82cc624baf03599c10df6ef44065d715a93f7":"":"":"":"ae12d784f796183c50db5a1a283aa35ed9a2b685dacea97c596ff8c294906d1b1305ba1f80254eb062b874a8dfffa3378c809ab2869aa51a4e6a489692284a25038908a347342175c38401193b8afc498077e10522bec5c70882b7f760ea5946870bd9fc72961eedbe8bff4fd58c7cc1589bb4f369ed0d3bf26c5bbc62e0b2b2" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"27838eb44ceccb4e36210703ebf38f659bc39dd3277cd76b7a9bcd6bc964b62839cfe0210db2e7b0eb52a387476e7ea1":"":"":"":"e5e72a53605d2aaa67832f97536445ab774dd9bff7f13a0d11fd27bf6593bfb52309f2d4f09d147192199ea584503181de87002f4ee085c7dc18bf32ce5315647a3708e6f404d6588c92b2dda599c131aa350d18c747b33dc8eda15cf40e95263d1231e1b4b68f8d829f86054d49cfdb1b8d96ab0465110569c8583a424a099a" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d7129e4f47008ad60c9b5d081ff4ca8eb821a6e4deb91608bf4e2647835373a5a72882773f78c2fc4878295840a53012":"":"":"":"0cbf48585c5de9183b7ff76557f8fc9ebcfdfde07e588a8641156f61b7952725bbee954f87e9b937513b16bba0f2e523d095114658e00f0f3772175acfcb3240a01de631c19c5a834c94cc58d04a6837f0d2782fa53d2f9f65178ee9c837222494c799e64c60406069bd319549b889fa00a0032dd7ba5b1cc9edbf58de82bfcd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"67fe5e300c513371976c80de4b20d4473889c9f1214bce718bc32d1da3ab7532e256d88497738a33923aa003a8d7845c":"":"":"":"b44660d64ef7bcebc7a1ab71f8407a02285c7592d755ae6766059e894f694373ed9c776c0cfc8594413eefb400ed427e158d687e28da3ecc205e0f7370fb089676bbb0fa591ec8d916c3d5f18a3eb4a417120705f3e2198154cd60648dbfcfc901242e15711cacd501b2c2826abe870ba32da785ed6f1fdc68f203d1ab43a64f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"de8142541255c46d66efc6173b0fe3ffaf5936c897a3ce2e9d5835616aafa2cbd01f9002c407127bc3297a561d89b81d":"":"":"":"64d1020929d74716446d8a4e17205d0756b5264867811aa24d0d0da8644db25d5cde474143c57d12482f6bf0f31d10af9d1da4eb6d701bdd605a8db74fb4e77f79aaa9e450afda50b18d19fae68f03db1d7b5f1738d2fdce9ad3ee9461b58ee242daf7a1d72c45c9213eca34e14810a9fca5208d5c56d8066bab1586f1513de7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"4a8e0bd90bdb12f7748ad5f147b115d7385bb1b06aee7d8b76136a25d779bcb77f3cce4af8c8ce3c45bdf23c6b181a00":"":"":"":"320c7ca4bbeb7af977bc054f604b5086a3f237aa5501658112f3e7a33d2231f5536d2c85c1dad9d9b0bf7f619c81be4854661626839c8c10ae7fdc0c0b571be34b58d66da553676167b00e7d8e49f416aacb2926c6eb2c66ec98bffae20864cf92496db15e3b09e530b7b9648be8d3916b3c20a3a779bec7d66da63396849aaf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"451ed024bc4b95f1025b14ec3616f5e42e80824541dc795a2f07500f92adc6652f28e6ee8de5879db1eccd58c994e5f0":"":"":"":"3fb637085ab75f4e95655faae95885166a5fbb423bb03dbf0543be063bcd48799c4f05d4e522634d9275fe02e1edd920e26d9accd43709cb0d8f6e50aa54a5f3bdd618be23cf73ef736ed0ef7524b0d14d5bef8c8aec1cf1ed3e1c38a808b35e61a44078127c7cb3a8fd7addfa50fcf3ff3bc6d6bc355d5436fe9b71eb44f7fd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d3cc4d1acf3dde0c4bd2290d262337042dc632948223d3a2eaab87da44295fbd0109b0e729f457328aa18569a9224921":"":"3c311848183c9a212a26f27f8c6647e40375e466a0857cc39c4e47575d53f1f6":"fcb9abd19ccfbccef88c9c39bfb3dd7b1c12266c9808992e305bc3cff566e4e4":"9c7b758b212cd0fcecd5daa489821712e3cdea4467b560ef5ddc24ab47749a1f1ffdbbb118f4e62fcfca3371b8fbfc5b0646b83e06bfbbab5fac30ea09ea2bc76f1ea568c9be0444b2cc90517b20ca825f2d0eccd88e7175538b85d90ab390183ca6395535d34473af6b5a5b88f5a59ee7561573337ea819da0dcc3573a22974" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"f97a3cfd91faa046b9e61b9493d436c4931f604b22f1081521b3419151e8ff0611f3a7d43595357d58120bd1e2dd8aed":"":"517289afe444a0fe5ed1a41dbbb5eb17150079bdd31e29cf2ff30034d8268e3b":"88028d29ef80b4e6f0fe12f91d7449fe75062682e89c571440c0c9b52c42a6e0":"c6871cff0824fe55ea7689a52229886730450e5d362da5bf590dcf9acd67fed4cb32107df5d03969a66b1f6494fdf5d63d5b4d0d34ea7399a07d0116126d0d518c7c55ba46e12f62efc8fe28a51c9d428e6d371d7397ab319fc73ded4722e5b4f30004032a6128df5e7497ecf82ca7b0a50e867ef6728a4f509a8c859087039c" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"0f2f23d64f481cabec7abb01db3aabf125c3173a044b9bf26844300b69dcac8b9a5ae13232b43aa19cfe8d7958b4b590":"":"ec4c7a62acab73385f567da10e892ff395a0929f959231a5628188ce0c26e818":"6b97b8c6b6bb8935e676c410c17caa8042aa3145f856d0a32b641e4ae5298648":"7480a361058bd9afa3db82c9d7586e42269102013f6ec5c269b6d05f17987847748684766b44918fd4b65e1648622fc0e0954178b0279dfc9fa99b66c6f53e51c4860131e9e0644287a4afe4ca8e480417e070db68008a97c3397e4b320b5d1a1d7e1d18a95cfedd7d1e74997052bf649d132deb9ec53aae7dafdab55e6dae93" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"53c56660c78481be9c63284e005fcc14fbc7fb27732c9bf1366d01a426765a31dc7a14d0eb5b0b3534e717a0b3c64614":"":"3aa848706ecb877f5bedf4ffc332d57c22e08747a47e75cff6f0fd1316861c95":"9a401afa739b8f752fddacd291e0b854f5eff4a55b515e20cb319852189d3722":"5c0eb420e0bf41ce9323e815310e4e8303cd677a8a8b023f31f0d79f0ca15aeb636099a369fd074d69889865eac1b72ab3cbfebdb8cf460b00072802e2ec648b1349a5303be4ccaadd729f1a9ea17482fd026aaeb93f1602bc1404b9853adde40d6c34b844cf148bc088941ecfc1642c8c0b9778e45f3b07e06e21ee2c9e0300" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"f63c804404902db334c54bb298fc271a21d7acd9f770278e089775710bf4fdd73e45009ea9cb2a36ba1aa4bf39178200":"":"d165a13dc8cc43f3f0952c3f5d3de4136954d983683d4a3e6d2dc4c89bf23423":"75106bc86d0336df85097f6af8e80e2da59046a03fa65b06706b8bbc7ffc6785":"6363139bba32c22a0f5cd23ca6d437b5669b7d432f786b8af445471bee0b2d24c9d5f2f93717cbe00d1f010cc3b9c515fc9f7336d53d4d26ba5c0d76a90186663c8582eb739c7b6578a3328bf68dc2cec2cd89b3a90201f6993adcc854df0f5c6974d0f5570765a15fe03dbce28942dd2fd16ba2027e68abac83926969349af8" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"2aaca9147da66c176615726b69e3e851cc3537f5f279fe7344233d8e44cfc99d4e171f080af9a6081bee9f183ac9e340":"":"d75a2a6eb66c3833e50f5ec3d2e434cf791448d618026d0c360806d120ded669":"b643b74c15b37612e6577ed7ca2a4c67a78d560af9eb50a4108fca742e87b8d6":"501dcdc977f4ba856f24eaa4968b374bebb3166b280334cb510232c31ebffde10fa47b7840ef3fe3b77725c2272d3a1d4219baf23e0290c622271edcced58838cf428f0517425d2e19e0d8c89377eecfc378245f283236fafa466c914b99672ceafab369e8889a0c866d8bd639db9fb797254262c6fd44cfa9045ad6340a60ef" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a2e4cd48a5cf918d6f55942d95fcb4e8465cdc4f77b7c52b6fae5b16a25ca306bef036716440db6e6d333d9d760b7ca8":"":"bfa591c7287f3f931168f95e38869441d1f9a11035ad8ea625bb61b9ea17591c":"c00c735463bca215adc372cb892b05e939bf669583341c06d4e31d0e5b363a37":"e7d136af69926a5421d4266ee0420fd729f2a4f7c295d3c966bdfa05268180b508b8a2852d1b3a06fd2ab3e13c54005123ef319f42d0c6d3a575e6e7e1496cb28aacadbcf83740fba8f35fcee04bb2ed8a51db3d3362b01094a62fb57e33c99a432f29fce6676cffbbcc05107e794e75e44a02d5e6d9d748c5fbff00a0178d65" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"95a67771cba69011a79776e713145d309edae56fad5fd6d41d83eaff89df6e5ebe5b5164e31ecc51ba6f7c3c5199eb33":"":"065f693b229a7c4fd373cd15b3807552dd9bf98c5485cef361949d4e7d774b53":"9afb62406f0e812c4f156d58b19a656c904813c1b4a45a0029ae7f50731f8014":"f61b61a6e79a41183e8ed6647899d2dc85cdaf5c3abf5c7f3bf37685946dc28f4923dc842f2d4326bd6ce0d50a84cb3ba869d72a36e246910eba6512ba36cd7ed3a5437c9245b00a344308c792b668b458d3c3e16dee2fbec41867da31084d46d8ec168de2148ef64fc5b72069abf5a6ada1ead2b7146bb793ff1c9c3690fa56" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a459e1815cbca4514ec8094d5ab2414a557ba6fe10e613c345338d0521e4bf9062221392e2552e76cd0d36df6e6068eb":"":"0a3642b02b23b3ef62c701a63401124022f5b896de86dab6e6c7451497aa1dcc":"c80514865901371c45ba92d9f95d50bb7c9dd1768cb3dfbc45b968da94965c6e":"464e6977b8adaef307c9623e41c357013249c9ffd77f405f3925cebb69f151ce8fbb6a277164002aee7858fc224f6499042aa1e6322deee9a5d133c31d640e12a7487c731ba03ad866a24675badb1d79220c40be689f79c2a0be93cb4dada3e0eac4ab140cb91998b6f11953e68f2319b050c40f71c34de9905ae41b2de1c2f6" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"252c2cad613e002478162861880979ee4e323025eebb6fb2e0aa9f200e28e0a1d001bc9a8f2c8c242e4369df0c191989":"":"9bcfc61cb2bc000034bb3db980eb47c76fb5ecdd40553eff113368d639b947fd":"8b0565c767c2610ee0014582e9fbecb96e173005b60e9581503a6dca5637a26e":"e96c15fe8a60692b0a7d67171e0195ff6e1c87aab844221e71700d1bbee75feea695f6a740c9760bbe0e812ecf4061d8f0955bc0195e18c4fd1516ebca50ba6a6db86881737dbab8321707675479b87611db6af2c97ea361a5484555ead454defb1a64335de964fc803d40f3a6f057893d2afc25725754f4f00abc51920743dc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8be0ca6adc8b3870c9d69d6021bc1f1d8eb9e649073d35ee6c5aa0b7e56ad8a59d1265f7d51fdb65377f1e6edd6ae0e4":"":"da86167ac997c406bb7979f423986a84ec6614d6caa7afc10aff0699a9b2cf7f":"e4baa3c555950b53e2bfdba480cb4c94b59381bac1e33947e0c22e838a9534cf":"64384ecc4ea6b458efc227ca697eac5510092265520c0a0d8a0ccf9ed3ca9d58074671188c6a7ad16d0b050cdc072c125d7298d3a31d9f044a9ee40da0089a84fea28cc7f05f1716db952fad29a0e779635cb7a912a959be67be2f0a4170aace2981802e2ff6467e5b46f0ffbff3b42ba5935fd553c82482ac266acf1cd247d7" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d43a75b6adf26d60322284cb12ac38327792442aa8f040f60a2f331b33ac4a8f0682f8b091f811afacaacaec9b04d279":"":"7fd3b8f512940da7de5d80199d9a7b42670c04a945775a3dba869546cbb9bc65":"2575db20bc7aafc2a90a5dabab760db851d754777bc9f05616af1858b24ff3da":"0da7a8dc73c163014bf0841913d3067806456bbca6d5de92b85534c6545467313648d71ef17c923d090dc92cff8d4d1a9a2bb63e001dc2e8ab1a597999be3d6cf70ff63fee9985801395fbd4f4990430c4259fcae4fa1fcd73dc3187ccc102d04af7c07532885e5a226fc42809c48f22eecf4f6ab996ae4fcb144786957d9f41" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"64352f236af5d32067a529a8fd05ba00a338c9de306371a0b00c36e610a48d18df99ed2c7608c870624b962a5dc68acd":"":"da416335e7aaf60cf3d06fb438735ce796aad09034f8969c8f8c3f81e32fef24":"a28c07c21a2297311adf172c19e83ca0a87731bdffb80548978d2d1cd82cf8a3":"132b9f25868729e3853d3c51f99a3b5fae6d4204bea70890daf62e042b776a526c8fb831b80a6d5d3f153237df1fd39b6fd9137963f5516d9cdd4e3f9195c46e9972c15d3edc6606e3368bde1594977fb88d0ca6e6f5f3d057ccadc7d7dab77dfc42658a1e972aa446b20d418286386a52dfc1c714d2ac548713268b0b709729" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"282f4d2e05a2cd30e9087f5633089389449f04bac11df718c90bb351cd3653a590a7daf3c0de9ea286081efc4a684dfb":"":"2630b4ccc7271cc379cb580b0aaede3d3aa8c1c7ba002cf791f0752c3d739007":"c31d69de499f1017be44e3d4fa77ecebc6a9b9934749fcf136f267b29115d2cc":"c899094520e0197c37b91dd50778e20a5b950decfb308d39f1db709447ae48f6101d9abe63a783fbb830eec1d359a5f61a2013728966d349213ee96382614aa4135058a967627183810c6622a2158cababe3b8ab99169c89e362108bf5955b4ffc47440f87e4bad0d36bc738e737e072e64d8842e7619f1be0af1141f05afe2d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,0,256) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"13c752b9e745ce77bbc7c0dbda982313d3fe66f903e83ebd8dbe4ff0c11380e9f1a533095d6174164bd7c82532464ae7":"":"4f53db89b9ba7fc00767bc751fb8f3c103fe0f76acd6d5c7891ab15b2b7cf67c":"582c2a7d34679088cca6bd28723c99aac07db46c332dc0153d1673256903b446":"6311f4c0c4cd1f86bd48349abb9eb930d4f63df5e5f7217d1d1b91a71d8a6938b0ad2b3e897bd7e3d8703db125fab30e03464fad41e5ddf5bf9aeeb5161b244468cfb26a9d956931a5412c97d64188b0da1bd907819c686f39af82e91cfeef0cbffb5d1e229e383bed26d06412988640706815a6e820796876f416653e464961" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5cacc68165a2e2ee20812f35ec73a79dbf30fd475476ac0c44fc6174cdac2b556f885496c1e63af620becd9e71ecb824":"e72dd8590d4ed5295515c35ed6199e9d211b8f069b3058caa6670b96ef1208d0":"":"":"f1012cf543f94533df27fedfbf58e5b79a3dc517a9c402bdbfc9a0c0f721f9d53faf4aafdc4b8f7a1b580fcaa52338d4bd95f58966a243cdcd3f446ed4bc546d9f607b190dd69954450d16cd0e2d6437067d8b44d19a6af7a7cfa8794e5fbd728e8fb2f2e8db5dd4ff1aa275f35886098e80ff844886060da8b1e7137846b23b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8df013b4d103523073917ddf6a869793059e9943fc8654549e7ab22f7c29f122da2625af2ddd4abcce3cf4fa4659d84e":"b571e66d7c338bc07b76ad3757bb2f9452bf7e07437ae8581ce7bc7c3ac651a9":"":"":"b91cba4cc84fa25df8610b81b641402768a2097234932e37d590b1154cbd23f97452e310e291c45146147f0da2d81761fe90fba64f94419c0f662b28c1ed94da487bb7e73eec798fbcf981b791d1be4f177a8907aa3c401643a5b62b87b89d66b3a60e40d4a8e4e9d82af6d2700e6f535cdb51f75c321729103741030ccc3a56" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"565b2b77937ba46536b0f693b3d5e4a8a24563f9ef1f676e8b5b2ef17823832f4ef3064ec29f5b7f9686d75a23d170e3":"3b722433226c9dba745087270ab3af2c909425ba6d39f5ce46f07256068319d9":"":"":"d144ee7f8363d128872f82c15663fe658413cd42651098e0a7c51a970de75287ec943f9061e902280a5a9e183a7817a44222d198fbfab184881431b4adf35d3d1019da5a90b3696b2349c8fba15a56d0f9d010a88e3f9eeedb67a69bcaa71281b41afa11af576b765e66858f0eb2e4ec4081609ec81da81df0a0eb06787340ea" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"fc3832a91b1dcdcaa944f2d93cbceb85c267c491b7b59d017cde4add79a836b6d5e76ce9eabafed06e33a913e395c5e0":"ffc5f6eefd51da64a0f67b5f0cf60d7ab43fc7836bca650022a0cee57a43c148":"":"":"0e713c6cc9a4dbd4249201d12b7bf5c69c3e18eb504bf3252db2f43675e17d99b6a908400cea304011c2e54166dae1f20260008efe4e06a87e0ce525ca482bca223a902a14adcf2374a739a5dfeaf14cadd72efa4d55d15154c974d9521535bcb70658c5b6c944020afb04a87b223b4b8e5d89821704a9985bb010405ba8f3d4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8009eb2cb49fdf16403bcdfd4a9f952191062acb9cc111eca019f957fb9f4451355598866952394b1eddd85d59f81c9d":"09ff1d4b97d83b223d002e05f754be480d13ba968e5aac306d71cc9fc49cc2dd":"":"":"9550903c2f02cf77c8f9c9a37041d0040ee1e3ef65ba1a1fbbcf44fb7a2172bd6b3aaabe850281c3a1778277bacd09614dfefececac64338ae24a1bf150cbf9d9541173a82ecba08aa19b75abb779eb10efa4257d5252e8afcac414bc3bb5d3006b6f36fb9daea4c8c359ef6cdbeff27c1068571dd3c89dc87eda9190086888d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a6e4c9a8bd6da23b9c2b10a7748fd08c4f782fadbac7ea501c17efdc6f6087bdacdc47edf1d3b21d0aec7631abb6d7d5":"c16ee0908a5886dccf332fbc61de9ec7b7972d2c4c83c477409ce8a15c623294":"":"":"a52f93ccb363e2bdf0903622c3caedb7cffd04b726052b8d455744c71b76dee1b71db9880dc3c21850489cb29e412d7d80849cfa9151a151dcbf32a32b4a54cac01d3200200ed66a3a5e5c131a49655ffbf1a8824ff7f265690dffb4054df46a707b9213924c631c5bce379944c856c4f7846e281ac89c64fad3a49909dfb92b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"59d6307460a9bdd392dfc0904973991d585696010a71e52d590a5039b4849fa434a0aafb95917cbf8c38fc5548373c05":"0407b7c57bc11361747c3d67526c36e228028a5d0b145d66ab9a2fe4b07507a0":"":"":"299aba0661315211b09d2861855d0b4b125ab24649461341af6abd903ed6f025223b3299f2126fcad44c675166d800619cf49540946b12138989417904324b0ddad121327211a297f11259c9c34ce4c70c322a653675f78d385e4e2443f8058d141195e17e0bd1b9d44bf3e48c376e6eb44ef020b11cf03eb141c46ecb43cf3d" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"9ae3506aadbc8358696ba1ba17e876e1157b7048235921503d36d9211b4303429abf7d66afee5d2b811cba358bbc527d":"0d645f6238e9ceb038e4af9772426ca110c5be052f8673b8b5a65c4e53d2f519":"":"":"5f032c7fec6320fe423b6f38085cbad59d826085afe915247b3d546c4c6b174554dd4877c0d671de9554b505393a44e71f209b70f991ac8aa6e08f983fff2a4c817b0cd26c12b2c929378506489a75b2025b358cb5d0400821e7e252ac6376cd94a40c911a7ed8b6087e3de5fa39fa6b314c3ba1c593b864ce4ff281a97c325b" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"96ae3b8775b36da2a29b889ad878941f43c7d51295d47440cd0e3c49991931091fe022a6fc0237b055d4d6a7036b18d5":"1e40e97362d0a823d3964c26b81ab53825c56446c5261689011886f19b08e5c2":"":"":"e707cd14b06ce1e6dbcceaedbf08d88891b03f44ad6a797bd12fdeb557d0151df9346a028dec004844ca46adec3051dafb345895fa9f4604d8a13c8ff66ae093fa63c4d9c0816d55a0066d31e8404c841e87b6b2c7b5ae9d7afb6840c2f7b441bf2d3d8bd3f40349c1c014347c1979213c76103e0bece26ad7720601eff42275" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"33f5120396336e51ee3b0b619b5f873db05ca57cda86aeae2964f51480d149926f1f6e9807ba5393edcf3cb4e4bb6113":"3709605af44d90196867c927512aa8ba31837063337b4879408d91a05c8efa9f":"":"":"8b8291126ded9acef12516025c99ccce225d844308b584b872c903c7bc6467599a1cead003dc4c70f6d519f5b51ce0da57f53da90dbe8f666a1a1dde297727fee2d44cebd1301fc1ca75956a3fcae0d374e0df6009b668fd21638d2b733e6902d22d5bfb4af1b455975e08eef0ebe4dc87705801e7776583c8de11672729f723" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"ad300b799005f290fee7f930eebce158b98fb6cb449987fe433f955456b3530006aa2514e4bd114edf7ac105cfef2772":"87ada711465e4169da2a74c931afb9b5a5b190d07b7af342aa99570401c3ee8a":"":"":"80d7c606ff49415a3a92ba1f2943235c01339c8f9cd0b0511fbfdf3ef23c42ffff008524193faaa4b7f2f2eb0cfa221d9df89bd373fe4e158ec06fad3ecf1eb48b8239b0bb826ee69d773883a3e8edac66254610ff70b6609836860e39ea1f3bfa04596fee1f2baca6cebb244774c6c3eb4af1f02899eba8f4188f91776de16f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"130b044e2c15ab89375e54b72e7baae6d4cad734b013a090f4df057e634f6ff065fd6ac602cd44107d705dbc066e52b6":"f374aba16f34d54aae5e494505b67d3818ef1c08ea24967a76876d4361379aec":"":"":"5d179534fb0dba3526993ed8e27ec9f915183d967336bb24352c67f4ab5d7935d3168e57008da851515efbaecb69904b6d899d3bfa6e9805659aef2942c4903875b8fcbc0d1d24d1c075f0ff667c1fc240d8b410dff582fa71fa30878955ce2ed786ef32ef852706e62439b69921f26e84e0f54f62b938f04905f05fcd7c2204" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"716430e999964b35459c17921fe5f60e09bd9ab234cb8f4ba4932bec4a60a1d59533b711e061b07d505da707cafbca03":"372ae616d1a1fc45c5aecad0939c49b9e01c93bfb40c835eebd837af747f079d":"":"":"a80d6a1b2d0ce01fe0d26e70fb73da20d45841cf01bfbd50b90d2751a46114c0e758cb787d281a0a9cf62f5c8ce2ee7ca74fefff330efe74926acca6d6f0646e4e3c1a1e52fce1d57b88beda4a5815896f25f38a652cc240deb582921c8b1d03a1da966dd04c2e7eee274df2cd1837096b9f7a0d89a82434076bc30173229a60" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"7679f154296e6d580854826539003a82d1c54e2e062c619d00da6c6ac820789b55d12941b0896462e7d888e5322a99a3":"ba4d1ed696f58ef64596c76cee87cc1ca83069a79e7982b9a06f9d62f4209faf":"":"":"10dc7cd2bb68c2c28f76d1b04ae2aa287071e04c3b688e1986b05cc1209f691daa55868ebb05b633c75a40a32b49663185fe5bb8f906008347ef51590530948b87613920014802e5864e0758f012e1eae31f0c4c031ef823aecfb2f8a73aaa946fc507037f9050b277bdeaa023123f9d22da1606e82cb7e56de34bf009eccb46" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,0) #14 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"8ca4a964e1ff68753db86753d09222e09b888b500be46f2a3830afa9172a1d6da59394e0af764e2f21cf751f623ffa6c":"eb8164b3bf6c1750a8de8528af16cffdf400856d82260acd5958894a98afeed5":"":"":"fc5701b508f0264f4fdb88414768e1afb0a5b445400dcfdeddd0eba67b4fea8c056d79a69fd050759fb3d626b29adb8438326fd583f1ba0475ce7707bd294ab01743d077605866425b1cbd0f6c7bba972b30fbe9fce0a719b044fcc1394354895a9f8304a2b5101909808ddfdf66df6237142b6566588e4e1e8949b90c27fc1f" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #0 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5d3286bc53a258a53ba781e2c4dcd79a790e43bbe0e89fb3eed39086be34174bc5422294b7318952ace7055ab7570abf":"2dba094d008e150d51c4135bb2f03dcde9cbf3468a12908a1b025c120c985b9d":"793a7ef8f6f0482beac542bb785c10f8b7b406a4de92667ab168ecc2cf7573c6":"2238cdb4e23d629fe0c2a83dd8d5144ce1a6229ef41dabe2a99ff722e510b530":"d04678198ae7e1aeb435b45291458ffde0891560748b43330eaf866b5a6385e74c6fa5a5a44bdb284d436e98d244018d6acedcdfa2e9f499d8089e4db86ae89a6ab2d19cb705e2f048f97fb597f04106a1fa6a1416ad3d859118e079a0c319eb95686f4cbcce3b5101c7a0b010ef029c4ef6d06cdfac97efb9773891688c37cf" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #1 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"c2a566a9a1817b15c5c3b778177ac87c24e797be0a845f11c2fe399dd37732f2cb1894eb2b97b3c56e628329516f86ec":"13ce4d8dd2db9796f94156c8e8f0769b0aa1c82c1323b61536603bca37c9ee29":"413dd83fe56835abd478cb9693d67635901c40239a266462d3133b83e49c820b":"d5c4a71f9d6d95a1bedf0bd2247c277d1f84a4e57a4a8825b82a2d097de63ef1":"b3a3698d777699a0dd9fa3f0a9fa57832d3cefac5df24437c6d73a0fe41040f1729038aef1e926352ea59de120bfb7b073183a34106efed6278ff8ad844ba0448115dfddf3319a82de6bb11d80bd871a9acd35c73645e1270fb9fe4fa88ec0e465409ea0cba809fe2f45e04943a2e396bbb7dd2f4e0795303524cc9cc5ea54a1" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #2 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a33288a96f41dd54b945e060c8bd0c094f1e28267cc1dcbba52063c1a9d54c4d36918c977e1a7276a2bb475591c367b7":"6aa528c940962638dc2201738850fd1fe6f5d0eb9f687ff1af39d9c7b36830d9":"37ee633a635e43af59abdb1762c7ea45bfe060ec1d9077ecd2a43a658673f3c7":"2eb96f2e28fa9f674bb03ade703b8f791ee5356e2ee85c7ed5bda96325256c61":"db2f91932767eb846961ce5321c7003431870508e8c6f8d432ca1f9cee5cdc1aed6e0f133d317eb6990c4b3b0a360cdfb5b43a6e712bd46bca04c414868fab22c6a49c4b89c812697c3a7fbfc8ddf10c8aa5ebf13a09fd114eb2a02a07f69786f3ce7fd30231f22779bc8db103b13fa546dbc45a89a86275281172761683d384" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #3 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"5f37b6e47e1776e735adc03d4b999879477ff4a206231924033d94c0114f911b7d12d62c79c9f6234ae0314156947459":"92d4d9fab5f8bf5119f2663a9df7334f50dcde74fb9d7732f7eba56501e60d54":"c9aef0d7a9ba7345d08b6d5b5ce5645c7495b8685e6b93846ffcf470f5abd40d":"50d9d1f5074f7d9f1a24a9c63aa47b94da5ba78db1b0f18e4d4fe45c6875813c":"20d942bbd7d98700faa37e94d53bf74f2d6bd1d8c95c0b88d842c4857797d59e7c8788aeeac29740122f208f703bf35dc32b0035db0648384feb6aa17a3274bc09b2d2b746c5a06fd82f4469fb86131a49482cb7be7d9b4b95042394cfb18b13f333ec0fe5c227bf1d8f33ecb2e42e358b6c3e034cb585331bd1d27f638029b9" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #4 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"2311c5afd64c584484b2729e84db80c0b4063fe9ca7edc83350488d7e67264a06a6dfd975a0dc7b72df1f107c4b3b3a6":"2abd870ec5fe26ed14dfa57a3309f920131b70580c3639af2645cd1af93db1b1":"c6e532a3b25653b6002aed5269cc2118749306e736bde039d4d569d4f967773f":"5e7d26c4da769c373092b2b4f72b109fe34bdb7d169ea38f78ebae5df4a15759":"cacaeb1b4ac2305d8714eb50cbe1c67c5a2c0bbc7938fdfdcafef7c85fc40becbf777a4cfb6f14c6eee320943a493d2b0a744a6eb3c256ee9a3763037437df9adce3e2260f0c35e958af0edb5a81debd8bdaf2b8bb2b98b9186e5a222a21609ff58df4cbe1d4898d10d6e7c46f31f5cb1041bfd83a5fb27d5c56c961e91403fc" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #5 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"362ece9d330e1172a8f9e50258476d0c79c3ee50346524ba12d970ee3a6ef8c5cf11bcb4d9d51311ceacfca8705e833f":"abb5a8edde02e526449284ecc31bc713383df3ed085f752e3b6a32f305861eed":"746302ab1f4a86b17546bea762e929360f2e95c7788a63545a264ef997c8c65e":"b907c5b2a8833a48e56e819228ce9a050b41b3309f5ca37bed720311d92b33af":"73c7131a558350590053580873ef956ff952f2aa6ff1bea452e013d1bc2afddea2311756dbe756e63ba6258480c48f3f6c1319b5f572f67ca530af09e39413d1d432bea8f89206619618cb0e7c88e9f2033639d0eb0efc20616b64f940da99b88231984c3fb23f19e890576f555fde394dbd4351f17a7ffd5c369379001bda03" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #6 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"cf614bc29946bc0095f415e8bdeda10aab05392f9cc9187a86ea6ec95ee422e177fb5ec22dc0432cc13f4693e2e3bd9a":"e4ce77914ffbc5fddf1fb51edfafdc196109139b84c741354135ec8d314c7c43":"e1e83ee1205acaf6164dc287aec08e5b32789e5be818078db39e53cad589db51":"4e20c0226d5e1e7e805679f03f72452b5bea2d0ba41e0c12329bf60eb3016dd1":"838fdf1418a746aa52ae4005d90c3fd301f648c5770ffef2a9f3912e37a93850cc4b8bfcce910aead0cb75958823b1a62e283901c5e4a3980e4ea36257458e2e4953555819b8852a26489b1d74821f80c9908469b43f124ff7ea62497c36159a47353098a1b9ec32e54800d6704371cc37f357ad74aacc203e9b6db97f94d0c4" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #7 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a8da1d3e233f393fd44d204c200202f7d01896e72c5ac652940cfd15b5d4b0bd0a112b4cb0890af0a495e0f49fcf6874":"d2e32799bc822b8d033299bdf63dc35774f7649e935d25be5b10512c430d1bda":"920a82d76fcd2cd106ada64bba232b7b2344f3afe6b1d1d20ee8795144571009":"eeaac5878275372025f8231febed64db6a11273c3c00d625fc80a95f18ad7d3f":"5f6dae489b53d89027b2cc333c700f090152d77b3eaf01d47f56ce6eca9893ef877b4cb560fab0fbdb34e3d1c6cd8480b33c053d2661a10aa531df4961b97d659c7492584236582b3fe701055efa59c328194cd1e07fcffd910d9ee01b7b9e8c8fda7f7ac01a8e203b8b26eb8078a9b9a5021562c44af24089e3ef84c1d5a6bd" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #8 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a77b1ed4ecaa650374e1052c405f1d88881c25c87d13dbe1334d8c1a847fa76b05c143e2f145db216fe7be9ed23635d0":"b5c750968ff09ed251d4a1c05342ac843db5246b19045728a634fa4f6e752e54":"ff5937bcd01a363696bf8e40adc8e4ab3e56dbf7e7d09451c99e538785fe6697":"4acb34eea8266badcf8f6557a0eecf3eb4d7a295c876d6175598cb66a388efb8":"ec13eadfcc84e77d2a2efa1a2cd8b1355587cb27feb3d19d75b37f0446333ddb8236e751c63b7a6e595ec24a25051a696dbe8c062dd8896d1446db228a2f10e8094ee07e7ee648ed6bebb2f5ec5aae24c9c640665c28355cc11c116795ecc070790f7fdfc4398900311b6695d5da0175091ed1828d2731085bfb4a20bd86cce0" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #9 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"491686c781e83eb4e21d9989e8d718100b0d21a2c56295888baef1a65f219651499085296d21065feabf3106101c8d6f":"d208a72f9ae34f0817669fb04f49239dd31700f3dc9a93db8d75fb79f9b686c1":"9ffc61893a293a864008fdd56d3292600d9e2ec8a1ea8f34ac5931e968905a23":"4ff3a397dfdae0912032a302a5e7a07dceca8d9013a21545689319b7c024cd07":"3c258ebf2203fca3b322ad1b016e21c7f5c148425f81e4fb0a0e462dce9dfa569c37a006527768297a5b68461b08912642a341b88c85597e30e7561206886098c4e2d861f11513f0ffdbbc78d3a2dd60c105abbb33c5e05ae27081b690fb8b3610917aa9bf1a4ad74481b5ff8334f14e5ad6a6a1eb2259476078076fb7e3a992" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #10 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"36a5267eeeb5a1a7d46de0f8f9281f73cd9611f01198fdaa78c5315205e5a177b66b5337970df36219321badacc624eb":"c2a7b164949da102bece44a423197682ff97627d1fe9654266b8527f64e5b386":"a977e2d8637b019c74063d163bb25387dc56f4eb40e502cefc5ae6ad26a6abdc":"c5c9819557b1e7d8a86fa8c60be42993edc3ef539c13d9a51fb64b0de06e145e":"b471711a4fc7ab7247e65d2c2fe49a50169187187b7978cd2fdb0f8318be3ec55fc68ed4577ad9b42cbb57100b5d35ac86c244c4c93a5b28c1a11c2dfe905d608ec7804dec5bb15cf8d79695534d5e13a6a7e18a887ec9cf184da0cbbc6267f3a952a769403bafcdbb559401be0d8b3300ea7258b4026fc892175efd55ba1a67" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #11 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"a76b0366df89e4073a6b6b9c04da1d6817ce26f1c4825cad4097bdf4d7b9445e773d3cc3290176773847869be528d1a4":"1bfd3bcfb9287a5ad055d1b2b8615fa81c94ac24bc1c219a0f8de58789e0404a":"edd879fa56f21d93029da875b683ce50f6fdc4c0da41da051d000eed2afefefa":"f528ffd29160039260133ed9654589ce60e39e7f667c34f82cda65ddcf5fff14":"39d1ff8848e74dd2cdc6b818ad69823878062116fdf1679942f892c7e191be1c4b6ea268ecdff001b22af0d510f30c2c25b90fc34927f46e3f45d36b0e1848b3a5d54c36c7c65ee7287d325dfbb51b56a438feb6650ce13df88bf06b87ac4a35d2a199ea888629fb0d83f82f0ea160dc79ed220d8ef195b9e80c542f60c2d320" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #12 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"46571e1df43e5e141235e2a9ec85bb0faf1dc0566031e14d41a2fbd0315653ecb60ef6a3347967519aabeaf748e4e991":"759fd8593e3688b23c4a003b655311770d670789878570eb3b155a8e6c2d8c45":"033128460b449e1accb0e9c54508759ddc2538bc64b51e6277553f0c60a02723":"a5e4a717240bdeac18a0c0e231a11dc04a47d7550f342fa9a7a5ff334eb9327d":"9d222df1d530ea7f8f2297a0c79d637da570b48042ecddded75956bba0f0e70b271ffa3c9a53bada6ee1b8a4203c22bfde82a5e2eb1b150f54c6483458569422c1a34a8997d42cc09750167a78bf52a0bd158397af9f83caabe689185c099bf0a9a4853dd3cf8b8e89efebb6a27dba873e65e9927741b22968f2875789b44e01" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #13 -depends_on:MBEDTLS_SHA224_C +depends_on:MBEDTLS_SHA256_C hmac_drbg_no_reseed:MBEDTLS_MD_SHA256:"d63980e63bbe4ac08d2ac5646bf085b82c75995e3fdfc23bb9cc734cd85ca7d2d33ed1dcae13fb634ba08272d6697590":"acd0da070072a5340c4f5f4395568e1a36374e074196ae87f3692ee40487e1df":"f567677b5e12e26f3544be3da9314c88fc475bf84804a89a51f12b191392c02b":"c01cc7873e93c86e2bfb8fc984cfc2eab5cc58eeef018fedb5cba5aedd386156":"b133446f633bcb40724bbf9fa187c39a44b9c094a0a0d40e98977e5466dc2c9adf62a5f4551eeb6406a14658de8a0ed7487c3bf6277e811101284a941745ce16176acc875f1435e14161772fa84609e8123c53dd03cbb868030835c0d11d8d6aa04a1b6f908248b028997737f54735ec4ed7a81fc868199ffb61a779d9340334" HMAC_DRBG NIST CAVS 14.3 No Reseed (SHA-256,256+128,256,256) #14 diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data index ac14c1dbc9..dbe6aa82bc 100644 --- a/tests/suites/test_suite_md.data +++ b/tests/suites/test_suite_md.data @@ -582,31 +582,31 @@ depends_on:MBEDTLS_SHA1_C mbedtls_md_hmac:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" generic HMAC-SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" generic HMAC-SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" generic HMAC-SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" generic HMAC-SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" generic HMAC-SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" generic HMAC-SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" generic HMAC-SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_hmac:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" generic HMAC-SHA-256 Test Vector NIST CAVS #1 @@ -726,31 +726,31 @@ depends_on:MBEDTLS_SHA1_C md_hmac_multi:"SHA1":10:"1287e1565a57b547":"390ffdccc6171c11568d85b8f913e019bf4cd982ca9cd21ea730d41bdf3fcc0bc88ff48ba13a8f23deb2d96ec1033e7b2a58ca72b0c1e17bf03330db25d1e360fa6918009c4294bd1215b5ccd159a8f58bc3dc3d490eb7c3b9f887e8c98dbbb274a75373dcb695a59abd0219529d88518a96f92abc0bbcbda985c388f1fbbcc9":"d78ddf08077c7d9e2ba6" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":14:"e055eb756697ee573fd3214811a9f7fa":"3875847012ee42fe54a0027bdf38cca7021b83a2ed0503af69ef6c37c637bc1114fba40096c5947d736e19b7af3c68d95a4e3b8b073adbbb80f47e9db8f2d4f0018ddd847fabfdf9dd9b52c93e40458977725f6b7ba15f0816bb895cdf50401268f5d702b7e6a5f9faef57b8768c8a3fc14f9a4b3182b41d940e337d219b29ff":"40a453133361cc48da11baf616ee" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":14:"88e5258b55b1623385eb9632fa7c57d6":"ada76bb604be14326551701cf30e48a65eee80b44f0b9d4a07b1844543b7844a621097fdc99de57387458ae9354899b620d0617eabcaefa9eef3d413a33628054335ce656c26fa2986e0f111a6351096b283101ec7868871d770b370973c7405983f9756b3005a3eab492cfd0e7eb42e5c2e15fa6be8718c0a50acc4e5717230":"81c783af538015cef3c60095df53" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":14:"85d402d822114d31abf75526e2538705":"8020d8d98cc2e2298b32879c51c751e1dd5558fe2eabb8f158604297d6d072ce2261a1d6830b7cfe2617b57c7126f99c9476211d6161acd75d266da217ec8174b80484c9dc6f0448a0a036a3fc82e8bf54bdb71549368258d5d41f57978a4c266b92e8783ef66350215573d99be4089144b383ad8f3222bae8f3bf80ffb1bb2b":"2aa0340ac9deafe3be38129daca0" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":14:"545c6eecc5ee46fa17c59f91a94f81ae":"8fb7f3565593170152ddb2021874784e951977cfdd22f8b72a72a61320a8f2a35697b5e913f717805559b1af1861ee3ed42fb788481e4fd276b17bdbefcae7b4501dc5d20de5b7626dd5efdcd65294db4bdf682c33d9a9255c6435383fa5f1c886326a3acbc6bd50a33ab5b2dbb034ce0112d4e226bbcd57e3731a519aa1d784":"3eb566eac54c4a3a9ef092469f24" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":14:"4466ab4dc438841a9750c7f173dff02e":"2534c11c78c99cffaec8f722f04adc7045c7324d58ce98e37cfa94b6ed21ed7f58ce55379ef24b72d6d640ee9154f96c614734be9c408e225d7ba4cecc1179cc9f6e1808e1067aa8f244a99bd0c3267594c1887a40d167f8b7cf78db0d19f97b01fc50b8c86def490dfa7a5135002c33e71d77a8cce8ea0f93e0580439a33733":"59f44a9bbed4875b892d22d6b5ab" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":28:"0e3dd9bb5e4cf0f09a4c11600af56d8d":"f4589fa76c328ea25cf8bae582026ba40a59d45a546ff31cf80eb826088f69bb954c452c74586836416dee90a5255bc5d56d3b405b3705a5197045688b32fa984c3a3dfbdc9c2460a0b5e6312a624048bb6f170306535e9b371a3ab134a2642a230ad03d2c688cca80baeaee9a20e1d4c548b1cede29c6a45bf4df2c8c476f1a":"12175b93e3da4c58217145e4dc0a1cf142fab9319bb501e037b350ba" generic multi step HMAC-SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hmac_multi:"SHA224":28:"cda5187b0c5dcb0f8e5a8beed2306584":"9011ae29b44c49b347487ce972965f16ade3c15be0856ce9c853a9739dba07e4f20d594ddc1dfe21560a65a4e458cfa17745575b915a30c7a9412ff8d1d689db9680dd2428c27588bb0dc92d2cd9445fe8f44b840a197c52c3c4333fff45533945134398df6436513cfab06c924046b8c795a5bd92e8d5f2de85bf306f2eed67":"4aaba92b40e2a600feab176eb9b292d814864195c03342aad6f67f08" generic multi step HMAC-SHA-256 Test Vector NIST CAVS #1 @@ -866,31 +866,31 @@ depends_on:MBEDTLS_SHA1_C md_hex:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" generic SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" generic SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" generic SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" generic SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" generic SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" generic SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" generic SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" generic SHA-256 Test Vector NIST CAVS #1 @@ -1026,31 +1026,31 @@ depends_on:MBEDTLS_SHA1_C md_hex_multi:"SHA1":"8236153781bd2f1b81ffe0def1beb46f5a70191142926651503f1b3bb1016acdb9e7f7acced8dd168226f118ff664a01a8800116fd023587bfba52a2558393476f5fc69ce9c65001f23e70476d2cc81c97ea19caeb194e224339bcb23f77a83feac5096f9b3090c51a6ee6d204b735aa71d7e996d380b80822e4dfd43683af9c7442498cacbea64842dfda238cb099927c6efae07fdf7b23a4e4456e0152b24853fe0d5de4179974b2b9d4a1cdbefcbc01d8d311b5dda059136176ea698ab82acf20dd490be47130b1235cb48f8a6710473cfc923e222d94b582f9ae36d4ca2a32d141b8e8cc36638845fbc499bce17698c3fecae2572dbbd470552430d7ef30c238c2124478f1f780483839b4fb73d63a9460206824a5b6b65315b21e3c2f24c97ee7c0e78faad3df549c7ca8ef241876d9aafe9a309f6da352bec2caaa92ee8dca392899ba67dfed90aef33d41fc2494b765cb3e2422c8e595dabbfaca217757453fb322a13203f425f6073a9903e2dc5818ee1da737afc345f0057744e3a56e1681c949eb12273a3bfc20699e423b96e44bd1ff62e50a848a890809bfe1611c6787d3d741103308f849a790f9c015098286dbacfc34c1718b2c2b77e32194a75dda37954a320fa68764027852855a7e5b5274eb1e2cbcd27161d98b59ad245822015f48af82a45c0ed59be94f9af03d9736048570d6e3ef63b1770bc98dfb77de84b1bb1708d872b625d9ab9b06c18e5dbbf34399391f0f8aa26ec0dac7ff4cb8ec97b52bcb942fa6db2385dcd1b3b9d567aaeb425d567b0ebe267235651a1ed9bf78fd93d3c1dd077fe340bb04b00529c58f45124b717c168d07e9826e33376988bc5cf62845c2009980a4dfa69fbc7e5a0b1bb20a5958ca967aec68eb31dd8fccca9afcd30a26bab26279f1bf6724ff":"11863b483809ef88413ca9b0084ac4a5390640af" generic multi step SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" generic multi step SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" generic multi step SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" generic multi step SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" generic multi step SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" generic multi step SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" generic multi step SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C md_hex_multi:"SHA224":"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" generic multi step SHA-256 Test Vector NIST CAVS #1 @@ -1162,19 +1162,19 @@ depends_on:MBEDTLS_SHA1_C mbedtls_md_file:"SHA1":"data_files/hash_file_4":"da39a3ee5e6b4b0d3255bfef95601890afd80709" generic SHA-224 Hash file #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_file:"SHA224":"data_files/hash_file_1":"8606da018870f0c16834a21bc3385704cb1683b9dbab04c5ddb90a48" generic SHA-224 Hash file #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_file:"SHA224":"data_files/hash_file_2":"733b2ab97b6f63f2e29b9a2089756d81e14c93fe4cc9615c0d5e8a03" generic SHA-224 Hash file #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_file:"SHA224":"data_files/hash_file_3":"e1df95867580e2cc2100e9565bf9c2e42c24fe5250c19efe33d1c4fe" generic SHA-224 Hash file #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C mbedtls_md_file:"SHA224":"data_files/hash_file_4":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" generic SHA-256 Hash file #1 diff --git a/tests/suites/test_suite_oid.data b/tests/suites/test_suite_oid.data index b8490b91c4..5be1f8db60 100644 --- a/tests/suites/test_suite_oid.data +++ b/tests/suites/test_suite_oid.data @@ -75,7 +75,7 @@ depends_on:MBEDTLS_SHA256_C oid_get_md_alg_id:"608648016503040201":MBEDTLS_MD_SHA256 OID hash id - id-sha384 -depends_on:MBEDTLS_SHA512_C +depends_on:MBEDTLS_SHA384_C oid_get_md_alg_id:"608648016503040202":MBEDTLS_MD_SHA384 OID hash id - id-sha512 diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 9072325160..6a0b9b5232 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -363,147 +363,147 @@ depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #50 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #50.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #50.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #51 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #51.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #51.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #52 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #52.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #52.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #53 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #53.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #53.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #54 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #54.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #54.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #55 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTest":0 Parse RSA Key #55.1 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #55.2 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA224 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_3des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #56 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #56.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #56.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #57 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #57.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #57.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #58 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTest":0 Parse RSA Key #58.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #58.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED Parse RSA Key #59 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #59.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #59.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #60 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #60.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #60.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 2048-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_2048_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #61 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTest":0 Parse RSA Key #61.1 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, wrong PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7 pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"PolarSSLTes":MBEDTLS_ERR_PK_PASSWORD_MISMATCH Parse RSA Key #61.2 (PKCS#8 encrypted v2 PBKDF2 DES hmacWithSHA224 DER, 4096-bit, no PW) -depends_on:MBEDTLS_DES_C:MBEDTLS_SHA256_C:MBEDTLS_PKCS5_C +depends_on:MBEDTLS_DES_C:MBEDTLS_SHA224_C:MBEDTLS_PKCS5_C pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_4096_des_sha224.der":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT Parse RSA Key #62 (PKCS#8 encrypted v2 PBKDF2 3DES hmacWithSHA256) diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data index 19b4db41ff..cc5a047790 100644 --- a/tests/suites/test_suite_rsa.data +++ b/tests/suites/test_suite_rsa.data @@ -50,7 +50,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"55013a489e09b6553262aab59fb041b49437b86d52876f8e5d5e405b77ca0ff6ce8ea2dd75c7b3b411cf4445d56233c5b0ff0e58c49128d81b4fedd295e172d225c451e13defb34b87b7aea6d6f0d20f5c55feb71d2a789fa31f3d9ff47896adc16bec5ce0c9dda3fde190e08ca2451c01ff3091449887695f96dac97ad6a30e":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"dd82b7be791c454fbbf6f1de47cbe585a687e4e8bbae0b6e2a77f8ca4efd06d71498f9a74b931bd59c377e71daf708a624c51303f377006c676487bad57f7067b09b7bb94a6189119ab8cf7321c321b2dc7df565bfbec833a28b86625fb5fd6a035d4ed79ff0f9aee9fa78935eec65069439ee449d7f5249cdae6fdd6d8c2a63":MBEDTLS_ERR_RSA_VERIFY_FAILED RSA PKCS1 Verify v1.5 CAVS #11 -depends_on:MBEDTLS_MBEDTLS_SHA224_CSHA256_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PKCS1_V15 mbedtls_rsa_pkcs1_verify:"f4a990b8d434a5914340c0ca3ca4e4a70856c55e13e938c1f854e91cdef54c6107d6d682a62e6c1ff12b1c6178ee0b26b5d8ae5ee4043db4151465727f313e9e174d7c6961abe9cb86a21367a89e41b47267ac5ef3a6eceaaca5b19ae756b3904b97ec35aeb404dc2a2d0da373ba709a678d2728e7d72daae68d335cbf6c957d":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA224:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"10001":"d8ef7bdc0f111b1249d5ad6515b6fe37f2ff327f493832f1385c10e975c07b0266497716fcb84f5039cd60f5a050614fde27f354a6c45e8a7d74f9821e2f301500ac1953feafeb9d98cf88d2c928413f337813135c66abfc3dc7a4d80655d925bf96f21872ca2b3a2684b976ca768fe37feae20a69eeec3cc8f1de0db34b3462":0 RSA PKCS1 Verify v1.5 CAVS #12 diff --git a/tests/suites/test_suite_shax.data b/tests/suites/test_suite_shax.data index 2354f2dc05..12eec84efc 100644 --- a/tests/suites/test_suite_shax.data +++ b/tests/suites/test_suite_shax.data @@ -52,31 +52,31 @@ SHA-256 Invalid parameters sha256_invalid_param: SHA-224 Test Vector NIST CAVS #1 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"":"d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f" SHA-224 Test Vector NIST CAVS #2 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"ff":"e33f9d75e6ae1369dbabf81b96b4591ae46bba30b591a6b6c62542b5" SHA-224 Test Vector NIST CAVS #3 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"984c":"2fa9df9157d9e027cfbc4c6a9df32e1adc0cbe2328ec2a63c5ae934e" SHA-224 Test Vector NIST CAVS #4 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"50efd0":"b5a9820413c2bf8211fbbf5df1337043b32fa4eafaf61a0c8e9ccede" SHA-224 Test Vector NIST CAVS #5 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"e5e09924":"fd19e74690d291467ce59f077df311638f1c3a46e510d0e49a67062d" SHA-224 Test Vector NIST CAVS #6 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"21ebecb914":"78f4a71c21c694499ce1c7866611b14ace70d905012c356323c7c713" SHA-224 Test Vector NIST CAVS #7 -depends_on:MBEDTLS_SHA256_C +depends_on:MBEDTLS_SHA224_C sha224:"fc488947c1a7a589726b15436b4f3d9556262f98fc6422fc5cdf20f0fad7fe427a3491c86d101ffe6b7514f06268f65b2d269b0f69ad9a97847eff1c16a2438775eb7be6847ccf11cb8b2e8dcd6640b095b49c0693fe3cf4a66e2d9b7ad68bff14f3ad69abf49d0aba36cbe0535202deb6599a47225ef05beb351335cd7bc0f480d691198c7e71305ffd53b39d33242bb79cfd98bfd69e137b5d18b2b89ac9ace01c8dbdcf2533cce3682ecc52118de0c1062ec2126c2e657d6ea3d9e2398e705d4b0b1f1ceecb266dffc4f31bf42744fb1e938dc22a889919ee1e73f463f7871fed720519e32186264b7ef2a0e5d9a18e6c95c0781894f77967f048951dec3b4d892a38710b1e3436d3c29088eb8b3da1789c25db3d3bc6c26081206e7155d210a89b80ca6ea877c41ff9947c0f25625dcb118294a163501f6239c326661a958fd12da4cd15a899f8b88cc723589056eaec5aa04a4cf5dbb6f480f9660423ccf38c486e210707e0fb25e1f126ceb2616f63e147a647dab0af9ebe89d65458bf636154a46e4cab95f5ee62da2c7974cd14b90d3e4f99f81733e85b3c1d5da2b508d9b90f5eed7eff0d9c7649de62bee00375454fee4a39576a5bbfdae428e7f8097bdf7797f167686cb68407e49079e4611ff3402b6384ba7b7e522bd2bb11ce8fd02ea4c1604d163ac4f6dde50b8b1f593f7edaadeac0868ed97df690200680c25f0f5d85431a529e4f339089dcdeda105e4ee51dead704cdf5a605c55fb055c9b0e86b8ba1b564c0dea3eb790a595cb103cb292268b07c5e59371e1a7ef597cd4b22977a820694c9f9aeb55d9de3ef62b75d6e656e3336698d960a3787bf8cf5b926a7faeef52ae128bcb5dc9e66d94b016c7b8e034879171a2d91c381f57e6a815b63b5ee6a6d2ff435b49f14c963966960194430d78f8f87627a67757fb3532b289550894da6dce4817a4e07f4d56877a1102ffcc8befa5c9f8fca6a4574d93ff70376c8861e0f8108cf907fce77ecb49728f86f034f80224b9695682e0824462f76cdb1fd1af151337b0d85419047a7aa284791718a4860cd586f7824b95bc837b6fd4f9be5aade68456e20356aa4d943dac36bf8b67b9e8f9d01a00fcda74b798bafa746c661b010f75b59904b29d0c8041504811c4065f82cf2ead58d2f595cbd8bc3e7043f4d94577b373b7cfe16a36fe564f505c03b70cfeb5e5f411c79481338aa67e86b3f5a2e77c21e454c333ae3da943ab723ab5f4c940395319534a5575f64acba0d0ecc43f60221ed3badf7289c9b3a7b903a2d6c94e15fa4c310dc4fa7faa0c24f405160a1002dbef20e4105d481db982f7243f79400a6e4cd9753c4b9732a47575f504b20c328fe9add7f432a4f075829da07b53b695037dc51737d3cd731934df333cd1a53fcf65aa31baa450ca501a6fae26e322347e618c5a444d92e9fec5a8261ae38b98fee5be77c02cec09ddccd5b3de92036":"1302149d1e197c41813b054c942329d420e366530f5517b470e964fe" SHA-256 Test Vector NIST CAVS #1 diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 9eedeeb790..3d9751524d 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9265,7 +9265,7 @@ depends_on:!MBEDTLS_SSL_PROTO_TLS1:!MBEDTLS_SSL_PROTO_TLS1_1 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 SHA-512 not enabled -depends_on:!MBEDTLS_SHA512_C +depends_on:!MBEDTLS_SHA384_C ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA256 SHA-256 not enabled diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data index 5fcaa38539..11817cf4c2 100644 --- a/tests/suites/test_suite_x509parse.data +++ b/tests/suites/test_suite_x509parse.data @@ -39,7 +39,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C x509_cert_info:"data_files/cert_sha1.crt":"cert. version \: 3\nserial number \: 07\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA224_C x509_cert_info:"data_files/cert_sha224.crt":"cert. version \: 3\nserial number \: 08\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on \: 2019-02-10 14\:44\:06\nexpires on \: 2029-02-10 14\:44\:06\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n" X509 CRT information SHA256 Digest @@ -59,7 +59,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C x509_cert_info:"data_files/server9.crt":"cert. version \: 3\nserial number \: 16\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:38\:16\nexpires on \: 2024-01-18 13\:38\:16\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C x509_cert_info:"data_files/server9-sha224.crt":"cert. version \: 3\nserial number \: 17\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2014-01-20 13\:57\:36\nexpires on \: 2024-01-18 13\:57\:36\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\nRSA key size \: 1024 bits\nbasic constraints \: CA=false\n" X509 CRT information RSA-PSS, SHA256 Digest @@ -79,7 +79,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: x509_cert_info:"data_files/server5-sha1.crt":"cert. version \: 3\nserial number \: 12\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C x509_cert_info:"data_files/server5-sha224.crt":"cert. version \: 3\nserial number \: 13\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nissued on \: 2013-09-24 16\:21\:27\nexpires on \: 2023-09-22 16\:21\:27\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\nbasic constraints \: CA=false\n" X509 CRT information EC, SHA256 Digest @@ -223,7 +223,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C mbedtls_x509_crl_info:"data_files/crl_sha1.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n" X509 CRL Information SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C mbedtls_x509_crl_info:"data_files/crl_sha224.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA-224\n" X509 CRL Information SHA256 Digest @@ -243,7 +243,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:46\:35\nnext update \: 2024-01-18 13\:46\:35\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0xEA)\n" X509 CRL information RSA-PSS, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C mbedtls_x509_crl_info:"data_files/crl-rsa-pss-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2014-01-20 13\:56\:06\nnext update \: 2024-01-18 13\:56\:06\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nserial number\: 16 revocation date\: 2014-01-20 13\:43\:05\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0xE2)\n" X509 CRL information RSA-PSS, SHA256 Digest @@ -263,7 +263,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_ECDSA_C mbedtls_x509_crl_info:"data_files/crl-ec-sha1.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA1\n" X509 CRL Information EC, SHA224 Digest -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_ECDSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_ECDSA_C mbedtls_x509_crl_info:"data_files/crl-ec-sha224.pem":"CRL version \: 2\nissuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nthis update \: 2013-09-24 16\:31\:08\nnext update \: 2023-09-22 16\:31\:08\nRevoked certificates\:\nserial number\: 0A revocation date\: 2013-09-24 16\:28\:38\nsigned using \: ECDSA with SHA224\n" X509 CRL Information EC, SHA256 Digest @@ -303,7 +303,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C mbedtls_x509_csr_info:"data_files/server1.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA256_C:MBEDTLS_RSA_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA224_C:MBEDTLS_RSA_C mbedtls_x509_csr_info:"data_files/server1.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with SHA-224\nRSA key size \: 2048 bits\n" X509 CSR Information RSA with SHA-256 @@ -323,7 +323,7 @@ depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED: mbedtls_x509_csr_info:"data_files/server5.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA1\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA224 -depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C +depends_on:MBEDTLS_ECDSA_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA224_C mbedtls_x509_csr_info:"data_files/server5.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: ECDSA with SHA224\nEC key size \: 256 bits\n" X509 CSR Information EC with SHA256 @@ -343,7 +343,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C mbedtls_x509_csr_info:"data_files/server9.req.sha1":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA1, MGF1-SHA1, 0x6A)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA224 -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C mbedtls_x509_csr_info:"data_files/server9.req.sha224":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=localhost\nsigned using \: RSASSA-PSS (SHA224, MGF1-SHA224, 0x62)\nRSA key size \: 1024 bits\n" X509 CSR Information RSA-PSS with SHA256 @@ -564,7 +564,7 @@ depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDT x509_verify:"data_files/cert_sha1.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCRL_BAD_MD | MBEDTLS_X509_BADCERT_BAD_MD:"":"NULL" X509 CRT verification #15 (Valid Cert SHA224 Digest) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15 x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #16 (Valid Cert SHA256 Digest) @@ -656,7 +656,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S x509_verify:"data_files/server5-sha1.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #37 (Valid, EC CA, SHA224 Digest) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA224_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED x509_verify:"data_files/server5-sha224.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #38 (Valid, EC CA, SHA384 Digest) @@ -744,7 +744,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA1_C:MB x509_verify:"data_files/server9.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #58 (Valid, RSASSA-PSS, SHA-224) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA256_C:MBEDTLS_SHA1_C +depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT:MBEDTLS_SHA224_C:MBEDTLS_SHA1_C x509_verify:"data_files/server9-sha224.crt":"data_files/test-ca.crt":"data_files/crl-rsa-pss-sha224.pem":"NULL":0:0:"compat":"NULL" X509 CRT verification #59 (Valid, RSASSA-PSS, SHA-256) @@ -900,7 +900,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_SHA256_C:MBEDTLS_ECP_DP_S x509_verify:"data_files/server5.crt":"data_files/test-ca2.crt":"data_files/crl-ec-sha256.pem":"NULL":0:0:"suite_b":"NULL" X509 CRT verification #96 (next profile Invalid Cert SHA224 Digest) -depends_on:MBEDTLS_SHA256_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C +depends_on:MBEDTLS_SHA224_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C x509_verify:"data_files/cert_sha224.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD|MBEDTLS_X509_BADCRL_BAD_MD:"next":"NULL" X509 CRT verification #97 (next profile Valid Cert SHA256 Digest) @@ -2131,7 +2131,7 @@ x509parse_crl:"305d3047020100300d06092a864886f70d01010e0500300f310d300b060355040 # 03020001 signatureValue BIT STRING # The subsequent TBSCertList negative tests remove or modify some elements. X509 CRL ASN1 (TBSCertList, sig present) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nserial number\: AB\:CD revocation date\: 2008-12-31 23\:59\:59\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (TBSCertList, signatureValue missing) @@ -2167,7 +2167,7 @@ depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C x509parse_crl:"305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128402abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001":"":MBEDTLS_ERR_X509_INVALID_SERIAL + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG X509 CRL ASN1 (TBSCertList, no entries) -depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA256_C +depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA224_C x509parse_crl:"30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001":"CRL version \: 1\nissuer name \: CN=ABCD\nthis update \: 2009-01-01 00\:00\:00\nnext update \: 0000-00-00 00\:00\:00\nRevoked certificates\:\nsigned using \: RSA with SHA-224\n":0 X509 CRL ASN1 (invalid version 2) From 95d516f319ccb5419dbcca2bd1ce69b494254174 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 4 May 2021 18:36:56 +0100 Subject: [PATCH 034/271] Remove MBEDTLS_SSL_MAX_CONTENT_LEN option Signed-off-by: David Horstmann --- ChangeLog.d/remove-max-content-len.txt | 4 ++ configs/config-ccm-psk-tls1_2.h | 3 +- configs/config-suite-b.h | 3 +- .../remove-max-content-len.md | 10 +++++ include/mbedtls/config.h | 38 +------------------ include/mbedtls/ssl.h | 10 ++--- library/ssl_misc.h | 16 +++----- library/ssl_tls.c | 2 +- programs/ssl/ssl_server2.c | 6 ++- programs/test/query_config.c | 8 ---- tests/ssl-opt.sh | 11 ++++-- 11 files changed, 42 insertions(+), 69 deletions(-) create mode 100644 ChangeLog.d/remove-max-content-len.txt create mode 100644 docs/3.0-migration-guide.d/remove-max-content-len.md diff --git a/ChangeLog.d/remove-max-content-len.txt b/ChangeLog.d/remove-max-content-len.txt new file mode 100644 index 0000000000..b7607e6c6b --- /dev/null +++ b/ChangeLog.d/remove-max-content-len.txt @@ -0,0 +1,4 @@ +Removals + * Remove MBEDTLS_SSL_MAX_CONTENT_LEN configuration option, since + MBEDTLS_SSL_IN_CONTENT_LEN and MBEDTLS_SSL_OUT_CONTENT_LEN replace + it. Fixes #4362. diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index c58d150d9d..a3662d8957 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -79,7 +79,8 @@ * both ends of the connection! (See comments in "mbedtls/ssl.h".) * The optimal size here depends on the typical size of records. */ -#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +#define MBEDTLS_SSL_IN_CONTENT_LEN 1024 +#define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 #include "mbedtls/check_config.h" diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 7cb566c1b3..f1c809e679 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -107,7 +107,8 @@ * The minimum size here depends on the certificate chain used as well as the * typical size of records. */ -#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024 +#define MBEDTLS_SSL_IN_CONTENT_LEN 1024 +#define MBEDTLS_SSL_OUT_CONTENT_LEN 1024 #include "mbedtls/check_config.h" diff --git a/docs/3.0-migration-guide.d/remove-max-content-len.md b/docs/3.0-migration-guide.d/remove-max-content-len.md new file mode 100644 index 0000000000..40c7d539fb --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-max-content-len.md @@ -0,0 +1,10 @@ +Remove the `MBEDTLS_SSL_MAX_CONTENT_LEN` configuration option +------------------------------------------------------------- + +This affects users who use the `MBEDTLS_SSL_MAX_CONTENT_LEN` option to +set the maximum length of incoming and outgoing plaintext fragments, +which can save memory by reducing the size of the TLS I/O buffers. + +This option is replaced by the more fine-grained options +`MBEDTLS_SSL_IN_CONTENT_LEN` and `MBEDTLS_SSL_OUT_CONTENT_LEN` that set +the maximum incoming and outgoing plaintext fragment lengths, respectively. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 603d985ae0..6714db33fc 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3531,32 +3531,6 @@ /* SSL options */ -/** \def MBEDTLS_SSL_MAX_CONTENT_LEN - * - * Maximum length (in bytes) of incoming and outgoing plaintext fragments. - * - * This determines the size of both the incoming and outgoing TLS I/O buffers - * in such a way that both are capable of holding the specified amount of - * plaintext data, regardless of the protection mechanism used. - * - * To configure incoming and outgoing I/O buffers separately, use - * #MBEDTLS_SSL_IN_CONTENT_LEN and #MBEDTLS_SSL_OUT_CONTENT_LEN, - * which overwrite the value set by this option. - * - * \note When using a value less than the default of 16KB on the client, it is - * recommended to use the Maximum Fragment Length (MFL) extension to - * inform the server about this limitation. On the server, there - * is no supported, standardized way of informing the client about - * restriction on the maximum size of incoming messages, and unless - * the limitation has been communicated by other means, it is recommended - * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN - * while keeping the default value of 16KB for the incoming buffer. - * - * Uncomment to set the maximum plaintext size of both - * incoming and outgoing I/O buffers. - */ -//#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 - /** \def MBEDTLS_SSL_IN_CONTENT_LEN * * Maximum length (in bytes) of incoming plaintext fragments. @@ -3565,9 +3539,6 @@ * that it is capable of holding the specified amount of plaintext data, * regardless of the protection mechanism used. * - * If this option is undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * * \note When using a value less than the default of 16KB on the client, it is * recommended to use the Maximum Fragment Length (MFL) extension to * inform the server about this limitation. On the server, there @@ -3577,8 +3548,7 @@ * to only change the outgoing buffer size #MBEDTLS_SSL_OUT_CONTENT_LEN * while keeping the default value of 16KB for the incoming buffer. * - * Uncomment to set the maximum plaintext size of the incoming I/O buffer - * independently of the outgoing I/O buffer. + * Uncomment to set the maximum plaintext size of the incoming I/O buffer. */ //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 @@ -3637,9 +3607,6 @@ * that it is capable of holding the specified amount of plaintext data, * regardless of the protection mechanism used. * - * If this option undefined, it inherits its value from - * #MBEDTLS_SSL_MAX_CONTENT_LEN. - * * It is possible to save RAM by setting a smaller outward buffer, while keeping * the default inward 16384 byte buffer to conform to the TLS specification. * @@ -3648,8 +3615,7 @@ * The specific size requirement depends on the configured ciphers and any * certificate data which is sent during the handshake. * - * Uncomment to set the maximum plaintext size of the outgoing I/O buffer - * independently of the incoming I/O buffer. + * Uncomment to set the maximum plaintext size of the outgoing I/O buffer. */ //#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 40814e660d..9e750f7af1 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -236,16 +236,12 @@ * if you're using the Max Fragment Length extension and you know all your * peers are using it too! */ -#if !defined(MBEDTLS_SSL_MAX_CONTENT_LEN) -#define MBEDTLS_SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ -#endif - #if !defined(MBEDTLS_SSL_IN_CONTENT_LEN) -#define MBEDTLS_SSL_IN_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN +#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 #endif #if !defined(MBEDTLS_SSL_OUT_CONTENT_LEN) -#define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN +#define MBEDTLS_SSL_OUT_CONTENT_LEN 16384 #endif /* @@ -3619,7 +3615,7 @@ size_t mbedtls_ssl_get_output_max_frag_len( const mbedtls_ssl_context *ssl ); /** * \brief Return the maximum fragment length (payload, in bytes) for * the input buffer. This is the negotiated maximum fragment - * length, or, if there is none, MBEDTLS_SSL_MAX_CONTENT_LEN. + * length, or, if there is none, MBEDTLS_SSL_IN_CONTENT_LEN. * If it is not defined either, the value is 2^14. This function * works as its predecessor, \c mbedtls_ssl_get_max_frag_len(). * diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9ac48c757c..9b3f4cd154 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -213,23 +213,19 @@ * Check that we obey the standard's message size bounds */ -#if MBEDTLS_SSL_MAX_CONTENT_LEN > 16384 -#error "Bad configuration - record content too large." +#if MBEDTLS_SSL_IN_CONTENT_LEN > 16384 +#error "Bad configuration - incoming record content too large." #endif -#if MBEDTLS_SSL_IN_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - incoming record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." +#if MBEDTLS_SSL_OUT_CONTENT_LEN > 16384 +#error "Bad configuration - outgoing record content too large." #endif -#if MBEDTLS_SSL_OUT_CONTENT_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN -#error "Bad configuration - outgoing record content should not be larger than MBEDTLS_SSL_MAX_CONTENT_LEN." -#endif - -#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 +#if MBEDTLS_SSL_IN_PAYLOAD_LEN > MBEDTLS_SSL_IN_CONTENT_LEN + 2048 #error "Bad configuration - incoming protected record payload too large." #endif -#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_MAX_CONTENT_LEN + 2048 +#if MBEDTLS_SSL_OUT_PAYLOAD_LEN > MBEDTLS_SSL_OUT_CONTENT_LEN + 2048 #error "Bad configuration - outgoing protected record payload too large." #endif diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc2f269a9c..614bb046e4 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4646,7 +4646,7 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) size_t mbedtls_ssl_get_input_max_frag_len( const mbedtls_ssl_context *ssl ) { - size_t max_len = MBEDTLS_SSL_MAX_CONTENT_LEN; + size_t max_len = MBEDTLS_SSL_IN_CONTENT_LEN; size_t read_mfl; /* Use the configured MFL for the client if we're past SERVER_HELLO_DONE */ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 8f97541af7..0b89b5573d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1572,13 +1572,15 @@ int main( int argc, char *argv[] ) else if( strcmp( p, "buffer_size" ) == 0 ) { opt.buffer_size = atoi( q ); - if( opt.buffer_size < 1 || opt.buffer_size > MBEDTLS_SSL_MAX_CONTENT_LEN + 1 ) + if( opt.buffer_size < 1 || + ( opt.buffer_size > MBEDTLS_SSL_IN_CONTENT_LEN + 1 + && opt.buffer_size > MBEDTLS_SSL_OUT_CONTENT_LEN + 1 ) ) goto usage; } else if( strcmp( p, "response_size" ) == 0 ) { opt.response_size = atoi( q ); - if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_MAX_CONTENT_LEN ) + if( opt.response_size < 0 || opt.response_size > MBEDTLS_SSL_OUT_CONTENT_LEN ) goto usage; if( opt.buffer_size < opt.response_size ) opt.buffer_size = opt.response_size; diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 450e2fbbf0..c6c4d1f04f 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -2595,14 +2595,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ -#if defined(MBEDTLS_SSL_MAX_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_MAX_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_MAX_CONTENT_LEN */ - #if defined(MBEDTLS_SSL_IN_CONTENT_LEN) if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 ) { diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 267b564464..80dfa0a92a 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -374,7 +374,7 @@ requires_not_i686() { } # Calculate the input & output maximum content lengths set in the config -MAX_CONTENT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384") +MAX_CONTENT_LEN=16384 MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN") MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN") @@ -3014,8 +3014,13 @@ run_test "Session resume using cache, DTLS: openssl server" \ # Tests for Max Fragment Length extension -if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then - printf '%s defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" +if [ "$MAX_IN_LEN" -lt "4096" ]; then + printf '%s defines MBEDTLS_SSL_IN_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" + exit 1 +fi + +if [ "$MAX_OUT_LEN" -lt "4096" ]; then + printf '%s defines MBEDTLS_SSL_OUT_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}" exit 1 fi From 12e18369e86be6b5550f33a3ad7f0796db4a4be8 Mon Sep 17 00:00:00 2001 From: Xiang Xiao Date: Fri, 7 May 2021 00:55:52 -0700 Subject: [PATCH 035/271] aes: Check aes_padlock_ace > 0 before calling padlock Sometime user may forget to call mbedtls_aes_setkey_enc or mbedtls_aes_setkey_dec before mbedtls_aes_crypt_ecb and then the code normally crash inside the assembly code. With this patch, the code will stop inside the C source code which is more convenient to locate the problem. Signed-off-by: Xiang Xiao Change-Id: I0e1d6b219f8709f8acaee5f345344335fc82fed3 --- library/aes.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/aes.c b/library/aes.c index b36b81c73c..c10d4ae2d0 100644 --- a/library/aes.c +++ b/library/aes.c @@ -1023,7 +1023,7 @@ int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, #endif #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) + if( aes_padlock_ace > 0) { if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 ) return( 0 ); @@ -1065,7 +1065,7 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH ); #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86) - if( aes_padlock_ace ) + if( aes_padlock_ace > 0 ) { if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) return( 0 ); From 72f60dfcc1fa985f1c665528ef894eac16bf0828 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Fri, 30 Apr 2021 13:28:22 +0200 Subject: [PATCH 036/271] Remove MBEDTLS_TEST_NULL_ENTROPY config option. Building the library without entropy sources negates any and all security provided by the library. This option was originally requested a relatively long time ago and it does not provide any tangible benefit for users any more. Signed-off-by: Mateusz Starzyk --- CMakeLists.txt | 31 ------------------------- ChangeLog.d/remove_null_entropy.txt | 2 ++ Makefile | 9 ------- include/mbedtls/check_config.h | 9 ------- include/mbedtls/config.h | 17 -------------- library/entropy.c | 17 -------------- library/entropy_poll.c | 17 -------------- library/entropy_poll.h | 8 ------- library/version_features.c | 3 --- programs/test/query_config.c | 8 ------- scripts/config.py | 1 - tests/scripts/all.sh | 15 ------------ tests/suites/helpers.function | 9 ++++--- tests/suites/test_suite_entropy.data | 5 ---- tests/suites/test_suite_random.function | 8 +++---- 15 files changed, 10 insertions(+), 149 deletions(-) create mode 100644 ChangeLog.d/remove_null_entropy.txt diff --git a/CMakeLists.txt b/CMakeLists.txt index fb1ffaf96d..f648f2299b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -56,17 +56,6 @@ else() endif() # Warning string - created as a list for compatibility with CMake 2.8 -set(WARNING_BORDER "*******************************************************\n") -set(NULL_ENTROPY_WARN_L1 "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined!\n") -set(NULL_ENTROPY_WARN_L2 "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES\n") -set(NULL_ENTROPY_WARN_L3 "**** AND IS *NOT* SUITABLE FOR PRODUCTION USE\n") - -set(NULL_ENTROPY_WARNING "${WARNING_BORDER}" - "${NULL_ENTROPY_WARN_L1}" - "${NULL_ENTROPY_WARN_L2}" - "${NULL_ENTROPY_WARN_L3}" - "${WARNING_BORDER}") - set(CTR_DRBG_128_BIT_KEY_WARN_L1 "**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined!\n") set(CTR_DRBG_128_BIT_KEY_WARN_L2 "**** Using 128-bit keys for CTR_DRBG limits the security of generated\n") set(CTR_DRBG_128_BIT_KEY_WARN_L3 "**** keys and operations that use random values generated to 128-bit security\n") @@ -99,26 +88,6 @@ if(MBEDTLS_PYTHON_EXECUTABLE) message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) endif() - # If NULL Entropy is configured, display an appropriate warning - execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/include/mbedtls/config.h get MBEDTLS_TEST_NULL_ENTROPY - RESULT_VARIABLE result) - if(${result} EQUAL 0) - message(WARNING ${NULL_ENTROPY_WARNING}) - - if(NOT UNSAFE_BUILD) - message(FATAL_ERROR "\ -\n\ -Warning! You have enabled MBEDTLS_TEST_NULL_ENTROPY. \ -This option is not safe for production use and negates all security \ -It is intended for development use only. \ -\n\ -To confirm you want to build with this option, re-run cmake with the \ -option: \n\ - cmake -DUNSAFE_BUILD=ON ") - - return() - endif() - endif() endif() # If this is the root project add longer list of available CMAKE_BUILD_TYPE values diff --git a/ChangeLog.d/remove_null_entropy.txt b/ChangeLog.d/remove_null_entropy.txt new file mode 100644 index 0000000000..3d9674b45f --- /dev/null +++ b/ChangeLog.d/remove_null_entropy.txt @@ -0,0 +1,2 @@ +API changes + * Remove the MBEDTLS_TEST_NULL_ENTROPY config option. Fixes #4388. diff --git a/Makefile b/Makefile index 6a8b230077..8d1a6ce5ba 100644 --- a/Makefile +++ b/Makefile @@ -59,12 +59,6 @@ uninstall: done endif -WARNING_BORDER =*******************************************************\n -NULL_ENTROPY_WARN_L1=**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! ****\n -NULL_ENTROPY_WARN_L2=**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES ****\n -NULL_ENTROPY_WARN_L3=**** AND IS *NOT* SUITABLE FOR PRODUCTION USE ****\n - -NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER) WARNING_BORDER_LONG =**********************************************************************************\n CTR_DRBG_128_BIT_KEY_WARN_L1=**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined! ****\n @@ -81,9 +75,6 @@ ifndef WINDOWS -scripts/config.py get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \ echo '$(CTR_DRBG_128_BIT_KEY_WARNING)' - # If NULL Entropy is configured, display an appropriate warning - -scripts/config.py get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \ - echo '$(NULL_ENTROPY_WARNING)' endif clean: diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 47b5de04dd..4a2d70f237 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -201,15 +201,6 @@ #endif #undef MBEDTLS_HAS_MEMSAN -#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \ - ( !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) ) -#error "MBEDTLS_TEST_NULL_ENTROPY defined, but not all prerequisites" -#endif -#if defined(MBEDTLS_TEST_NULL_ENTROPY) && \ - ( defined(MBEDTLS_ENTROPY_NV_SEED) || defined(MBEDTLS_ENTROPY_HARDWARE_ALT) ) -#error "MBEDTLS_TEST_NULL_ENTROPY defined, but entropy sources too" -#endif - #if defined(MBEDTLS_GCM_C) && ( \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) #error "MBEDTLS_GCM_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 603d985ae0..009a25ca9c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -527,23 +527,6 @@ //#define MBEDTLS_ECP_RANDOMIZE_MXZ_ALT //#define MBEDTLS_ECP_NORMALIZE_MXZ_ALT -/** - * \def MBEDTLS_TEST_NULL_ENTROPY - * - * Enables testing and use of mbed TLS without any configured entropy sources. - * This permits use of the library on platforms before an entropy source has - * been integrated (see for example the MBEDTLS_ENTROPY_HARDWARE_ALT or the - * MBEDTLS_ENTROPY_NV_SEED switches). - * - * WARNING! This switch MUST be disabled in production builds, and is suitable - * only for development. - * Enabling the switch negates any security provided by the library. - * - * Requires MBEDTLS_ENTROPY_C, MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - * - */ -//#define MBEDTLS_TEST_NULL_ENTROPY - /** * \def MBEDTLS_ENTROPY_HARDWARE_ALT * diff --git a/library/entropy.c b/library/entropy.c index c7ae97aa45..cc686282a6 100644 --- a/library/entropy.c +++ b/library/entropy.c @@ -21,12 +21,6 @@ #if defined(MBEDTLS_ENTROPY_C) -#if defined(MBEDTLS_TEST_NULL_ENTROPY) -#warning "**** WARNING! MBEDTLS_TEST_NULL_ENTROPY defined! " -#warning "**** THIS BUILD HAS NO DEFINED ENTROPY SOURCES " -#warning "**** THIS BUILD IS *NOT* SUITABLE FOR PRODUCTION USE " -#endif - #include "mbedtls/entropy.h" #include "entropy_poll.h" #include "mbedtls/platform_util.h" @@ -73,11 +67,6 @@ void mbedtls_entropy_init( mbedtls_entropy_context *ctx ) /* Reminder: Update ENTROPY_HAVE_STRONG in the test files * when adding more strong entropy sources here. */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - mbedtls_entropy_add_source( ctx, mbedtls_null_entropy_poll, NULL, - 1, MBEDTLS_ENTROPY_SOURCE_STRONG ); -#endif - #if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL, @@ -524,7 +513,6 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char * #endif /* MBEDTLS_FS_IO */ #if defined(MBEDTLS_SELF_TEST) -#if !defined(MBEDTLS_TEST_NULL_ENTROPY) /* * Dummy source function */ @@ -538,7 +526,6 @@ static int entropy_dummy_source( void *data, unsigned char *output, return( 0 ); } -#endif /* !MBEDTLS_TEST_NULL_ENTROPY */ #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) @@ -646,17 +633,14 @@ cleanup: int mbedtls_entropy_self_test( int verbose ) { int ret = 1; -#if !defined(MBEDTLS_TEST_NULL_ENTROPY) mbedtls_entropy_context ctx; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 }; size_t i, j; -#endif /* !MBEDTLS_TEST_NULL_ENTROPY */ if( verbose != 0 ) mbedtls_printf( " ENTROPY test: " ); -#if !defined(MBEDTLS_TEST_NULL_ENTROPY) mbedtls_entropy_init( &ctx ); /* First do a gather to make sure we have default sources */ @@ -704,7 +688,6 @@ int mbedtls_entropy_self_test( int verbose ) cleanup: mbedtls_entropy_free( &ctx ); -#endif /* !MBEDTLS_TEST_NULL_ENTROPY */ if( verbose != 0 ) { diff --git a/library/entropy_poll.c b/library/entropy_poll.c index e4ffe2bde5..e5d75c5b37 100644 --- a/library/entropy_poll.c +++ b/library/entropy_poll.c @@ -211,23 +211,6 @@ int mbedtls_platform_entropy_poll( void *data, #endif /* _WIN32 && !EFIX64 && !EFI32 */ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) -int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ) -{ - ((void) data); - ((void) output); - - *olen = 0; - if( len < sizeof(unsigned char) ) - return( 0 ); - - output[0] = 0; - *olen = sizeof(unsigned char); - return( 0 ); -} -#endif - #if defined(MBEDTLS_TIMING_C) int mbedtls_hardclock_poll( void *data, unsigned char *output, size_t len, size_t *olen ) diff --git a/library/entropy_poll.h b/library/entropy_poll.h index e12a134b54..9120fe5a0e 100644 --- a/library/entropy_poll.h +++ b/library/entropy_poll.h @@ -43,14 +43,6 @@ extern "C" { #define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */ #endif -/** - * \brief Entropy poll callback that provides 0 entropy. - */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - int mbedtls_null_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); -#endif - #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY) /** * \brief Platform-specific entropy poll callback diff --git a/library/version_features.c b/library/version_features.c index d2de8957d2..50dd5ac754 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -252,9 +252,6 @@ static const char * const features[] = { #if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", #endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - "MBEDTLS_TEST_NULL_ENTROPY", -#endif /* MBEDTLS_TEST_NULL_ENTROPY */ #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) "MBEDTLS_ENTROPY_HARDWARE_ALT", #endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 450e2fbbf0..e4205397e7 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -723,14 +723,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_NULL_ENTROPY */ - #if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 ) { diff --git a/scripts/config.py b/scripts/config.py index a77ead0544..a68b2a94fa 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -194,7 +194,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_SHA512_NO_SHA384', # removes a feature 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) - 'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature 'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS 'MBEDTLS_X509_REMOVE_INFO', # removes a feature ]) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a4d50c1f6a..78487692ed 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2072,21 +2072,6 @@ component_test_when_no_ciphersuites_have_mac () { if_build_succeeded tests/ssl-opt.sh -f 'Default\|EtM' -e 'without EtM' } -component_test_null_entropy () { - msg "build: default config with MBEDTLS_TEST_NULL_ENTROPY (ASan build)" - scripts/config.py set MBEDTLS_TEST_NULL_ENTROPY - scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - scripts/config.py set MBEDTLS_ENTROPY_C - scripts/config.py unset MBEDTLS_ENTROPY_NV_SEED - scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT - scripts/config.py unset MBEDTLS_ENTROPY_HARDWARE_ALT - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON . - make - - msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)" - make test -} - component_test_no_date_time () { msg "build: default config without MBEDTLS_HAVE_TIME_DATE" scripts/config.py unset MBEDTLS_HAVE_TIME_DATE diff --git a/tests/suites/helpers.function b/tests/suites/helpers.function index 27d92492b7..2ef07fa62b 100644 --- a/tests/suites/helpers.function +++ b/tests/suites/helpers.function @@ -87,11 +87,10 @@ jmp_buf jmp_tmp; /* Indicates whether we expect mbedtls_entropy_init * to initialize some strong entropy source. */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) || \ - ( !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ - ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ - defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ - defined(ENTROPY_NV_SEED) ) ) +#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \ + ( !defined(MBEDTLS_NO_PLATFORM_ENTROPY) || \ + defined(MBEDTLS_ENTROPY_HARDWARE_ALT) || \ + defined(ENTROPY_NV_SEED) ) #define ENTROPY_HAVE_STRONG #endif diff --git a/tests/suites/test_suite_entropy.data b/tests/suites/test_suite_entropy.data index 95bfe66e17..0b30bb8a5a 100644 --- a/tests/suites/test_suite_entropy.data +++ b/tests/suites/test_suite_entropy.data @@ -83,9 +83,4 @@ Check NV seed manually #3 entropy_nv_seed:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" Entropy self test -depends_on:!MBEDTLS_TEST_NULL_ENTROPY entropy_selftest:0 - -Entropy self test (MBEDTLS_TEST_NULL_ENTROPY) -depends_on:MBEDTLS_TEST_NULL_ENTROPY -entropy_selftest:1 diff --git a/tests/suites/test_suite_random.function b/tests/suites/test_suite_random.function index 37fa36ecd4..c532c8a3be 100644 --- a/tests/suites/test_suite_random.function +++ b/tests/suites/test_suite_random.function @@ -18,7 +18,7 @@ /* END_HEADER */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_CTR_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_CTR_DRBG_C */ void random_twice_with_ctr_drbg( ) { mbedtls_entropy_context entropy; @@ -57,7 +57,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:!MBEDTLS_TEST_NULL_ENTROPY:MBEDTLS_HMAC_DRBG_C */ +/* BEGIN_CASE depends_on:MBEDTLS_ENTROPY_C:MBEDTLS_HMAC_DRBG_C */ void random_twice_with_hmac_drbg( int md_type ) { mbedtls_entropy_context entropy; @@ -97,7 +97,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ void random_twice_with_psa_from_classic( ) { unsigned char output1[OUTPUT_SIZE]; @@ -123,7 +123,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_TEST_NULL_ENTROPY:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ +/* BEGIN_CASE depends_on:MBEDTLS_PSA_CRYPTO_C:!MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ void random_twice_with_psa_from_psa( ) { unsigned char output1[OUTPUT_SIZE]; From fba138a08a6fe0c4ed63073ffa91d2f1cff03595 Mon Sep 17 00:00:00 2001 From: David Horstmann Date: Tue, 11 May 2021 15:23:56 +0100 Subject: [PATCH 037/271] Remove buffer_size maximum from ssl_server2.c Signed-off-by: David Horstmann --- programs/ssl/ssl_server2.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 0b89b5573d..fa733c46a2 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -451,7 +451,7 @@ int main( void ) " server_port=%%d default: 4433\n" \ " debug_level=%%d default: 0 (disabled)\n" \ " buffer_size=%%d default: 200 \n" \ - " (minimum: 1, max: 16385)\n" \ + " (minimum: 1)\n" \ " response_size=%%d default: about 152 (basic response)\n" \ " (minimum: 0, max: 16384)\n" \ " increases buffer_size if bigger\n"\ @@ -1572,9 +1572,7 @@ int main( int argc, char *argv[] ) else if( strcmp( p, "buffer_size" ) == 0 ) { opt.buffer_size = atoi( q ); - if( opt.buffer_size < 1 || - ( opt.buffer_size > MBEDTLS_SSL_IN_CONTENT_LEN + 1 - && opt.buffer_size > MBEDTLS_SSL_OUT_CONTENT_LEN + 1 ) ) + if( opt.buffer_size < 1 ) goto usage; } else if( strcmp( p, "response_size" ) == 0 ) From 102c89ed65c2ada2b43fb40cd2b6f08b86cc89b7 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 12 May 2021 13:28:59 +0200 Subject: [PATCH 038/271] Remove the MBEDTLS_SSL_RECORD_CHECKING option Signed-off-by: TRodziewicz --- ChangeLog.d/issue4361.txt | 2 ++ include/mbedtls/config.h | 14 -------------- include/mbedtls/ssl.h | 2 -- library/ssl_msg.c | 2 -- library/version_features.c | 3 --- programs/ssl/ssl_test_common_source.c | 6 ------ programs/test/query_config.c | 8 -------- 7 files changed, 2 insertions(+), 35 deletions(-) create mode 100644 ChangeLog.d/issue4361.txt diff --git a/ChangeLog.d/issue4361.txt b/ChangeLog.d/issue4361.txt new file mode 100644 index 0000000000..670c8a6580 --- /dev/null +++ b/ChangeLog.d/issue4361.txt @@ -0,0 +1,2 @@ +Removals + * Remove the MBEDTLS_SSL_RECORD_CHECKING option. Fixes #4361. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 603d985ae0..aa69848c78 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1467,20 +1467,6 @@ */ #define MBEDTLS_SSL_ALL_ALERT_MESSAGES -/** - * \def MBEDTLS_SSL_RECORD_CHECKING - * - * Enable the function mbedtls_ssl_check_record() which can be used to check - * the validity and authenticity of an incoming record, to verify that it has - * not been seen before. These checks are performed without modifying the - * externally visible state of the SSL context. - * - * See mbedtls_ssl_check_record() for more information. - * - * Uncomment to enable support for record checking. - */ -#define MBEDTLS_SSL_RECORD_CHECKING - /** * \def MBEDTLS_SSL_DTLS_CONNECTION_ID * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 40814e660d..a47631c94f 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1795,7 +1795,6 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, */ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); -#if defined(MBEDTLS_SSL_RECORD_CHECKING) /** * \brief Check whether a buffer contains a valid and authentic record * that has not been seen before. (DTLS only). @@ -1843,7 +1842,6 @@ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ) int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, unsigned char *buf, size_t buflen ); -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ /** * \brief Set the timer callbacks (Mandatory for DTLS.) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 3956a67d27..c2fcdcbfd2 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -86,7 +86,6 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) return( 0 ); } -#if defined(MBEDTLS_SSL_RECORD_CHECKING) static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, unsigned char *buf, size_t len, @@ -150,7 +149,6 @@ exit: MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) ); return( ret ); } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ #define SSL_DONT_FORCE_FLUSH 0 #define SSL_FORCE_FLUSH 1 diff --git a/library/version_features.c b/library/version_features.c index d2de8957d2..b42fb29aa1 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -468,9 +468,6 @@ static const char * const features[] = { #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) "MBEDTLS_SSL_ALL_ALERT_MESSAGES", #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) - "MBEDTLS_SSL_RECORD_CHECKING", -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) "MBEDTLS_SSL_DTLS_CONNECTION_ID", #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index 73457a1390..fd7eacf6d8 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -159,7 +159,6 @@ int dtls_srtp_key_derivation( void *p_expkey, #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) int ssl_check_record( mbedtls_ssl_context const *ssl, unsigned char const *buf, size_t len ) { @@ -220,7 +219,6 @@ int ssl_check_record( mbedtls_ssl_context const *ssl, return( 0 ); } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ int recv_cb( void *ctx, unsigned char *buf, size_t len ) { @@ -241,10 +239,8 @@ int recv_cb( void *ctx, unsigned char *buf, size_t len ) /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) return( -1 ); -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ } return( (int) recv_len ); @@ -267,10 +263,8 @@ int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len, /* Here's the place to do any datagram/record checking * in between receiving the packet from the underlying * transport and passing it on to the TLS stack. */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 ) return( -1 ); -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ } return( (int) recv_len ); diff --git a/programs/test/query_config.c b/programs/test/query_config.c index 450e2fbbf0..cf7b3032f6 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1299,14 +1299,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( strcmp( "MBEDTLS_SSL_RECORD_CHECKING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RECORD_CHECKING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ - #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 ) { From 99914146a4a1eb6c147f348cf9a9f581882d88b8 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 6 May 2021 15:17:03 +0100 Subject: [PATCH 039/271] Preparatory commit to remove tests Removed a conditional compilation block relating to MBEDTLS_PKCS1_V15 in rsa_pkcs1_verify_raw function that was no longer relevant. Signed-off-by: Thomas Daubney --- include/mbedtls/pk.h | 2 +- library/pk_wrap.c | 2 +- tests/suites/test_suite_pk.function | 5 +- tests/suites/test_suite_pkcs1_v15.data | 76 ++++------------------ tests/suites/test_suite_pkcs1_v15.function | 12 +--- tests/suites/test_suite_rsa.function | 30 --------- tests/suites/test_suite_x509write.function | 5 +- 7 files changed, 25 insertions(+), 107 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 67cbb380b0..093b3bc6d6 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -229,7 +229,7 @@ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) /** * \brief Types for RSA-alt abstraction */ -typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, +typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ); typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, diff --git a/library/pk_wrap.c b/library/pk_wrap.c index bf9d4c5f83..3663fb8488 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -788,7 +788,7 @@ static int rsa_alt_decrypt_wrap( void *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( rsa_alt->decrypt_func( rsa_alt->key, - MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); + olen, input, output, osize ) ); } #if defined(MBEDTLS_RSA_C) diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index bc469b68db..9408bb8d5d 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -60,12 +60,13 @@ static int pk_genkey( mbedtls_pk_context *pk, int parameter ) } #if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, +int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ) { return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, mode, + mbedtls_test_rnd_std_rand, NULL, + MBEDTLS_RSA_PRIVATE, olen, input, output, output_max_len ) ); } int mbedtls_rsa_sign_func( void *ctx, diff --git a/tests/suites/test_suite_pkcs1_v15.data b/tests/suites/test_suite_pkcs1_v15.data index b4cf09a57e..32dd2181fa 100644 --- a/tests/suites/test_suite_pkcs1_v15.data +++ b/tests/suites/test_suite_pkcs1_v15.data @@ -41,91 +41,43 @@ RSASSA-V15 Verification Test Vector Int pkcs1_rsassa_v15_verify:1024:16:"a2ba40ee07e3b2bd2f02ce227f36a195024486e49c19cb41bbbdfbba98b22b0e577c2eeaffa20d883a76e65e394c69d4b3c05a1e8fadda27edb2a42bc000fe888b9b32c22d15add0cd76b3e7936e19955b220dd17d4ea904b1ec102b2e4de7751222aa99151024c7cb41cc5ea21d00eeb41f7c800834d2c6e06bce3bce7ea9a5":16:"010001":MBEDTLS_MD_SHA1:MBEDTLS_MD_SHA1:"859eef2fd78aca00308bdc471193bf55bf9d78db8f8a672b484634f3c9c26e6478ae10260fe0dd8c082e53a5293af2173cd50c6d5d354febf78b26021c25c02712e78cd4694c9f469777e451e7f8e9e04cd3739c6bbfedae487fb55644e9ca74ff77a53cb729802f6ed4a5ffa8ba159890fc":"e3b5d5d002c1bce50c2b65ef88a188d83bce7e61":"2154f928615e5101fcdeb57bc08fc2f35c3d5996403861ae3efb1d0712f8bb05cc21f7f5f11f62e5b6ea9f0f2b62180e5cbe7ba535032d6ac8068fff7f362f73d2c3bf5eca6062a1723d7cfd5abb6dcf7e405f2dc560ffe6fc37d38bee4dc9e24fe2bece3e3b4a3f032701d3f0947b42930083dd4ad241b3309b514595482d42":0 RSAES-V15 decoding: good, payload=max, tight output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:117:0 +pkcs1_v15_decode:"0002505152535455565700":117:117:0 RSAES-V15 decoding: good, payload=max, larger output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:128:0 +pkcs1_v15_decode:"0002505152535455565700":117:128:0 RSAES-V15 decoding: good, payload=max-1, tight output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:116:0 +pkcs1_v15_decode:"000250515253545556575800":116:116:0 RSAES-V15 decoding: good, payload=max-1, larger output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:117:0 +pkcs1_v15_decode:"000250515253545556575800":116:117:0 RSAES-V15 decoding: good, payload=1 -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"00025050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":1:1:0 +pkcs1_v15_decode:"00025050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":1:1:0 RSAES-V15 decoding: good, empty payload -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":0:0:0 +pkcs1_v15_decode:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505000":0:0:0 RSAES-V15 decoding: payload=max, output too large -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505152535455565700":117:116:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE +pkcs1_v15_decode:"0002505152535455565700":117:116:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE RSAES-V15 decoding: payload=max-1, output too large -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000250515253545556575800":116:115:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE +pkcs1_v15_decode:"000250515253545556575800":116:115:MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE RSAES-V15 decoding: bad first byte -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0102505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_v15_decode:"0102505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 decoding: bad second byte (0 instead of 2) -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0000505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_v15_decode:"0000505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 decoding: bad second byte (1 instead of 2) -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0001505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_v15_decode:"0001505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 decoding: padding too short (0) -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"000200":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_v15_decode:"000200":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 decoding: padding too short (7) -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050500000ffffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_v15_decode:"0002505050505050500000ffffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING RSAES-V15 decoding: unfinished padding -pkcs1_v15_decode:MBEDTLS_RSA_PRIVATE:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: good, payload=max, tight output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffff00":117:117:0 - -EMSA-V15 decoding: good, payload=max, larger output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffff00":117:128:0 - -EMSA-V15 decoding: good, payload=max-1, tight output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffff00":116:116:0 - -EMSA-V15 decoding: good, payload=max-1, larger output buffer -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffff00":116:117:0 - -EMSA-V15 decoding: good, payload=1 -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":1:1:0 - -EMSA-V15 decoding: good, empty payload -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff00":0:0:0 - -EMSA-V15 decoding: bad first byte -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0101ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: bad second byte (0 instead of 1) -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0000ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: bad second byte (2 instead of 1) -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0002ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: padding too short (0) -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"000100":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: padding too short (7) -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffff0000ffffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: invalid padding at first byte -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001fffffffffffffffe00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: invalid padding at last byte -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001feffffffffffffff00":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: unfinished padding -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: unfinished padding with invalid first byte -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING - -EMSA-V15 decoding: unfinished padding with invalid last byte -pkcs1_v15_decode:MBEDTLS_RSA_PUBLIC:"0001fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING +pkcs1_v15_decode:"0002505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050505050":0:42:MBEDTLS_ERR_RSA_INVALID_PADDING diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 068027b0e9..273c6044e5 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -116,8 +116,7 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void pkcs1_v15_decode( int mode, - data_t *input, +void pkcs1_v15_decode( data_t *input, int expected_plaintext_length_arg, int output_size_arg, int expected_result ) @@ -207,17 +206,12 @@ void pkcs1_v15_decode( int mode, TEST_ASSERT( input->len <= sizeof( N ) ); memcpy( original, input->x, input->len ); memset( original + input->len, 'd', sizeof( original ) - input->len ); - if( mode == MBEDTLS_RSA_PRIVATE ) - TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 ); - else - TEST_ASSERT( mbedtls_rsa_private( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, original, - intermediate ) == 0 ); + TEST_ASSERT( mbedtls_rsa_public( &ctx, original, intermediate ) == 0 ); memcpy( final, default_content, sizeof( final ) ); TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, mode, &output_length, + &rnd_info, MBEDTLS_RSA_PRIVATE, &output_length, intermediate, final, output_size ) == expected_result ); if( expected_result == 0 ) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f4b3226542..516b3a08f5 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -697,36 +697,6 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); -#if defined(MBEDTLS_PKCS1_V15) - /* For PKCS#1 v1.5, there is an alternative way to verify signatures */ - if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) - { - int res; - int ok; - size_t olen; - - res = mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, - NULL, NULL, MBEDTLS_RSA_PUBLIC, - &olen, result_str->x, output, sizeof( output ) ); - -#if !defined(MBEDTLS_RSA_ALT) - TEST_ASSERT( res == 0 ); -#else - TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) ); -#endif - - if( res == 0 ) - { - ok = olen == hash_result->len && memcmp( output, hash_result->x, olen ) == 0; - if( correct == 0 ) - TEST_ASSERT( ok == 1 ); - else - TEST_ASSERT( ok == 0 ); - } - } -#endif /* MBEDTLS_PKCS1_V15 */ - exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); mbedtls_rsa_free( &ctx ); diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 59ea17b2c5..234ef4510f 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -7,11 +7,12 @@ #include "mbedtls/rsa.h" #if defined(MBEDTLS_RSA_C) -int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen, +int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ) { - return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, + return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, + MBEDTLS_RSA_PRIVATE, olen, input, output, output_max_len ) ); } int mbedtls_rsa_sign_func( void *ctx, From e42a50da04105827b6dc1d171c4b0a2a55e820a5 Mon Sep 17 00:00:00 2001 From: eugene Date: Wed, 12 May 2021 12:33:36 -0400 Subject: [PATCH 040/271] use proper formatting macros when using MinGW provided stdio add changelog entry Signed-off-by: eugene --- ChangeLog.d/fix-mingw-build.txt | 4 ++++ include/mbedtls/debug.h | 13 +++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) create mode 100644 ChangeLog.d/fix-mingw-build.txt diff --git a/ChangeLog.d/fix-mingw-build.txt b/ChangeLog.d/fix-mingw-build.txt new file mode 100644 index 0000000000..b5255beb38 --- /dev/null +++ b/ChangeLog.d/fix-mingw-build.txt @@ -0,0 +1,4 @@ +Changes + * fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on. + When that flag is on, standard GNU C printf format specifiers should be used. + diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h index c8d4403d80..71b08295d6 100644 --- a/include/mbedtls/debug.h +++ b/include/mbedtls/debug.h @@ -98,8 +98,13 @@ */ #if defined(__has_attribute) #if __has_attribute(format) +#if defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ - __attribute__((format (printf, string_index, first_to_check))) + __attribute__((__format__ (gnu_printf, string_index, first_to_check))) +#else /* defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 1 */ +#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) \ + __attribute__((format(printf, string_index, first_to_check))) +#endif #else /* __has_attribute(format) */ #define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check) #endif /* __has_attribute(format) */ @@ -119,14 +124,14 @@ * * This module provides debugging functions. */ -#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1800) +#if (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) #include #define MBEDTLS_PRINTF_SIZET PRIuPTR #define MBEDTLS_PRINTF_LONGLONG "I64d" -#else /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#else /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #define MBEDTLS_PRINTF_SIZET "zu" #define MBEDTLS_PRINTF_LONGLONG "lld" -#endif /* defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER < 1800) */ +#endif /* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */ #ifdef __cplusplus extern "C" { From c7feaf349ce3ad00ef478d0f69915c39061d3212 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 7 May 2021 14:02:43 +0100 Subject: [PATCH 041/271] Remove mode param from mbedtls_rsa_pkcs1_decrypt The mode parameter has been removed from the mbedtls_rsa_pkcs1_decrypt function. The change has been progagated to all function calls, including in test suite .function files. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 16 ++++------------ library/pk_wrap.c | 2 +- library/psa_crypto.c | 1 - library/rsa.c | 10 ++++------ programs/pkey/rsa_decrypt.c | 2 +- tests/suites/test_suite_pk.function | 1 - tests/suites/test_suite_pkcs1_v15.function | 5 ++--- tests/suites/test_suite_pkcs1_v21.function | 2 -- tests/suites/test_suite_rsa.function | 14 +++++--------- tests/suites/test_suite_x509write.function | 3 +-- 10 files changed, 18 insertions(+), 38 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 38784fc5a5..93dd7255e4 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -705,7 +705,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * message padding. * * It is the generic wrapper for performing a PKCS#1 decryption - * operation using the \p mode from the context. + * operation. * * \note The output buffer length \c output_max_len should be * as large as the size \p ctx->len of \p ctx->N (for example, @@ -714,24 +714,16 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * hold the decryption of the particular ciphertext provided, * the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PRIVATE. * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. If \p mode is - * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param f_rng The RNG function. This is used for blinding and should + * be provided; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng is \c NULL or doesn't need a context. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param olen The address at which to store the length of * the plaintext. This must not be \c NULL. * \param input The ciphertext buffer. This must be a readable buffer @@ -747,7 +739,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t *olen, + size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ); diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 3663fb8488..8e4f251231 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -135,7 +135,7 @@ static int rsa_decrypt_wrap( void *ctx, return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng, - MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); + olen, input, output, osize ) ); } static int rsa_encrypt_wrap( void *ctx, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c153217908..8f0b62c26a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3171,7 +3171,6 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, mbedtls_rsa_pkcs1_decrypt( rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, output_length, input, output, diff --git a/library/rsa.c b/library/rsa.c index 209273e090..502fe8654e 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1763,14 +1763,12 @@ cleanup: int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t *olen, + size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len) { RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); RSA_VALIDATE_RET( input != NULL ); RSA_VALIDATE_RET( olen != NULL ); @@ -1779,13 +1777,13 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, mode, olen, + return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, olen, input, output, output_max_len ); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, mode, NULL, 0, + return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, NULL, 0, olen, input, output, output_max_len ); #endif @@ -2733,7 +2731,7 @@ int mbedtls_rsa_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n PKCS#1 decryption : " ); - if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PRIVATE, + if( mbedtls_rsa_pkcs1_decrypt( &rsa, myrand, NULL, &len, rsa_ciphertext, rsa_decrypted, sizeof(rsa_decrypted) ) != 0 ) { diff --git a/programs/pkey/rsa_decrypt.c b/programs/pkey/rsa_decrypt.c index 01bf3a621a..1ba8c735db 100644 --- a/programs/pkey/rsa_decrypt.c +++ b/programs/pkey/rsa_decrypt.c @@ -177,7 +177,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); ret = mbedtls_rsa_pkcs1_decrypt( &rsa, mbedtls_ctr_drbg_random, - &ctr_drbg, MBEDTLS_RSA_PRIVATE, &i, + &ctr_drbg, &i, buf, result, 1024 ); if( ret != 0 ) { diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 9408bb8d5d..b81bd7be47 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -66,7 +66,6 @@ int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, { return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, mbedtls_test_rnd_std_rand, NULL, - MBEDTLS_RSA_PRIVATE, olen, input, output, output_max_len ) ); } int mbedtls_rsa_sign_func( void *ctx, diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 273c6044e5..b03bddac68 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -89,7 +89,6 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info, - MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, NULL, 0 ) == result ); } @@ -97,7 +96,7 @@ void pkcs1_rsaes_v15_decrypt( int mod, int radix_P, char * input_P, { TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, + &rnd_info, &output_len, message_str->x, output, 1000 ) == result ); if( result == 0 ) @@ -211,7 +210,7 @@ void pkcs1_v15_decode( data_t *input, memcpy( final, default_content, sizeof( final ) ); TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, &output_length, + &rnd_info, &output_length, intermediate, final, output_size ) == expected_result ); if( expected_result == 0 ) diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 97f440d28d..2e7f3399db 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -85,7 +85,6 @@ void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info, - MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, NULL, 0 ) == result ); } @@ -94,7 +93,6 @@ void pkcs1_rsaes_oaep_decrypt( int mod, data_t * input_P, data_t * input_Q, TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, &rnd_info, - MBEDTLS_RSA_PRIVATE, &output_len, message_str->x, output, sizeof( output ) ) == result ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 516b3a08f5..1313f55a4f 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -180,23 +180,19 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_decrypt( NULL, NULL, NULL, - valid_mode, &olen, + &olen, buf, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - invalid_mode, &olen, + NULL, buf, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, &olen, + &olen, NULL, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_decrypt( &ctx, NULL, NULL, - valid_mode, &olen, + &olen, buf, NULL, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, @@ -823,7 +819,7 @@ void mbedtls_rsa_pkcs1_decrypt( data_t * message_str, int padding_mode, output_len = 0; TEST_ASSERT( mbedtls_rsa_pkcs1_decrypt( &ctx, mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, + &rnd_info, &output_len, message_str->x, output, max_output ) == result ); if( result == 0 ) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 234ef4510f..04ea69b1a6 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -12,8 +12,7 @@ int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, size_t output_max_len ) { return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, olen, - input, output, output_max_len ) ); + olen, input, output, output_max_len ) ); } int mbedtls_rsa_sign_func( void *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, From d21e0b780a178eaca6b2a897595c50c165a8570f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 6 May 2021 11:41:09 +0100 Subject: [PATCH 042/271] Remove mode parameter from mbedtls_rsa_rsaes_oaep_decrypt function Removing the mode parameter from the mbedtls_rsa_rsaes_oaep_decrypt function. The change is progagated to all function calls, including in test suite .function files. Additionally fully removing one test where the wrong mode was being tested. Signed-off-by: Tom Daubney Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 14 ++------------ library/psa_crypto.c | 1 - library/rsa.c | 11 +++-------- tests/suites/test_suite_rsa.function | 10 ---------- 4 files changed, 5 insertions(+), 31 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 93dd7255e4..c366623bcf 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -806,24 +806,15 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * ciphertext provided, the function returns * #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PRIVATE. - * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. If \p mode is - * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param f_rng The RNG function. This is used for blinding and should + * be provided; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng is \c NULL or doesn't need a context. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param label The buffer holding the custom label to use. * This must be a readable buffer of length \p label_len * Bytes. It may be \c NULL if \p label_len is \c 0. @@ -843,7 +834,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 8f0b62c26a..64ead5b6ed 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3186,7 +3186,6 @@ psa_status_t psa_asymmetric_decrypt( mbedtls_svc_key_id_t key, mbedtls_rsa_rsaes_oaep_decrypt( rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, salt, salt_length, output_length, input, diff --git a/library/rsa.c b/library/rsa.c index 502fe8654e..bef30026fa 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1353,7 +1353,6 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, const unsigned char *label, size_t label_len, size_t *olen, const unsigned char *input, @@ -1370,8 +1369,6 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); RSA_VALIDATE_RET( label_len == 0 || label != NULL ); RSA_VALIDATE_RET( input != NULL ); @@ -1380,7 +1377,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, /* * Parameters sanity checks */ - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) + if( ctx->padding != MBEDTLS_RSA_PKCS_V21 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); ilen = ctx->len; @@ -1401,9 +1398,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, /* * RSA operation */ - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, input, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); if( ret != 0 ) goto cleanup; @@ -1783,7 +1778,7 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, NULL, 0, + return mbedtls_rsa_rsaes_oaep_decrypt( ctx, f_rng, p_rng, NULL, 0, olen, input, output, output_max_len ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 1313f55a4f..95881efb23 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -223,31 +223,21 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_decrypt( NULL, NULL, NULL, - valid_mode, buf, sizeof( buf ), &olen, buf, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - invalid_mode, - buf, sizeof( buf ), - &olen, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, NULL, sizeof( buf ), NULL, buf, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, buf, sizeof( buf ), &olen, NULL, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_decrypt( &ctx, NULL, NULL, - valid_mode, buf, sizeof( buf ), &olen, buf, NULL, 42 ) ); From 3473308b5d326011a96054b12a132b4f058ca332 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 12 May 2021 09:24:29 +0100 Subject: [PATCH 043/271] Remove mode param from mbedtls_rsa_rsaes_pkcs1_v15_decrypt Remove mode param from mbedtls_rsa_rsaes_pkcs1_v15_decrypt and also modify and remove relevant tests. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 15 ++------- library/rsa.c | 49 ++++++++-------------------- tests/suites/test_suite_rsa.function | 17 +++------- 3 files changed, 21 insertions(+), 60 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index c366623bcf..a4ef488609 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -755,24 +755,15 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * hold the decryption of the particular ciphertext provided, * the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PRIVATE. - * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PUBLIC and might instead * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. If \p mode is - * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param f_rng The RNG function. This is used for blinding and should + * be provided; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng is \c NULL or doesn't need a context. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param olen The address at which to store the length of * the plaintext. This must not be \c NULL. * \param input The ciphertext buffer. This must be a readable buffer @@ -789,7 +780,7 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t *olen, + size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ); diff --git a/library/rsa.c b/library/rsa.c index bef30026fa..6761fbdb79 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1586,7 +1586,7 @@ static void mem_move_to_left( void *start, int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t *olen, + size_t *olen, const unsigned char *input, unsigned char *output, size_t output_max_len ) @@ -1611,8 +1611,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, unsigned output_too_large; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( output_max_len == 0 || output != NULL ); RSA_VALIDATE_RET( input != NULL ); RSA_VALIDATE_RET( olen != NULL ); @@ -1622,15 +1620,13 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, ilen - 11 : output_max_len ); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) + if( ctx->padding != MBEDTLS_RSA_PKCS_V15 ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); if( ilen < 16 || ilen > sizeof( buf ) ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, input, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); + ret = mbedtls_rsa_private( ctx, f_rng, p_rng, input, buf ); if( ret != 0 ) goto cleanup; @@ -1639,37 +1635,20 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * memory trace. The first byte must be 0. */ bad |= buf[0]; - if( mode == MBEDTLS_RSA_PRIVATE ) - { - /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 - * where PS must be at least 8 nonzero bytes. */ - bad |= buf[1] ^ MBEDTLS_RSA_CRYPT; - /* Read the whole buffer. Set pad_done to nonzero if we find - * the 0x00 byte and remember the padding length in pad_count. */ - for( i = 2; i < ilen; i++ ) - { - pad_done |= ((buf[i] | (unsigned char)-buf[i]) >> 7) ^ 1; - pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; - } - } - else - { - /* Decode EMSA-PKCS1-v1_5 padding: 0x00 || 0x01 || PS || 0x00 - * where PS must be at least 8 bytes with the value 0xFF. */ - bad |= buf[1] ^ MBEDTLS_RSA_SIGN; + /* Decode EME-PKCS1-v1_5 padding: 0x00 || 0x02 || PS || 0x00 + * where PS must be at least 8 nonzero bytes. */ + bad |= buf[1] ^ MBEDTLS_RSA_CRYPT; - /* Read the whole buffer. Set pad_done to nonzero if we find - * the 0x00 byte and remember the padding length in pad_count. - * If there's a non-0xff byte in the padding, the padding is bad. */ - for( i = 2; i < ilen; i++ ) - { - pad_done |= if_int( buf[i], 0, 1 ); - pad_count += if_int( pad_done, 0, 1 ); - bad |= if_int( pad_done, 0, buf[i] ^ 0xFF ); - } + /* Read the whole buffer. Set pad_done to nonzero if we find + * the 0x00 byte and remember the padding length in pad_count. */ + for( i = 2; i < ilen; i++ ) + { + pad_done |= ((buf[i] | (unsigned char)-buf[i]) >> 7) ^ 1; + pad_count += ((pad_done | (unsigned char)-pad_done) >> 7) ^ 1; } + /* If pad_done is still zero, there's no data, only unfinished padding. */ bad |= if_int( pad_done, 0, 1 ); @@ -1772,7 +1751,7 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, olen, + return mbedtls_rsa_rsaes_pkcs1_v15_decrypt( ctx, f_rng, p_rng, olen, input, output, output_max_len ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 95881efb23..1182cc6e69 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -197,28 +197,19 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_decrypt( NULL, NULL, - NULL, - valid_mode, &olen, + NULL, &olen, buf, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - invalid_mode, &olen, + NULL, NULL, buf, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, NULL, - buf, buf, 42 ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, &olen, + NULL, &olen, NULL, buf, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_decrypt( &ctx, NULL, - NULL, - valid_mode, &olen, + NULL, &olen, buf, NULL, 42 ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, From b46d1a74f92b8873be59f93873a3cccc1a905f22 Mon Sep 17 00:00:00 2001 From: eugene Date: Wed, 12 May 2021 14:36:24 -0400 Subject: [PATCH 044/271] fix changelog entry Signed-off-by: eugene --- ChangeLog.d/fix-mingw-build.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/fix-mingw-build.txt b/ChangeLog.d/fix-mingw-build.txt index b5255beb38..383b1c7fd4 100644 --- a/ChangeLog.d/fix-mingw-build.txt +++ b/ChangeLog.d/fix-mingw-build.txt @@ -1,4 +1,5 @@ Changes * fix build failure on MinGW toolchain when __USE_MING_ANSI_STDIO is on. - When that flag is on, standard GNU C printf format specifiers should be used. + When that flag is on, standard GNU C printf format specifiers + should be used. From e02e02f203e3f71e04b53e95fcd7c535940b48aa Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 May 2021 00:22:35 +0200 Subject: [PATCH 045/271] Change sha512 output type from an array to a pointer The output parameter of mbedtls_sha512_finish_ret and mbedtls_sha512_ret now has a pointer type rather than array type. This removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer. Signed-off-by: Gilles Peskine --- ChangeLog.d/sha512-output-type.txt | 5 +++++ docs/3.0-migration-guide.d/sha512-output-type.md | 8 ++++++++ include/mbedtls/sha512.h | 10 ++++++---- library/sha512.c | 4 ++-- 4 files changed, 21 insertions(+), 6 deletions(-) create mode 100644 ChangeLog.d/sha512-output-type.txt create mode 100644 docs/3.0-migration-guide.d/sha512-output-type.md diff --git a/ChangeLog.d/sha512-output-type.txt b/ChangeLog.d/sha512-output-type.txt new file mode 100644 index 0000000000..e29557c9d5 --- /dev/null +++ b/ChangeLog.d/sha512-output-type.txt @@ -0,0 +1,5 @@ +API changes + * The output parameter of mbedtls_sha512_finish_ret and mbedtls_sha512_ret + now has a pointer type rather than array type. This removes spurious + warnings in some compilers when outputting a SHA-384 hash into a + 48-byte buffer. diff --git a/docs/3.0-migration-guide.d/sha512-output-type.md b/docs/3.0-migration-guide.d/sha512-output-type.md new file mode 100644 index 0000000000..5a7d2053c4 --- /dev/null +++ b/docs/3.0-migration-guide.d/sha512-output-type.md @@ -0,0 +1,8 @@ +SHA-512 output type change +-------------------------- + +The output parameter of `mbedtls_sha512_finish_ret()` and `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer. + +This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. + +Alternative implementations of the SHA512 module must adjust their functions' prototype accordingly. diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 56cefe1bd0..2852273140 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -134,13 +134,14 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * \param ctx The SHA-512 context. This must be initialized * and have a hash operation started. * \param output The SHA-384 or SHA-512 checksum result. - * This must be a writable buffer of length \c 64 Bytes. + * This must be a writable buffer of length \c 64 bytes + * for SHA-512, 48 bytes for SHA-384. * * \return \c 0 on success. * \return A negative error code on failure. */ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ); + unsigned char *output ); /** * \brief This function processes a single data block within @@ -171,7 +172,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * a readable buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. - * This must be a writable buffer of length \c 64 Bytes. + * This must be a writable buffer of length \c 64 bytes + * for SHA-512, 48 bytes for SHA-384. * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * @@ -184,7 +186,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, */ int mbedtls_sha512_ret( const unsigned char *input, size_t ilen, - unsigned char output[64], + unsigned char *output, int is384 ); #if defined(MBEDTLS_SELF_TEST) diff --git a/library/sha512.c b/library/sha512.c index 75306298fd..7d53731d08 100644 --- a/library/sha512.c +++ b/library/sha512.c @@ -380,7 +380,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * SHA-512 final digest */ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, - unsigned char output[64] ) + unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned used; @@ -453,7 +453,7 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, */ int mbedtls_sha512_ret( const unsigned char *input, size_t ilen, - unsigned char output[64], + unsigned char *output, int is384 ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 3e3a6789d12571000df91f4e5ef3549a6cd5733c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 May 2021 00:26:17 +0200 Subject: [PATCH 046/271] Remove a kludge for the output size of mbedtls_sha512_finish_ret Remove a kludge to avoid a warning in GCC 11 when calling mbedtls_sha512_finish_ret with a 48-byte output buffer. This is correct since we're calculating SHA-384. When mbedtls_sha512_finish_ret's output parameter was declared as a 64-byte array, GCC 11 -Wstringop-overflow emitted a well-meaning, but inaccurate buffer overflow warning, which we tried to work around (successfully with beta releases but unsuccessfully with GCC 11.1.0 as released). Now that the output parameter is declared as a pointer, no workaround is necessary. Signed-off-by: Gilles Peskine --- library/ssl_tls.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc2f269a9c..bae9ed70ca 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2897,8 +2897,6 @@ static void ssl_calc_finished_tls_sha256( #if defined(MBEDTLS_SHA512_C) -typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*); - static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *ssl, unsigned char *buf, int from ) { @@ -2957,13 +2955,7 @@ static void ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *) sha512.state, sizeof( sha512.state ) ); #endif - /* - * For SHA-384, we can save 16 bytes by keeping padbuf 48 bytes long. - * However, to avoid stringop-overflow warning in gcc, we have to cast - * mbedtls_sha512_finish_ret(). - */ - finish_sha384_t finish = (finish_sha384_t)mbedtls_sha512_finish_ret; - finish( &sha512, padbuf ); + mbedtls_sha512_finish_ret( &sha512, padbuf ); mbedtls_sha512_free( &sha512 ); #endif From d7b3d9247602fe5d5015a759d4f3867f28ac22a8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 13 May 2021 00:45:25 +0200 Subject: [PATCH 047/271] Change sha256 output type from an array to a pointer The output parameter of mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type rather than array type. This removes spurious warnings in some compilers when outputting a SHA-224 hash into a 28-byte buffer. Signed-off-by: Gilles Peskine --- ChangeLog.d/sha512-output-type.txt | 9 +++++---- docs/3.0-migration-guide.d/sha512-output-type.md | 6 +++--- include/mbedtls/sha256.h | 12 +++++++----- library/sha256.c | 4 ++-- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/ChangeLog.d/sha512-output-type.txt b/ChangeLog.d/sha512-output-type.txt index e29557c9d5..eabc67df70 100644 --- a/ChangeLog.d/sha512-output-type.txt +++ b/ChangeLog.d/sha512-output-type.txt @@ -1,5 +1,6 @@ API changes - * The output parameter of mbedtls_sha512_finish_ret and mbedtls_sha512_ret - now has a pointer type rather than array type. This removes spurious - warnings in some compilers when outputting a SHA-384 hash into a - 48-byte buffer. + * The output parameter of mbedtls_sha512_finish_ret, mbedtls_sha512_ret, + mbedtls_sha256_finish_ret and mbedtls_sha256_ret now has a pointer type + rather than array type. This removes spurious warnings in some compilers + when outputting a SHA-384 or SHA-224 hash into a buffer of exactly + the hash size. diff --git a/docs/3.0-migration-guide.d/sha512-output-type.md b/docs/3.0-migration-guide.d/sha512-output-type.md index 5a7d2053c4..c62a881598 100644 --- a/docs/3.0-migration-guide.d/sha512-output-type.md +++ b/docs/3.0-migration-guide.d/sha512-output-type.md @@ -1,8 +1,8 @@ -SHA-512 output type change +SHA-512 and SHA-256 output type change -------------------------- -The output parameter of `mbedtls_sha512_finish_ret()` and `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer. +The output parameter of `mbedtls_sha256_finish_ret()`, `mbedtls_sha256_ret()`, `mbedtls_sha512_finish_ret()`, `mbedtls_sha512_ret()` now has a pointer type rather than array type. This makes no difference in terms of C semantics, but removes spurious warnings in some compilers when outputting a SHA-384 hash into a 48-byte buffer or a SHA-224 hash into a 28-byte buffer. This makes no difference to a vast majority of applications. If your code takes a pointer to one of these functions, you may need to change the type of the pointer. -Alternative implementations of the SHA512 module must adjust their functions' prototype accordingly. +Alternative implementations of the SHA256 and SHA512 modules must adjust their functions' prototype accordingly. diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 9b8d91d1ca..1100869520 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -127,13 +127,14 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * \param ctx The SHA-256 context. This must be initialized * and have a hash operation started. * \param output The SHA-224 or SHA-256 checksum result. - * This must be a writable buffer of length \c 32 Bytes. + * This must be a writable buffer of length \c 32 bytes + * for SHA-256, 28 bytes for SHA-224. * * \return \c 0 on success. * \return A negative error code on failure. */ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ); + unsigned char *output ); /** * \brief This function processes a single data block within @@ -163,14 +164,15 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param input The buffer holding the data. This must be a readable * buffer of length \p ilen Bytes. * \param ilen The length of the input data in Bytes. - * \param output The SHA-224 or SHA-256 checksum result. This must - * be a writable buffer of length \c 32 Bytes. + * \param output The SHA-224 or SHA-256 checksum result. + * This must be a writable buffer of length \c 32 bytes + * for SHA-256, 28 bytes for SHA-224. * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ int mbedtls_sha256_ret( const unsigned char *input, size_t ilen, - unsigned char output[32], + unsigned char *output, int is224 ); #if defined(MBEDTLS_SELF_TEST) diff --git a/library/sha256.c b/library/sha256.c index a94f325e8b..36ab0c1aa8 100644 --- a/library/sha256.c +++ b/library/sha256.c @@ -332,7 +332,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * SHA-256 final digest */ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, - unsigned char output[32] ) + unsigned char *output ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; uint32_t used; @@ -401,7 +401,7 @@ int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx, */ int mbedtls_sha256_ret( const unsigned char *input, size_t ilen, - unsigned char output[32], + unsigned char *output, int is224 ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; From 21d4bdbb39933e7a568087d123bccb069290c59b Mon Sep 17 00:00:00 2001 From: Micah N Gorrell Date: Wed, 12 May 2021 17:41:24 -0600 Subject: [PATCH 048/271] Add OID for User ID Signed-off-by: Micah N Gorrell --- include/mbedtls/oid.h | 1 + library/oid.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h index 4198eb1071..739a42fb25 100644 --- a/include/mbedtls/oid.h +++ b/include/mbedtls/oid.h @@ -145,6 +145,7 @@ #define MBEDTLS_OID_AT_DN_QUALIFIER MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ #define MBEDTLS_OID_AT_PSEUDONYM MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ +#define MBEDTLS_OID_UID "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x01" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) uid(1)} */ #define MBEDTLS_OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */ /* diff --git a/library/oid.c b/library/oid.c index 14a1a92fe0..472c038816 100644 --- a/library/oid.c +++ b/library/oid.c @@ -237,6 +237,10 @@ static const oid_x520_attr_t oid_x520_attr_type[] = OID_DESCRIPTOR( MBEDTLS_OID_AT_PSEUDONYM, "id-at-pseudonym", "Pseudonym" ), "pseudonym", }, + { + OID_DESCRIPTOR( MBEDTLS_OID_UID, "id-uid", "User Id" ), + "uid", + }, { OID_DESCRIPTOR( MBEDTLS_OID_DOMAIN_COMPONENT, "id-domainComponent", "Domain component" ), "DC", From f6e09c6f831a7504dcf93266e1bb56ac5d3605df Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 13 May 2021 06:12:38 +0100 Subject: [PATCH 049/271] Don't use ssl_check_xxx() for functions with void return Signed-off-by: Hanno Becker --- library/ssl_srv.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 7bdad3d0de..bdfdebc9a4 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2765,7 +2765,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -static void ssl_check_id_based_session_resumption( mbedtls_ssl_context *ssl ) +static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) { int ret; mbedtls_ssl_session session_tmp; @@ -2883,7 +2883,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); - ssl_check_id_based_session_resumption( ssl ); + ssl_handle_id_based_session_resumption( ssl ); if( ssl->handshake->resume == 0 ) { From 7ad77963d17fdbe84e92459d0567caff6929e8db Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 13 May 2021 06:13:34 +0100 Subject: [PATCH 050/271] Use shorthand local variable for session under negotiation Signed-off-by: Hanno Becker --- library/ssl_srv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index bdfdebc9a4..196f69de7d 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2775,7 +2775,7 @@ static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) * It may be already set to 1 by ssl_parse_session_ticket_ext(). */ if( ssl->handshake->resume == 1 ) return; - if( ssl->session_negotiate->id_len == 0 ) + if( session->id_len == 0 ) return; if( ssl->conf->f_get_cache == NULL ) return; From df5640262324ebe8c1bd0445e35ab7811caa6214 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 13 May 2021 06:26:37 +0100 Subject: [PATCH 051/271] Fix memory leak upon ciphersuite mismatch during session resumption Signed-off-by: Hanno Becker --- library/ssl_srv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 196f69de7d..213cd3ce66 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2810,7 +2810,7 @@ static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) exit: - mbedtls_platform_zeroize( &session_tmp, sizeof( session_tmp ) ); + mbedtls_ssl_session_free( &session_tmp ); } static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) From 0248785081911f8881b84114aa94e1e3c27d6f9b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 13 May 2021 06:26:57 +0100 Subject: [PATCH 052/271] Document session cache callbacks Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 38 ++++++++++++++++++++++++++++++++++++-- 1 file changed, 36 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 89912c606f..972cac2c16 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -627,12 +627,46 @@ typedef struct mbedtls_ssl_key_cert mbedtls_ssl_key_cert; typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; #endif -/* TODO: Document */ +/** + * \brief Callback type: server-side session cache getter + * + * The session cache is logically a key value store, with + * keys being session IDs and values being instances of + * mbedtls_ssl_session. + * + * This callback retrieves an entry in this key-value store. + * + * \param data The address of the session cache structure to query. + * \param session_id The buffer holding the session ID to query. + * \param session_id_len The length of \p session_id in Bytes. + * \param session The address at which to store the session found + * in the cache. + * + * \return \c 0 on success + * \return A non-zero return value on failure. + */ typedef int mbedtls_ssl_cache_get_t( void *data, unsigned char const *session_id, size_t session_id_len, mbedtls_ssl_session *session ); -/* TODO: Document */ +/** + * \brief Callback type: server-side session cache setter + * + * The session cache is logically a key value store, with + * keys being session IDs and values being instances of + * mbedtls_ssl_session. + * + * This callback sets an entry in this key-value store. + * + * \param data The address of the session cache structure to modify. + * \param session_id The buffer holding the session ID to query. + * \param session_id_len The length of \p session_id in Bytes. + * \param session The address of the session to be stored in the + * session cache. + * + * \return \c 0 on success + * \return A non-zero return value on failure. + */ typedef int mbedtls_ssl_cache_set_t( void *data, unsigned char const *session_id, size_t session_id_len, From f47199da26d6fdf22433dae4c5fbf5c9097e2403 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 13 May 2021 06:29:13 +0100 Subject: [PATCH 053/271] Improve naming of helper function for reference session cache Signed-off-by: Hanno Becker --- library/ssl_cache.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 6ef1a972c8..5790fc6bf6 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -124,10 +124,10 @@ exit: return( ret ); } -static int ssl_cache_find_fresh_entry( mbedtls_ssl_cache_context *cache, - unsigned char const *session_id, - size_t session_id_len, - mbedtls_ssl_cache_entry **dst ) +static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_cache_entry **dst ) { int ret = 1; #if defined(MBEDTLS_HAVE_TIME) @@ -270,9 +270,9 @@ int mbedtls_ssl_cache_set( void *data, return( ret ); #endif - ret = ssl_cache_find_fresh_entry( cache, - session_id, session_id_len, - &cur ); + ret = ssl_cache_pick_writing_slot( cache, + session_id, session_id_len, + &cur ); if( ret != 0 ) goto exit; From 845ceb7cc84f983d681e3487293c1c0368cd327b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 13 May 2021 07:05:07 +0100 Subject: [PATCH 054/271] Improve readability and efficiency of SSL cache reference impl The reference session cache implementation may end up storing multiple sessions associated to the same session ID if the set()-call for the second session finds an outdated cache entry prior to noticing the entry with the matching session ID. While this logically overwrites the existing entry since we always search the cache in order, this is at least a waste of resources. This commit fixes this by always checking first whether the given ID is already present in the cache. It also restructures the code for easier readability. Fixes #4509. Signed-off-by: Hanno Becker --- library/ssl_cache.c | 168 ++++++++++++++++++++++---------------------- 1 file changed, 83 insertions(+), 85 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 5790fc6bf6..1bbcc957b9 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -129,7 +129,6 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, size_t session_id_len, mbedtls_ssl_cache_entry **dst ) { - int ret = 1; #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; mbedtls_ssl_cache_entry *old = NULL; @@ -140,117 +139,116 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, cur = cache->chain; prv = NULL; + /* Check 1: Is there already an entry with the given session ID? + * + * If yes, overwrite it. + * + * If not, `count` will hold the size of the session cache + * at the end of this loop, and `prv` will point to the last + * entry, both of which will be used later. */ + while( cur != NULL ) { count++; -#if defined(MBEDTLS_HAVE_TIME) - if( cache->timeout != 0 && - (int) ( t - cur->timestamp ) > cache->timeout ) - { - cur->timestamp = t; - break; /* expired, reuse this slot, update timestamp */ - } -#endif - if( session_id_len == cur->session_id_len && memcmp( session_id, cur->session_id, cur->session_id_len ) == 0 ) { - break; /* client reconnected, keep timestamp for session id */ + goto found; } -#if defined(MBEDTLS_HAVE_TIME) - if( oldest == 0 || cur->timestamp < oldest ) - { - oldest = cur->timestamp; - old = cur; - } -#endif - prv = cur; cur = cur->next; } - if( cur == NULL ) - { + /* Check 2: Is there an outdated entry in the cache? + * + * If so, overwrite it. + * + * If not, remember the oldest entry in `old` for later. + */ + #if defined(MBEDTLS_HAVE_TIME) - /* - * Reuse oldest entry if max_entries reached - */ - if( count >= cache->max_entries ) + while( cur != NULL ) + { + if( cache->timeout != 0 && + (int) ( t - cur->timestamp ) > cache->timeout ) { - if( old == NULL ) - { - ret = 1; - goto exit; - } - - cur = old; + goto found; } -#else /* MBEDTLS_HAVE_TIME */ - /* - * Reuse first entry in chain if max_entries reached, - * but move to last place - */ - if( count >= cache->max_entries ) + + if( oldest == 0 || cur->timestamp < oldest ) { - if( cache->chain == NULL ) - { - ret = 1; - goto exit; - } - - cur = cache->chain; - cache->chain = cur->next; - cur->next = NULL; - prv->next = cur; + oldest = cur->timestamp; + old = cur; } + + prv = cur; + cur = cur->next; + } #endif /* MBEDTLS_HAVE_TIME */ - else - { - /* - * max_entries not reached, create new entry - */ - cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); - if( cur == NULL ) - { - ret = 1; - goto exit; - } - if( prv == NULL ) - cache->chain = cur; - else - prv->next = cur; - } + /* Check 3: Is there free space in the cache? */ + + if( count < cache->max_entries ) + { + /* Create new entry */ + cur = mbedtls_calloc( 1, sizeof(mbedtls_ssl_cache_entry) ); + if( cur == NULL ) + return( 1 ); + + /* Append to the end of the linked list. */ + if( prv == NULL ) + cache->chain = cur; + else + prv->next = cur; + + goto found; + } + + /* Last resort: The cache is full and doesn't contain any outdated + * elements. In this case, we evict the oldest one, judged by timestamp + * (if present) or cache-order. */ #if defined(MBEDTLS_HAVE_TIME) - cur->timestamp = t; -#endif - } - - if( cur != NULL ) + if( old == NULL ) { - *dst = cur; + /* This should only happen on an ill-configured cache + * with max_entries == 0. */ + return( 1 ); + } +#else /* MBEDTLS_HAVE_TIME */ + /* Reuse first entry in chain, but move to last place. */ + if( cache->chain == NULL ) + return( 1 ); - /* - * If we're reusing an entry, free it first. - */ - if( cur->session != NULL ) - { - mbedtls_free( cur->session ); - cur->session = NULL; - cur->session_len = 0; - memset( cur->session_id, 0, sizeof( cur->session_id ) ); - cur->session_id_len = 0; - } + old = cache->chain; + cache->chain = old->next; + cur->next = NULL; + prv->next = old; +#endif /* MBEDTLS_HAVE_TIME */ - ret = 0; + /* Now `old` points to the oldest entry to be overwritten. */ + cur = old; + +found: + +#if defined(MBEDTLS_HAVE_TIME) + cur->timestamp = t; +#endif + + /* If we're reusing an entry, free it first. */ + if( cur->session != NULL ) + { + mbedtls_free( cur->session ); + cur->session = NULL; + cur->session_len = 0; + memset( cur->session_id, 0, sizeof( cur->session_id ) ); + cur->session_id_len = 0; } -exit: - - return( ret ); + *dst = cur; + return( 0 ); } int mbedtls_ssl_cache_set( void *data, From 4a210196532e861f3421fcbd0ed87efffb431765 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 14 Apr 2021 21:14:28 +0200 Subject: [PATCH 055/271] Implement psa_sign_message and psa_verify_message functions Signed-off-by: gabor-mezei-arm --- include/psa/crypto.h | 119 ++++++++++++++++- include/psa/crypto_values.h | 37 ++++++ library/psa_crypto.c | 136 ++++++++++++++++++++ programs/psa/psa_constant_names_generated.c | 14 ++ 4 files changed, 305 insertions(+), 1 deletion(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index b14f4c50b2..eedf5f52d1 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2889,6 +2889,123 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * @{ */ +/** + * \brief Sign a message with a private key. For hash-and-sign algorithms, + * this includes the hashing step. + * + * \note To perform a multi-part hash-and-sign signature algorithm, first use + * a multi-part hash operation and then pass the resulting hash to + * psa_sign_hash(). PSA_ALG_GET_HASH(\p alg) can be used to determine the + * hash algorithm to use. + * + * \param[in] key Identifier of the key to use for the operation. + * It must be an asymmetric key pair. The key must + * allow the usage #PSA_KEY_USAGE_SIGN_MESSAGE. + * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX + * value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg) + * is true), that is compatible with the type of + * \p key. + * \param[in] input The input message to sign. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param[in] signature_size Size of the \p signature buffer in bytes. This + * must be appropriate for the selected + * algorithm and key: + * - The required signature size is + * #PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, \p alg) + * where key_type and key_bits are the type and + * bit-size respectively of key. + * - #PSA_SIGNATURE_MAX_SIZE evaluates to the + * maximum signature size of any supported + * signature algorithm. + * \param[out] signature_length On success, the number of bytes that make up + * the returned signature value. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag, + * or it does not permit the requested algorithm. + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of \p key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length ); + +/** \brief Verify the signature of a message with a public key, using + * a hash-and-sign verification algorithm. + * + * \note To perform a multi-part hash-and-sign signature verification + * algorithm, first use a multi-part hash operation to hash the message + * and then pass the resulting hash to psa_verify_hash(). + * PSA_ALG_GET_HASH(\p alg) can be used to determine the hash algorithm + * to use. + * + * \param[in] key Identifier of the key to use for the operation. + * It must be a public key or an asymmetric key + * pair. The key must allow the usage + * #PSA_KEY_USAGE_VERIFY_MESSAGE. + * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX + * value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg) + * is true), that is compatible with the type of + * \p key. + * \param[in] input The message whose signature is to be verified. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[out] signature Buffer containing the signature to verify. + * \param[in] signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_INVALID_HANDLE + * \retval #PSA_ERROR_NOT_PERMITTED + * The key does not have the #PSA_KEY_USAGE_SIGN_MESSAGE flag, + * or it does not permit the requested algorithm. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was performed successfully, but the passed signature + * is not a valid signature. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_COMMUNICATION_FAILURE + * \retval #PSA_ERROR_HARDWARE_FAILURE + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_STORAGE_FAILURE + * \retval #PSA_ERROR_DATA_CORRUPT + * \retval #PSA_ERROR_DATA_INVALID + * \retval #PSA_ERROR_BAD_STATE + * The library has not been previously initialized by psa_crypto_init(). + * It is implementation-dependent whether a failure to initialize + * results in this error code. + */ +psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + const uint8_t * signature, + size_t signature_length ); + /** * \brief Sign a hash or short message with a private key. * @@ -2942,7 +3059,7 @@ psa_status_t psa_sign_hash(mbedtls_svc_key_id_t key, size_t *signature_length); /** - * \brief Verify the signature a hash or short message using a public key. + * \brief Verify the signature of a hash or short message using a public key. * * Note that to perform a hash-and-sign signature algorithm, you must * first calculate the hash by calling psa_hash_setup(), psa_hash_update() diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index bfff9683f5..2fd1ad5dec 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1549,6 +1549,23 @@ PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \ PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg)) + +/** Whether the specified algorithm is a signature algorithm that can be used + * with psa_sign_message() and psa_verify_message(). + * + * \param alg An algorithm identifier (value of type #psa_algorithm_t). + * + * \return 1 if alg is a signature algorithm that can be used to sign a + * message. 0 if alg is a signature algorithm that can only be used + * to sign an already-calculated hash. 0 if alg is not a signature + * algorithm. This macro can return either 0 or 1 if alg is not a + * supported algorithm identifier. + */ +#define PSA_ALG_IS_SIGN_MESSAGE(alg) \ + (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ + PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \ + PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg)) + /** Get the hash used by a hash-and-sign signature algorithm. * * A hash-and-sign algorithm is a signature algorithm which is @@ -2198,6 +2215,26 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) */ #define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200) +/** Whether the key may be used to sign a message. + * + * This flag allows the key to be used for a MAC calculation operation or for + * an asymmetric message signature operation, if otherwise permitted by the + * key’s type and policy. + * + * For a key pair, this concerns the private key. + */ +#define PSA_KEY_USAGE_SIGN_MESSAGE ((psa_key_usage_t)0x00000400) + +/** Whether the key may be used to verify a message. + * + * This flag allows the key to be used for a MAC verification operation or for + * an asymmetric message signature verification operation, if otherwise + * permitted by the key’s type and policy. + * + * For a key pair, this concerns the public key. + */ +#define PSA_KEY_USAGE_VERIFY_MESSAGE ((psa_key_usage_t)0x00000800) + /** Whether the key may be used to sign a message. * * This flag allows the key to be used for a MAC calculation operation diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2583735fe9..c649d1cfed 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1492,6 +1492,8 @@ static psa_status_t psa_validate_key_policy( const psa_key_policy_t *policy ) PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT | + PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_DERIVATION | @@ -2458,6 +2460,140 @@ cleanup: /* Asymmetric cryptography */ /****************************************************************/ +psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + *signature_length = 0; + + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if ( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + /* Immediately reject a zero-length signature buffer. This guarantees + * that signature must be a valid pointer. (On the other hand, the hash + * buffer can in principle be empty since it doesn't actually have + * to be a hash.) */ + if( signature_size == 0 ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_SIGN_MESSAGE, + alg ); + if( status != PSA_SUCCESS ) + goto exit; + + if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) + { + status = PSA_ERROR_INVALID_ARGUMENT; + goto exit; + } + + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_SUCCESS ) + { + memset( hash, 0, sizeof( hash ) ); + goto exit; + } + + status = psa_driver_wrapper_sign_hash( + &attributes, slot->key.data, slot->key.bytes, + alg, hash, hash_length, + signature, signature_size, signature_length ); + + memset( hash, 0, hash_length ); + +exit: + /* Fill the unused part of the output buffer (the whole buffer on error, + * the trailing part on success) with something that isn't a valid signature + * (barring an attack on the signature and deliberately-crafted input), + * in case the caller doesn't check the return status properly. */ + if( status == PSA_SUCCESS ) + memset( signature + *signature_length, '!', + signature_size - *signature_length ); + else + memset( signature, '!', signature_size ); + /* If signature_size is 0 then we have nothing to do. We must not call + * memset because signature may be NULL in this case. */ + + unlock_status = psa_unlock_key_slot( slot ); + + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); +} + +psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + const uint8_t * signature, + size_t signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; + psa_key_slot_t *slot; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if ( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + status = psa_get_and_lock_key_slot_with_policy( key, &slot, + PSA_KEY_USAGE_VERIFY_MESSAGE, + alg ); + if( status != PSA_SUCCESS ) + return( status ); + + psa_key_attributes_t attributes = { + .core = slot->attr + }; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_SUCCESS ) + { + memset( hash, 0, sizeof( hash ) ); + goto exit; + } + + status = psa_driver_wrapper_verify_hash( + &attributes, slot->key.data, slot->key.bytes, + alg, hash, hash_length, + signature, signature_length ); + + memset( hash, 0, hash_length ); + +exit: + unlock_status = psa_unlock_key_slot( slot ); + + return( ( status == PSA_SUCCESS ) ? unlock_status : status ); +} + psa_status_t psa_sign_hash_internal( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c index bcb95f8999..0b256a272d 100644 --- a/programs/psa/psa_constant_names_generated.c +++ b/programs/psa/psa_constant_names_generated.c @@ -406,6 +406,13 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size, append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23); usage ^= PSA_KEY_USAGE_SIGN_HASH; } + if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26); + usage ^= PSA_KEY_USAGE_SIGN_MESSAGE; + } if (usage & PSA_KEY_USAGE_VERIFY_DERIVATION) { if (required_size != 0) { append(&buffer, buffer_size, &required_size, " | ", 3); @@ -420,6 +427,13 @@ static int psa_snprint_key_usage(char *buffer, size_t buffer_size, append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25); usage ^= PSA_KEY_USAGE_VERIFY_HASH; } + if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { + if (required_size != 0) { + append(&buffer, buffer_size, &required_size, " | ", 3); + } + append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28); + usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE; + } if (usage != 0) { if (required_size != 0) { append(&buffer, buffer_size, &required_size, " | ", 3); From b95302358f593273e808d393a000ea33fafdd7f6 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 16 Apr 2021 14:21:21 +0200 Subject: [PATCH 056/271] Rename test funtions and test cases Modify function and test case names that testing psa_sign_hash and psa_verify_hash funtions to be less confusing with the newly introduced function and test case names which tests psa_sign_message and psa_verify_message functions. Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 192 ++++++++++---------- tests/suites/test_suite_psa_crypto.function | 30 +-- 2 files changed, 111 insertions(+), 111 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7b86185b9b..d26ac9ab4e 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2122,197 +2122,197 @@ PSA import/exercise: TLS 1.2 PRF SHA-256 depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF import_and_exercise_key:"c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0":PSA_KEY_TYPE_DERIVE:192:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256) -PSA sign: RSA PKCS#1 v1.5, raw +PSA sign hash: RSA PKCS#1 v1.5, raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" +sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"2c7744983f023ac7bb1c55529d83ed11a76a7898a1bb5ce191375a4aa7495a633d27879ff58eba5a57371c34feb1180e8b850d552476ebb5634df620261992f12ebee9097041dbbea85a42d45b344be5073ceb772ffc604954b9158ba81ec3dc4d9d65e3ab7aa318165f38c36f841f1c69cb1cfa494aa5cbb4d6c0efbafb043a" -PSA sign: RSA PKCS#1 v1.5 SHA-256 +PSA sign hash: RSA PKCS#1 v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +sign_hash_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA sign: deterministic ECDSA SECP256R1 SHA-256 +PSA sign hash: deterministic ECDSA SECP256R1 SHA-256 depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA sign: deterministic ECDSA SECP256R1 SHA-384 +PSA sign hash: deterministic ECDSA SECP256R1 SHA-384 depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" +sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca" -PSA sign: deterministic ECDSA SECP384R1 SHA-256 +PSA sign hash: deterministic ECDSA SECP384R1 SHA-256 depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C -sign_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" +sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":"52d92aac1fcc0fea3ecce01a9ed4bc9ac342f92470fd3f54d0d6d2fa5d2940405057a9d49a817c2b193322f05fc93ac1c7a055edac93bec0ade6814ab27b86b5295ac1ddb323818200f00c3d94d959f714f128b64a2e19628037ac009b14774f" -PSA sign: RSA PKCS#1 v1.5 SHA-256, wrong hash size +PSA sign hash: RSA PKCS#1 v1.5 SHA-256, wrong hash size depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015":128:PSA_ERROR_INVALID_ARGUMENT -PSA sign: RSA PKCS#1 v1.5, invalid hash (wildcard) +PSA sign hash: RSA PKCS#1 v1.5, invalid hash (wildcard) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT -PSA sign: RSA PKCS#1 v1.5 raw, input too large +PSA sign hash: RSA PKCS#1 v1.5 raw, input too large depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":128:PSA_ERROR_INVALID_ARGUMENT -PSA sign: RSA PKCS#1 v1.5 SHA-256, output buffer too small +PSA sign hash: RSA PKCS#1 v1.5 SHA-256, output buffer too small depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":127:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: deterministic ECDSA SECP256R1 SHA-256, output buffer too small +PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, output buffer too small depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL +sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":63:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: RSA PKCS#1 v1.5 SHA-256, empty output buffer +PSA sign hash: RSA PKCS#1 v1.5 SHA-256, empty output buffer depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL +sign_hash_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":0:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: deterministic ECDSA SECP256R1 SHA-256, empty output buffer +PSA sign hash: deterministic ECDSA SECP256R1 SHA-256, empty output buffer depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL +sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":0:PSA_ERROR_BUFFER_TOO_SMALL -PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (0) +PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (0) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( 0 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT -PSA sign: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) +PSA sign hash: deterministic ECDSA SECP256R1, invalid hash algorithm (wildcard) depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_ANY_HASH ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT -PSA sign: invalid key type, signing with a public key +PSA sign hash: invalid key type, signing with a public key depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C -sign_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT -PSA sign: invalid algorithm for ECC key +PSA sign hash: invalid algorithm for ECC key depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT +sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":72:PSA_ERROR_INVALID_ARGUMENT -PSA sign: deterministic ECDSA not supported +PSA sign hash: deterministic ECDSA not supported depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C -sign_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED +sign_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824":96:PSA_ERROR_NOT_SUPPORTED -PSA sign/verify: RSA PKCS#1 v1.5, raw +PSA sign/verify hash: RSA PKCS#1 v1.5, raw depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" +sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263" -PSA sign/verify: RSA PKCS#1 v1.5 SHA-256 +PSA sign/verify hash: RSA PKCS#1 v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA sign/verify: RSA PSS SHA-256, 0 bytes +PSA sign/verify hash: RSA PSS SHA-256, 0 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" +sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" -PSA sign/verify: RSA PSS SHA-256, 32 bytes (hash size) +PSA sign/verify hash: RSA PSS SHA-256, 32 bytes (hash size) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" +sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" -PSA sign/verify: RSA PSS SHA-256, 129 bytes +PSA sign/verify hash: RSA PSS SHA-256, 129 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +sign_verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -PSA sign/verify: randomized ECDSA SECP256R1 SHA-256 +PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" -PSA sign/verify: deterministic ECDSA SECP256R1 SHA-256 +PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-256 depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" -PSA sign/verify: randomized ECDSA SECP256R1 SHA-384 +PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" +sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" -PSA sign/verify: deterministic ECDSA SECP256R1 SHA-384 +PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384 depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" +sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f" -PSA sign/verify: randomized ECDSA SECP384R1 SHA-256 +PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256 depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" -PSA sign/verify: deterministic ECDSA SECP384R1 SHA-256 +PSA sign/verify hash: deterministic ECDSA SECP384R1 SHA-256 depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C -sign_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" +sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b" -PSA verify: RSA PKCS#1 v1.5 SHA-256, good signature +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA verify with keypair: RSA PKCS#1 v1.5 SHA-256, good signature +PSA verify hash with keypair: RSA PKCS#1 v1.5 SHA-256, good signature depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" +verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong hash length +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_INVALID_SIGNATURE -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE -PSA verify: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) +PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE -PSA verify: RSA PSS SHA-256, good signature, 0 bytes +PSA verify hash: RSA PSS SHA-256, good signature, 0 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" +verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"34c011b625c32d992f4ab8fcfa52b616ea66270b5b75a4fc71af712f9b8806bcdd374ce50eafcbb489562b93347885f93c2de1d404c45cacccefceb112ff6ffdfe4264f91d66320bbbe09304b851b8ad6280bbccc571eebcd49c7db5dfa399a6289e1978407904598751613d9870770cdd8507e3dc7b46851dbf05ae1df2988d" -PSA verify: RSA PSS SHA-256, good signature, 32 bytes (hash size) +PSA verify hash: RSA PSS SHA-256, good signature, 32 bytes (hash size) depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" +verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"1967ae568cc071dfebeeca76b11d40bd1ec5af241c50b3dcceff21f4536c0693a7179a8d5d163a7625fefd37c161127800edeebc24fa73ca772096827bd3f75e8ccf2c64f07b7171b5c99022a4d73b760f34a385ccff0bd5ed7997d2a29d2847acb0767f93a2a404bc046c97de66d95dc9f7646fdb216b627b2ea0de8afcefb7" -PSA verify: RSA PSS SHA-256, good signature, 129 bytes +PSA verify hash: RSA PSS SHA-256, good signature, 129 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C -asymmetric_verify:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" +verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"1491cead330b4ad5b092f8351518141ac11d0888591572669c1e79d6e932c488acd62d44479b0e14cd91a048778bc02398a772ad6bdb4f7764780cf0afe70293d0cac86f2695a1dcb54568bb37d7086f9e86f95a6802d2ee5a4facaa762beff5261bb2816b62cb5af86404974c3f6b67985ac1fbfdf46d6de54f6e29d9274308" -PSA verify: ECDSA SECP256R1, good +PSA verify hash: ECDSA SECP256R1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +verify_hash:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA verify with keypair: ECDSA SECP256R1, good +PSA verify hash with keypair: ECDSA SECP256R1, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" +verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f" -PSA verify: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) +PSA verify hash: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"304502206a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151022100ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE -PSA verify: ECDSA SECP256R1, wrong signature of correct size +PSA verify hash: ECDSA SECP256R1, wrong signature of correct size depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50e":PSA_ERROR_INVALID_SIGNATURE -PSA verify: ECDSA SECP256R1, wrong signature (empty) +PSA verify hash: ECDSA SECP256R1, wrong signature (empty) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"":PSA_ERROR_INVALID_SIGNATURE -PSA verify: ECDSA SECP256R1, wrong signature (truncated) +PSA verify hash: ECDSA SECP256R1, wrong signature (truncated) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f5":PSA_ERROR_INVALID_SIGNATURE -PSA verify: ECDSA SECP256R1, wrong signature (trailing junk) +PSA verify hash: ECDSA SECP256R1, wrong signature (trailing junk) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f21":PSA_ERROR_INVALID_SIGNATURE -PSA verify: ECDSA SECP256R1, wrong signature (leading junk) +PSA verify hash: ECDSA SECP256R1, wrong signature (leading junk) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE +verify_hash_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"216a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_INVALID_SIGNATURE -PSA verify: invalid algorithm for ECC key +PSA verify hash: invalid algorithm for ECC key depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C -asymmetric_verify_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT +verify_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT PSA encrypt: RSA PKCS#1 v1.5, good depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index bff0c35a04..79227bbf35 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3170,9 +3170,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_deterministic( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - data_t *output_data ) +void sign_hash_deterministic( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + data_t *output_data ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3225,9 +3225,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data, - int signature_size_arg, int expected_status_arg ) +void sign_hash_fail( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data, + int signature_size_arg, int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3270,8 +3270,8 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void sign_verify( int key_type_arg, data_t *key_data, - int alg_arg, data_t *input_data ) +void sign_verify_hash( int key_type_arg, data_t *key_data, + int alg_arg, data_t *input_data ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3341,9 +3341,9 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_verify( int key_type_arg, data_t *key_data, - int alg_arg, data_t *hash_data, - data_t *signature_data ) +void verify_hash( int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; @@ -3373,10 +3373,10 @@ exit: /* END_CASE */ /* BEGIN_CASE */ -void asymmetric_verify_fail( int key_type_arg, data_t *key_data, - int alg_arg, data_t *hash_data, - data_t *signature_data, - int expected_status_arg ) +void verify_hash_fail( int key_type_arg, data_t *key_data, + int alg_arg, data_t *hash_data, + data_t *signature_data, + int expected_status_arg ) { mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_type_t key_type = key_type_arg; From 5302848ba5ffd6c90c241c55a2780061eefe8dcc Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 15 Apr 2021 18:19:50 +0200 Subject: [PATCH 057/271] Add tests for psa_sign_message and psa_verify_message The reference output data was created with cryptodome for RSA algorithms and python-ecdsa for ECDSA algorithms. Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 208 +++++++++++++++++ tests/suites/test_suite_psa_crypto.function | 233 ++++++++++++++++++++ 2 files changed, 441 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d26ac9ab4e..d745ae3e59 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2314,6 +2314,214 @@ PSA verify hash: invalid algorithm for ECC key depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C verify_hash_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT +PSA sign message: RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_deterministic:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" + +PSA sign message: deterministic ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548" + +PSA sign message: deterministic ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066" + +PSA sign message: deterministic ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C +sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"3548ea85eb66d756ae90fd64a3104b5b9a17aa282f8722409762e9da4811ec5d3060a97d3450b4bc484cd21ac588f563c4873843506fed8609b7d093db0e9a2496c36995ee74c906528af6898feb502f45bfb1e9ccf371416c68d32bb5ebc1b6" + +PSA sign message: RSA PKCS#1 v1.5, invalid hash (wildcard) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):"616263":128:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: RSA PKCS#1 v1.5, invalid hash algorithm (0) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(0):"616263":128:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: RSA PKCS#1 v1.5 SHA-256, output buffer too small +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":127:PSA_ERROR_BUFFER_TOO_SMALL + +PSA sign message: RSA PKCS#1 v1.5 SHA-256, empty output buffer +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL + +PSA sign message: RSA PKCS#1 v1.5 SHA-256, invalid key type +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":128:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash (wildcard) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):"616263":64:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: ECDSA SECP256R1 SHA-256, invalid hash algorithm (0) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(0):"616263":64:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: ECDSA SECP256R1 SHA-256, output buffer too small +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":63:PSA_ERROR_BUFFER_TOO_SMALL + +PSA sign message: ECDSA SECP256R1 SHA-256, empty output buffer +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL + +PSA sign message: ECDSA SECP256R1 SHA-256, invalid key type +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":64:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: invalid algorithm for ECC key +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263":72:PSA_ERROR_INVALID_ARGUMENT + +PSA sign message: deterministic ECDSA not supported +depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":96:PSA_ERROR_NOT_SUPPORTED + +PSA sign/verify message: RSA PKCS#1 v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263" + +PSA sign/verify message: RSA PSS SHA-256 +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"616263" + +PSA sign/verify message: RSA PSS SHA-256, 0 bytes +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" + +PSA sign/verify message: RSA PSS SHA-256, 32 bytes (hash size) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +PSA sign/verify message: RSA PSS SHA-256, 128 bytes (signature size) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +PSA sign/verify message: RSA PSS SHA-256, 129 bytes +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263" + +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 0 bytes +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"" + +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 32 bytes (hash size) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 64 bytes (signature size) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 65 bytes +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + +PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263" + +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263" + +PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263" + +PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384 +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263" + +PSA sign/verify message: deterministic ECDSA SECP384R1 SHA-256 +depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_MD_C +sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263" + +PSA verify message: RSA PKCS#1 v1.5 SHA-256, good signature +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" + +PSA verify message with keypair: RSA PKCS#1 v1.5 SHA-256, good signature +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311" + +PSA verify message: RSA PSS SHA-256, good signature, 0 bytes +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"50c06249deb97228e277b51d3e3542a6e5c140d6f6d1cb8a3dff53b5ce6e6fcb39d0767703174135208adf5d75399dd7525702b275153e7605ec38b65d33337bb9bbeb8c392ee22e3e9c0dafa43074a8205e17df2106bedd7bf6f1ada702aeb2ce04864c0ca9ec31964f9a957d8ebb9abc82454ad37c541e9b4d9842436c14a4" + +PSA verify message: RSA PSS SHA-256, good signature, 32 bytes (hash size) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"6b65e1fdc900dce8a2b82130ae8ccfac27b6d0eb5f2c0c1085b80f34ceaaf064c8ff237e74a24a3c6fb7a842f172e5146315616281bbbeeae90febaab139a212decf1c68923f2a48e242b1fd72105e3a3f2329c30d78abe8673335ad08c5ba1aa515360bb5660050f1994bb08d3dd17e3407a379403bafa4e229b3c851283f6d" + +PSA verify message: RSA PSS SHA-256, good signature, 128 bytes (signature size) +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"29b65db0936b7fe408bda672077b0bc5e176177ba9a550fb548c292f7b4af1bb6475e0a979ba43dd644780801fabe5b62a1359cf7692918f30013e90c2362235765abc2078905d13b345dd689bf15e4e94ca51535d12f0675d5f13e9f254ba7696f0096d62deb023d106e9a96a5da3162bead6a745c8b9000868d2f9a447d5c5" + +PSA verify message: RSA PSS SHA-256, good signature, 129 bytes +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830" + +PSA verify message ECDSA SECP256R1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b" + +PSA verify message with keypair: ECDSA SECP256R1, good +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b" + +PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"111164d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (empty) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (truncated) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc73":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (trailing junk) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc731121":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"304502200b295f3dc3ac2bde92f550b7e73a2de15a753b4ebc761c521a32d1ed9bf5800a022100fe7301254058347c3dec7768f62dfc63f7c049d28bfdd1d6712126fd888e9f04":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: ECDSA SECP256R1, wrong signature of correct size +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf00":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: ECDSA SECP256R1, wrong signature (empty) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: ECDSA SECP256R1, wrong signature (truncated) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: ECDSA SECP256R1, wrong signature (trailing junk) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0bff":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: ECDSA SECP256R1, wrong signature (leading junk) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"ff0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b":PSA_ERROR_INVALID_SIGNATURE + +PSA verify message: invalid algorithm for ECC key +depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT + PSA encrypt: RSA PKCS#1 v1.5, good depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 79227bbf35..5b5531f037 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -3406,6 +3406,239 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void sign_message_deterministic( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *output_data ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); + TEST_ASSERT( signature_size != 0 ); + TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); + ASSERT_ALLOC( signature, signature_size ); + + PSA_ASSERT( psa_sign_message( key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); + + ASSERT_COMPARE( output_data->x, output_data->len, + signature, signature_length ); + +exit: + psa_reset_key_attributes( &attributes ); + + psa_destroy_key( key ); + mbedtls_free( signature ); + PSA_DONE( ); + +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_message_fail( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + int signature_size_arg, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t signature_size = signature_size_arg; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + unsigned char *signature = NULL; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + ASSERT_ALLOC( signature, signature_size ); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + actual_status = psa_sign_message( key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ); + TEST_EQUAL( actual_status, expected_status ); + /* The value of *signature_length is unspecified on error, but + * whatever it is, it should be less than signature_size, so that + * if the caller tries to read *signature_length bytes without + * checking the error code then they don't overflow a buffer. */ + TEST_ASSERT( signature_length <= signature_size ); + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + mbedtls_free( signature ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void sign_verify_message( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + size_t key_bits; + unsigned char *signature = NULL; + size_t signature_size; + size_t signature_length = 0xdeadbeef; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE | + PSA_KEY_USAGE_VERIFY_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + PSA_ASSERT( psa_get_key_attributes( key, &attributes ) ); + key_bits = psa_get_key_bits( &attributes ); + + signature_size = PSA_SIGN_OUTPUT_SIZE( key_type, key_bits, alg ); + TEST_ASSERT( signature_size != 0 ); + TEST_ASSERT( signature_size <= PSA_SIGNATURE_MAX_SIZE ); + ASSERT_ALLOC( signature, signature_size ); + + PSA_ASSERT( psa_sign_message( key, alg, + input_data->x, input_data->len, + signature, signature_size, + &signature_length ) ); + TEST_ASSERT( signature_length <= signature_size ); + TEST_ASSERT( signature_length > 0 ); + + PSA_ASSERT( psa_verify_message( key, alg, + input_data->x, input_data->len, + signature, signature_length ) ); + + if( input_data->len != 0 ) + { + /* Flip a bit in the input and verify that the signature is now + * detected as invalid. Flip a bit at the beginning, not at the end, + * because ECDSA may ignore the last few bits of the input. */ + input_data->x[0] ^= 1; + TEST_EQUAL( psa_verify_message( key, alg, + input_data->x, input_data->len, + signature, signature_length ), + PSA_ERROR_INVALID_SIGNATURE ); + } + +exit: + psa_reset_key_attributes( &attributes ); + + psa_destroy_key( key ); + mbedtls_free( signature ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void verify_message( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *input_data, + data_t *signature_data ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + TEST_ASSERT( signature_data->len <= PSA_SIGNATURE_MAX_SIZE ); + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + PSA_ASSERT( psa_verify_message( key, alg, + input_data->x, input_data->len, + signature_data->x, signature_data->len ) ); + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + +/* BEGIN_CASE */ +void verify_message_fail( int key_type_arg, + data_t *key_data, + int alg_arg, + data_t *hash_data, + data_t *signature_data, + int expected_status_arg ) +{ + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_type_t key_type = key_type_arg; + psa_algorithm_t alg = alg_arg; + psa_status_t actual_status; + psa_status_t expected_status = expected_status_arg; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + + PSA_ASSERT( psa_crypto_init( ) ); + + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_set_key_type( &attributes, key_type ); + + PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, + &key ) ); + + actual_status = psa_verify_message( key, alg, + hash_data->x, hash_data->len, + signature_data->x, + signature_data->len ); + TEST_EQUAL( actual_status, expected_status ); + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); +} +/* END_CASE */ + /* BEGIN_CASE */ void asymmetric_encrypt( int key_type_arg, data_t *key_data, From 36658e46ba0ab3f0766c9f3e085715b961a977fc Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 20 Apr 2021 12:08:36 +0200 Subject: [PATCH 058/271] Update PSA_ALG_IS_SIGN_MESSAGE Add missing algorithm for PSA_ALG_IS_SIGN_MESSAGE and update documentation. Signed-off-by: gabor-mezei-arm --- include/psa/crypto_values.h | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 2fd1ad5dec..5fc868814d 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1556,15 +1556,13 @@ * \param alg An algorithm identifier (value of type #psa_algorithm_t). * * \return 1 if alg is a signature algorithm that can be used to sign a - * message. 0 if alg is a signature algorithm that can only be used - * to sign an already-calculated hash. 0 if alg is not a signature - * algorithm. This macro can return either 0 or 1 if alg is not a + * message. 0 if \p alg is a signature algorithm that can only be used + * to sign an already-calculated hash. 0 if \p alg is not a signature + * algorithm. This macro can return either 0 or 1 if \p alg is not a * supported algorithm identifier. */ #define PSA_ALG_IS_SIGN_MESSAGE(alg) \ - (PSA_ALG_IS_RSA_PSS(alg) || PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) || \ - PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \ - PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg)) + (PSA_ALG_IS_HASH_AND_SIGN(alg) || (alg) == PSA_ALG_PURE_EDDSA ) /** Get the hash used by a hash-and-sign signature algorithm. * From 5b4465259304e35719d5493cd2a32def98d7c475 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 20 Apr 2021 12:11:35 +0200 Subject: [PATCH 059/271] Unify similar functions Use common funtion for psa_sign_hash and psa_sign_message and one for psa_verify_hash and psa_verify_message to unify them. Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 274 +++++++++++++++++++++++-------------------- 1 file changed, 148 insertions(+), 126 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c649d1cfed..3f35868f8a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2460,26 +2460,51 @@ cleanup: /* Asymmetric cryptography */ /****************************************************************/ -psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - uint8_t * signature, - size_t signature_size, - size_t * signature_length ) +typedef enum +{ + PSA_SIGN_INVALID = 0, + PSA_SIGN_HASH = 1, + PSA_SIGN_MESSAGE +} psa_sign_operation_t; + +typedef enum +{ + PSA_VERIFY_INVALID = 0, + PSA_VERIFY_HASH = 1, + PSA_VERIFY_MESSAGE +} psa_verify_operation_t; + +static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, + psa_sign_operation_t operation, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; *signature_length = 0; - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if( operation == PSA_SIGN_MESSAGE ) + { + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); - if ( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + /* Curently only hash-then-sign algorithms are supported. */ + else + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + else if( operation == PSA_SIGN_INVALID ) return( PSA_ERROR_INVALID_ARGUMENT ); /* Immediately reject a zero-length signature buffer. This guarantees @@ -2489,9 +2514,12 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, if( signature_size == 0 ) return( PSA_ERROR_BUFFER_TOO_SMALL ); - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_SIGN_MESSAGE, - alg ); + status = psa_get_and_lock_key_slot_with_policy( + key, &slot, + operation == PSA_SIGN_HASH ? PSA_KEY_USAGE_SIGN_HASH : + PSA_KEY_USAGE_SIGN_MESSAGE, + alg ); + if( status != PSA_SUCCESS ) goto exit; @@ -2505,23 +2533,33 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, .core = slot->attr }; - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); - - if( status != PSA_SUCCESS ) + if( operation == PSA_SIGN_MESSAGE ) { - memset( hash, 0, sizeof( hash ) ); - goto exit; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_driver_wrapper_sign_hash( + &attributes, slot->key.data, slot->key.bytes, + alg, hash, hash_length, + signature, signature_size, signature_length ); + } + else if( operation == PSA_SIGN_HASH ) + { + + status = psa_driver_wrapper_sign_hash( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, + signature, signature_size, signature_length ); } - status = psa_driver_wrapper_sign_hash( - &attributes, slot->key.data, slot->key.bytes, - alg, hash, hash_length, - signature, signature_size, signature_length ); - - memset( hash, 0, hash_length ); exit: /* Fill the unused part of the output buffer (the whole buffer on error, @@ -2541,28 +2579,42 @@ exit: return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } -psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, - psa_algorithm_t alg, - const uint8_t * input, - size_t input_length, - const uint8_t * signature, - size_t signature_length ) +static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, + psa_verify_operation_t operation, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + const uint8_t * signature, + size_t signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + if( operation == PSA_VERIFY_MESSAGE ) + { + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + /* Curently only hash-then-sign algorithms are supported. */ + else + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + else if( operation == PSA_VERIFY_INVALID ) return( PSA_ERROR_INVALID_ARGUMENT ); - if ( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + status = psa_get_and_lock_key_slot_with_policy( + key, &slot, + operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH : + PSA_KEY_USAGE_VERIFY_MESSAGE, + alg ); - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_VERIFY_MESSAGE, - alg ); if( status != PSA_SUCCESS ) return( status ); @@ -2570,28 +2622,62 @@ psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, .core = slot->attr }; - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); - - if( status != PSA_SUCCESS ) + if( operation == PSA_VERIFY_MESSAGE ) { - memset( hash, 0, sizeof( hash ) ); - goto exit; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_SUCCESS ) + goto exit; + + status = psa_driver_wrapper_verify_hash( + &attributes, slot->key.data, slot->key.bytes, + alg, hash, hash_length, + signature, signature_length ); + } + else if( operation == PSA_VERIFY_HASH ) + { + status = psa_driver_wrapper_verify_hash( + &attributes, slot->key.data, slot->key.bytes, + alg, input, input_length, + signature, signature_length ); } - - status = psa_driver_wrapper_verify_hash( - &attributes, slot->key.data, slot->key.bytes, - alg, hash, hash_length, - signature, signature_length ); - - memset( hash, 0, hash_length ); exit: unlock_status = psa_unlock_key_slot( slot ); return( ( status == PSA_SUCCESS ) ? unlock_status : status ); + +} + +psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + uint8_t * signature, + size_t signature_size, + size_t * signature_length ) +{ + return psa_sign_internal( + key, PSA_SIGN_MESSAGE, alg, input, input_length, + signature, signature_size, signature_length ); +} + +psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, + psa_algorithm_t alg, + const uint8_t * input, + size_t input_length, + const uint8_t * signature, + size_t signature_length ) +{ + return psa_verify_internal( + key, PSA_VERIFY_MESSAGE, alg, input, input_length, + signature, signature_length ); } psa_status_t psa_sign_hash_internal( @@ -2660,54 +2746,9 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, size_t signature_size, size_t *signature_length ) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_slot_t *slot; - - *signature_length = signature_size; - /* Immediately reject a zero-length signature buffer. This guarantees - * that signature must be a valid pointer. (On the other hand, the hash - * buffer can in principle be empty since it doesn't actually have - * to be a hash.) */ - if( signature_size == 0 ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_SIGN_HASH, - alg ); - if( status != PSA_SUCCESS ) - goto exit; - if( ! PSA_KEY_TYPE_IS_KEY_PAIR( slot->attr.type ) ) - { - status = PSA_ERROR_INVALID_ARGUMENT; - goto exit; - } - - psa_key_attributes_t attributes = { - .core = slot->attr - }; - - status = psa_driver_wrapper_sign_hash( - &attributes, slot->key.data, slot->key.bytes, - alg, hash, hash_length, + return psa_sign_internal( + key, PSA_SIGN_HASH, alg, hash, hash_length, signature, signature_size, signature_length ); - -exit: - /* Fill the unused part of the output buffer (the whole buffer on error, - * the trailing part on success) with something that isn't a valid mac - * (barring an attack on the mac and deliberately-crafted input), - * in case the caller doesn't check the return status properly. */ - if( status == PSA_SUCCESS ) - memset( signature + *signature_length, '!', - signature_size - *signature_length ); - else - memset( signature, '!', signature_size ); - /* If signature_size is 0 then we have nothing to do. We must not call - * memset because signature may be NULL in this case. */ - - unlock_status = psa_unlock_key_slot( slot ); - - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } psa_status_t psa_verify_hash_internal( @@ -2774,28 +2815,9 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, const uint8_t *signature, size_t signature_length ) { - psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; - psa_key_slot_t *slot; - - status = psa_get_and_lock_key_slot_with_policy( key, &slot, - PSA_KEY_USAGE_VERIFY_HASH, - alg ); - if( status != PSA_SUCCESS ) - return( status ); - - psa_key_attributes_t attributes = { - .core = slot->attr - }; - - status = psa_driver_wrapper_verify_hash( - &attributes, slot->key.data, slot->key.bytes, - alg, hash, hash_length, + return psa_verify_internal( + key, PSA_VERIFY_HASH, alg, hash, hash_length, signature, signature_length ); - - unlock_status = psa_unlock_key_slot( slot ); - - return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) From 38cbaf2881ba29e13406cc8cc7e948e4aef63917 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 22 Apr 2021 11:27:47 +0200 Subject: [PATCH 060/271] Typo Signed-off-by: gabor-mezei-arm --- include/psa/crypto.h | 20 ++++++++++---------- library/psa_crypto_core.h | 2 -- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index eedf5f52d1..c45ad844bd 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2898,17 +2898,17 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * psa_sign_hash(). PSA_ALG_GET_HASH(\p alg) can be used to determine the * hash algorithm to use. * - * \param[in] key Identifier of the key to use for the operation. + * \param[in] key Identifier of the key to use for the operation. * It must be an asymmetric key pair. The key must * allow the usage #PSA_KEY_USAGE_SIGN_MESSAGE. - * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX + * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX * value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg) * is true), that is compatible with the type of * \p key. - * \param[in] input The input message to sign. - * \param[in] input_length Size of the \p input buffer in bytes. + * \param[in] input The input message to sign. + * \param[in] input_length Size of the \p input buffer in bytes. * \param[out] signature Buffer where the signature is to be written. - * \param[in] signature_size Size of the \p signature buffer in bytes. This + * \param[in] signature_size Size of the \p signature buffer in bytes. This * must be appropriate for the selected * algorithm and key: * - The required signature size is @@ -2964,18 +2964,18 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, * PSA_ALG_GET_HASH(\p alg) can be used to determine the hash algorithm * to use. * - * \param[in] key Identifier of the key to use for the operation. + * \param[in] key Identifier of the key to use for the operation. * It must be a public key or an asymmetric key * pair. The key must allow the usage * #PSA_KEY_USAGE_VERIFY_MESSAGE. - * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX + * \param[in] alg An asymmetric signature algorithm (PSA_ALG_XXX * value such that #PSA_ALG_IS_SIGN_MESSAGE(\p alg) * is true), that is compatible with the type of * \p key. - * \param[in] input The message whose signature is to be verified. - * \param[in] input_length Size of the \p input buffer in bytes. + * \param[in] input The message whose signature is to be verified. + * \param[in] input_length Size of the \p input buffer in bytes. * \param[out] signature Buffer containing the signature to verify. - * \param[in] signature_length Size of the \p signature buffer in bytes. + * \param[in] signature_length Size of the \p signature buffer in bytes. * * \retval #PSA_SUCCESS * \retval #PSA_ERROR_INVALID_HANDLE diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index b75e59a819..21464a426e 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -388,7 +388,6 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, * \param[in] attributes The attributes of the key to use for the * operation. * \param[in] key_buffer The buffer containing the key context. - * format. * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. * \param[in] alg A signature algorithm that is compatible with * the type of the key. @@ -429,7 +428,6 @@ psa_status_t psa_sign_hash_internal( * \param[in] attributes The attributes of the key to use for the * operation. * \param[in] key_buffer The buffer containing the key context. - * format. * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. * \param[in] alg A signature algorithm that is compatible with * the type of the key. From 50eac35d58f1fd9f0d4c03a707a0472c388f10d9 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 22 Apr 2021 11:32:19 +0200 Subject: [PATCH 061/271] Dispatch sign/verify funtions through the driver interface Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 88 +++++--- library/psa_crypto_core.h | 73 +++++++ library/psa_crypto_driver_wrappers.c | 204 ++++++++++++++++++ library/psa_crypto_driver_wrappers.h | 21 ++ tests/include/test/drivers/signature.h | 42 ++++ tests/src/drivers/test_driver_signature.c | 251 +++++++++++++++++----- 6 files changed, 602 insertions(+), 77 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3f35868f8a..33b97079cf 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2535,20 +2535,9 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, if( operation == PSA_SIGN_MESSAGE ) { - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; - - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); - - if( status != PSA_SUCCESS ) - goto exit; - - status = psa_driver_wrapper_sign_hash( + status = psa_driver_wrapper_sign_message( &attributes, slot->key.data, slot->key.bytes, - alg, hash, hash_length, + alg, input, input_length, signature, signature_size, signature_length ); } else if( operation == PSA_SIGN_HASH ) @@ -2624,20 +2613,9 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, if( operation == PSA_VERIFY_MESSAGE ) { - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; - - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); - - if( status != PSA_SUCCESS ) - goto exit; - - status = psa_driver_wrapper_verify_hash( + status = psa_driver_wrapper_verify_message( &attributes, slot->key.data, slot->key.bytes, - alg, hash, hash_length, + alg, input, input_length, signature, signature_length ); } else if( operation == PSA_VERIFY_HASH ) @@ -2648,13 +2626,41 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, signature, signature_length ); } -exit: unlock_status = psa_unlock_key_slot( slot ); return( ( status == PSA_SUCCESS ) ? unlock_status : status ); } +psa_status_t psa_sign_message_internal( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_SUCCESS ) + return status; + + return psa_sign_hash_internal( + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ); +} + psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t * input, @@ -2668,6 +2674,34 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, signature, signature_size, signature_length ); } +psa_status_t psa_verify_message_internal( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_SUCCESS ) + return status; + + return psa_verify_hash_internal( + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ); +} + psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t * input, diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 21464a426e..d28b18eac8 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -377,6 +377,79 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); +/** Sign a message with a private key. For hash-and-sign algorithms, + * this includes the hashing step. + * + * \note The signature of this function is that of a PSA driver + * sign_message entry point. This function behaves as a sign_message + * entry point as defined in the PSA driver interface specification for + * transparent drivers. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A signature algorithm that is compatible with + * the type of the key. + * \param[in] input The input message to sign. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[out] signature Buffer where the signature is to be written. + * \param[in] signature_size Size of the \p signature buffer in bytes. + * \param[out] signature_length On success, the number of bytes + * that make up the returned signature value. + * + * \retval #PSA_SUCCESS + * \retval #PSA_ERROR_BUFFER_TOO_SMALL + * The size of the \p signature buffer is too small. You can + * determine a sufficient buffer size by calling + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and bit-size + * respectively of the key. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + * \retval #PSA_ERROR_CORRUPTION_DETECTED + * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY + */ +psa_status_t psa_sign_message_internal( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *input, size_t input_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ); + +/** Verify the signature of a message with a public key, using + * a hash-and-sign verification algorithm. + * + * \note The signature of this function is that of a PSA driver + * verify_message entry point. This function behaves as a verify_message + * entry point as defined in the PSA driver interface specification for + * transparent drivers. + * + * \param[in] attributes The attributes of the key to use for the + * operation. + * \param[in] key_buffer The buffer containing the key context. + * \param[in] key_buffer_size Size of the \p key_buffer buffer in bytes. + * \param[in] alg A signature algorithm that is compatible with + * the type of the key. + * \param[in] input The message whose signature is to be verified. + * \param[in] input_length Size of the \p input buffer in bytes. + * \param[in] signature Buffer containing the signature to verify. + * \param[in] signature_length Size of the \p signature buffer in bytes. + * + * \retval #PSA_SUCCESS + * The signature is valid. + * \retval #PSA_ERROR_INVALID_SIGNATURE + * The calculation was performed successfully, but the passed + * signature is not a valid signature. + * \retval #PSA_ERROR_NOT_SUPPORTED + * \retval #PSA_ERROR_INVALID_ARGUMENT + * \retval #PSA_ERROR_INSUFFICIENT_MEMORY + */ +psa_status_t psa_verify_message_internal( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, const uint8_t *input, size_t input_length, + const uint8_t *signature, size_t signature_length ); /** Sign an already-calculated hash with a private key. * diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 795e424894..1f204ccfd9 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -65,6 +65,210 @@ #endif /* Start delegation functions */ +psa_status_t psa_driver_wrapper_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + /* Try dynamically-registered SE interface first */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + if( drv->asymmetric == NULL || + drv->asymmetric->p_sign == NULL ) + { + /* Key is defined in SE, but we have no way to exercise it */ + return( PSA_ERROR_NOT_SUPPORTED ); + } + + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + + return( drv->asymmetric->p_sign( + drv_context, *( (psa_key_slot_number_t *)key_buffer ), + alg, hash, hash_length, + signature, signature_size, signature_length ) ); + } +#endif /* PSA_CRYPTO_SE_C */ + + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_signature_sign_message( + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length ); + /* Declared with fallback == true */ + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + /* Fell through, meaning no accelerator supports this operation */ + return( psa_sign_message_internal( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length ) ); + + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + return( mbedtls_test_opaque_signature_sign_message( + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + /* Key is declared with a lifetime not known to us */ + (void)status; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + +psa_status_t psa_driver_wrapper_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + + /* Try dynamically-registered SE interface first */ +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) + const psa_drv_se_t *drv; + psa_drv_se_context_t *drv_context; + + if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) + { + if( drv->asymmetric == NULL || + drv->asymmetric->p_verify == NULL ) + { + /* Key is defined in SE, but we have no way to exercise it */ + return( PSA_ERROR_NOT_SUPPORTED ); + } + + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), + &hash_length ); + + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + + return( drv->asymmetric->p_verify( + drv_context, *( (psa_key_slot_number_t *)key_buffer ), + alg, hash, hash_length, + signature, signature_length ) ); + } +#endif /* PSA_CRYPTO_SE_C */ + + psa_key_location_t location = + PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); + + switch( location ) + { + case PSA_KEY_LOCATION_LOCAL_STORAGE: + /* Key is stored in the slot in export representation, so + * cycle through all known transparent accelerators */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + status = mbedtls_test_transparent_signature_verify_message( + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length ); + /* Declared with fallback == true */ + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + + return( psa_verify_message_internal( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length ) ); + + /* Add cases for opaque driver here */ +#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) +#if defined(PSA_CRYPTO_DRIVER_TEST) + case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + return( mbedtls_test_opaque_signature_verify_message( + attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length ) ); +#endif /* PSA_CRYPTO_DRIVER_TEST */ +#endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ + default: + /* Key is declared with a lifetime not known to us */ + (void)status; + return( PSA_ERROR_INVALID_ARGUMENT ); + } +} + psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h index 37d5a9a1c0..732ed2a7fa 100644 --- a/library/psa_crypto_driver_wrappers.h +++ b/library/psa_crypto_driver_wrappers.h @@ -28,6 +28,27 @@ /* * Signature functions */ +psa_status_t psa_driver_wrapper_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ); + +psa_status_t psa_driver_wrapper_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ); + psa_status_t psa_driver_wrapper_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h index 1586ce9bcb..5e64edc3c8 100644 --- a/tests/include/test/drivers/signature.h +++ b/tests/include/test/drivers/signature.h @@ -54,6 +54,48 @@ extern mbedtls_test_driver_signature_hooks_t extern mbedtls_test_driver_signature_hooks_t mbedtls_test_driver_signature_verify_hooks; +psa_status_t mbedtls_test_transparent_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ); + +psa_status_t mbedtls_test_opaque_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ); + +psa_status_t mbedtls_test_transparent_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ); + +psa_status_t mbedtls_test_opaque_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ); + psa_status_t mbedtls_test_transparent_signature_sign_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c index be8c1792bc..14de8318e9 100644 --- a/tests/src/drivers/test_driver_signature.c +++ b/tests/src/drivers/test_driver_signature.c @@ -29,6 +29,7 @@ #include "psa/crypto.h" #include "psa_crypto_core.h" #include "psa_crypto_ecp.h" +#include "psa_crypto_hash.h" #include "psa_crypto_rsa.h" #include "mbedtls/ecp.h" @@ -46,30 +47,17 @@ mbedtls_test_driver_signature_hooks_t mbedtls_test_driver_signature_hooks_t mbedtls_test_driver_signature_verify_hooks = MBEDTLS_TEST_DRIVER_SIGNATURE_INIT; -psa_status_t mbedtls_test_transparent_signature_sign_hash( +psa_status_t sign_hash( const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, - const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + const uint8_t *hash, + size_t hash_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) { - ++mbedtls_test_driver_signature_sign_hooks.hits; - - if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_sign_hooks.forced_status ); - - if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) - { - if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > - signature_size ) - return( PSA_ERROR_BUFFER_TOO_SMALL ); - memcpy( signature, - mbedtls_test_driver_signature_sign_hooks.forced_output, - mbedtls_test_driver_signature_sign_hooks.forced_output_length ); - *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; - return( PSA_SUCCESS ); - } - #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR ) @@ -124,38 +112,16 @@ psa_status_t mbedtls_test_transparent_signature_sign_hash( } } -psa_status_t mbedtls_test_opaque_signature_sign_hash( +psa_status_t verify_hash( const psa_key_attributes_t *attributes, - const uint8_t *key, size_t key_length, + const uint8_t *key_buffer, + size_t key_buffer_size, psa_algorithm_t alg, - const uint8_t *hash, size_t hash_length, - uint8_t *signature, size_t signature_size, size_t *signature_length ) + const uint8_t *hash, + size_t hash_length, + const uint8_t *signature, + size_t signature_length ) { - (void) attributes; - (void) key; - (void) key_length; - (void) alg; - (void) hash; - (void) hash_length; - (void) signature; - (void) signature_size; - (void) signature_length; - - return( PSA_ERROR_NOT_SUPPORTED ); -} - -psa_status_t mbedtls_test_transparent_signature_verify_hash( - const psa_key_attributes_t *attributes, - const uint8_t *key_buffer, size_t key_buffer_size, - psa_algorithm_t alg, - const uint8_t *hash, size_t hash_length, - const uint8_t *signature, size_t signature_length ) -{ - ++mbedtls_test_driver_signature_verify_hooks.hits; - - if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) - return( mbedtls_test_driver_signature_verify_hooks.forced_status ); - #if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) ) @@ -204,6 +170,191 @@ psa_status_t mbedtls_test_transparent_signature_verify_hash( } } +psa_status_t mbedtls_test_transparent_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + ++mbedtls_test_driver_signature_sign_hooks.hits; + + if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_sign_hooks.forced_status ); + + if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) + { + if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + + memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; + + return( PSA_SUCCESS ); + } + + status = mbedtls_transparent_test_driver_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, + hash, sizeof( hash ), &hash_length ); + + if( status != PSA_SUCCESS ) + return status; + + return sign_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ); +} + +psa_status_t mbedtls_test_opaque_signature_sign_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + uint8_t *signature, + size_t signature_size, + size_t *signature_length ) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) signature; + (void) signature_size; + (void) signature_length; + + return( PSA_ERROR_NOT_SUPPORTED ); +} + +psa_status_t mbedtls_test_transparent_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, + size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ) +{ + psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + + ++mbedtls_test_driver_signature_verify_hooks.hits; + + if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_verify_hooks.forced_status ); + + status = mbedtls_transparent_test_driver_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, + hash, sizeof( hash ), &hash_length ); + + if( status != PSA_SUCCESS ) + return status; + + return verify_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ); +} + +psa_status_t mbedtls_test_opaque_signature_verify_message( + const psa_key_attributes_t *attributes, + const uint8_t *key, + size_t key_length, + psa_algorithm_t alg, + const uint8_t *input, + size_t input_length, + const uint8_t *signature, + size_t signature_length ) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) input; + (void) input_length; + (void) signature; + (void) signature_length; + + return( PSA_ERROR_NOT_SUPPORTED ); +} + +psa_status_t mbedtls_test_transparent_signature_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ) +{ + ++mbedtls_test_driver_signature_sign_hooks.hits; + + if( mbedtls_test_driver_signature_sign_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_sign_hooks.forced_status ); + + if( mbedtls_test_driver_signature_sign_hooks.forced_output != NULL ) + { + if( mbedtls_test_driver_signature_sign_hooks.forced_output_length > signature_size ) + return( PSA_ERROR_BUFFER_TOO_SMALL ); + memcpy( signature, mbedtls_test_driver_signature_sign_hooks.forced_output, + mbedtls_test_driver_signature_sign_hooks.forced_output_length ); + *signature_length = mbedtls_test_driver_signature_sign_hooks.forced_output_length; + return( PSA_SUCCESS ); + } + + return sign_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ); +} + +psa_status_t mbedtls_test_opaque_signature_sign_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key, size_t key_length, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + uint8_t *signature, size_t signature_size, size_t *signature_length ) +{ + (void) attributes; + (void) key; + (void) key_length; + (void) alg; + (void) hash; + (void) hash_length; + (void) signature; + (void) signature_size; + (void) signature_length; + + return( PSA_ERROR_NOT_SUPPORTED ); +} + +psa_status_t mbedtls_test_transparent_signature_verify_hash( + const psa_key_attributes_t *attributes, + const uint8_t *key_buffer, size_t key_buffer_size, + psa_algorithm_t alg, + const uint8_t *hash, size_t hash_length, + const uint8_t *signature, size_t signature_length ) +{ + ++mbedtls_test_driver_signature_verify_hooks.hits; + + if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS ) + return( mbedtls_test_driver_signature_verify_hooks.forced_status ); + + return verify_hash( attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ); +} + psa_status_t mbedtls_test_opaque_signature_verify_hash( const psa_key_attributes_t *attributes, const uint8_t *key, size_t key_length, From 2fcb393ebda09957d23209c82491fade60471397 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 23 Apr 2021 12:49:00 +0200 Subject: [PATCH 062/271] Rename driver test funtions and test cases Modify function and test case names that testing psa_sign_hash and psa_verify_hash funtions to be less confusing with the newly introduced function and test case names which tests psa_sign_message and psa_verify_message functions. Signed-off-by: gabor-mezei-arm --- ...test_suite_psa_crypto_driver_wrappers.data | 20 ++++++++-------- ..._suite_psa_crypto_driver_wrappers.function | 24 +++++++++---------- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index 95ab688bea..c52ad51c0e 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -1,35 +1,35 @@ sign_hash through transparent driver: calculate in driver -ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS +ecdsa_sign_hash:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS sign_hash through transparent driver: fallback depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_sign:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS +ecdsa_sign_hash:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_SUCCESS sign_hash through transparent driver: error -ecdsa_sign:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR +ecdsa_sign_hash:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":0:PSA_ERROR_GENERIC_ERROR sign_hash through transparent driver: fake -ecdsa_sign:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS +ecdsa_sign_hash:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS verify_hash using private key through transparent driver: calculate in driver -ecdsa_verify:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +ecdsa_verify_hash:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash using private key through transparent driver: fallback depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash using private key through transparent driver: error -ecdsa_verify:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR +ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR verify_hash using public key through transparent driver: calculate in driver -ecdsa_verify:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +ecdsa_verify_hash:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash using public key through transparent driver: fallback depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA -ecdsa_verify:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS +ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_SUCCESS verify_hash using public key through transparent driver: error -ecdsa_verify:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR +ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR generate_key through transparent driver: fake generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index ac241f5ad4..85e2b08d26 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -8,12 +8,12 @@ */ /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void ecdsa_sign( int force_status_arg, - data_t *key_input, - data_t *data_input, - data_t *expected_output, - int fake_output, - int expected_status_arg ) +void ecdsa_sign_hash( int force_status_arg, + data_t *key_input, + data_t *data_input, + data_t *expected_output, + int fake_output, + int expected_status_arg ) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; @@ -66,12 +66,12 @@ exit: /* END_CASE */ /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ -void ecdsa_verify( int force_status_arg, - int register_public_key, - data_t *key_input, - data_t *data_input, - data_t *signature_input, - int expected_status_arg ) +void ecdsa_verify_hash( int force_status_arg, + int register_public_key, + data_t *key_input, + data_t *data_input, + data_t *signature_input, + int expected_status_arg ) { psa_status_t force_status = force_status_arg; psa_status_t expected_status = expected_status_arg; From 816886c8f356374b23b476fc1582e6af1bec52ae Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 23 Apr 2021 12:38:33 +0200 Subject: [PATCH 063/271] Add driver tests for sign/verify_message Adopting the tests for sign/verify_hash. The expected ouput data was created with python-ecdsa. Signed-off-by: gabor-mezei-arm --- ...test_suite_psa_crypto_driver_wrappers.data | 33 +++++ ..._suite_psa_crypto_driver_wrappers.function | 114 ++++++++++++++++++ 2 files changed, 147 insertions(+) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data index c52ad51c0e..dbc5b1f204 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data @@ -31,6 +31,39 @@ ecdsa_verify_hash:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea verify_hash using public key through transparent driver: error ecdsa_verify_hash:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f":PSA_ERROR_GENERIC_ERROR +sign_message through transparent driver: calculate in driver +ecdsa_sign_message:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS + +sign_message through transparent driver: fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +ecdsa_sign_message:PSA_ERROR_NOT_SUPPORTED:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_SUCCESS + +sign_message through transparent driver: error +ecdsa_sign_message:PSA_ERROR_GENERIC_ERROR:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":0:PSA_ERROR_GENERIC_ERROR + +sign_message through transparent driver: fake +ecdsa_sign_message:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"000102030405060708090A0B0C0D0E0F":1:PSA_SUCCESS + +verify_message using private key through transparent driver: calculate in driver +ecdsa_verify_message:PSA_SUCCESS:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message using private key through transparent driver: fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +ecdsa_verify_message:PSA_ERROR_NOT_SUPPORTED:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message using private key through transparent driver: error +ecdsa_verify_message:PSA_ERROR_GENERIC_ERROR:0:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR + +verify_message using public key through transparent driver: calculate in driver +ecdsa_verify_message:PSA_SUCCESS:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message using public key through transparent driver: fallback +depends_on:MBEDTLS_PSA_BUILTIN_ALG_ECDSA +ecdsa_verify_message:PSA_ERROR_NOT_SUPPORTED:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_SUCCESS + +verify_message using public key through transparent driver: error +ecdsa_verify_message:PSA_ERROR_GENERIC_ERROR:1:"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548":PSA_ERROR_GENERIC_ERROR + generate_key through transparent driver: fake generate_key:PSA_SUCCESS:"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_SUCCESS diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 85e2b08d26..5cc5a32b7b 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -121,6 +121,120 @@ exit: } /* END_CASE */ +/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +void ecdsa_sign_message( int force_status_arg, + data_t *key_input, + data_t *data_input, + data_t *expected_output, + int fake_output, + int expected_status_arg ) +{ + psa_status_t force_status = force_status_arg; + psa_status_t expected_status = expected_status_arg; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); + uint8_t signature[64]; + size_t signature_length = 0xdeadbeef; + psa_status_t actual_status; + mbedtls_test_driver_signature_sign_hooks = + mbedtls_test_driver_signature_hooks_init(); + + PSA_ASSERT( psa_crypto_init( ) ); + psa_set_key_type( &attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_import_key( &attributes, + key_input->x, key_input->len, + &key ); + + mbedtls_test_driver_signature_sign_hooks.forced_status = force_status; + if( fake_output == 1 ) + { + mbedtls_test_driver_signature_sign_hooks.forced_output = + expected_output->x; + mbedtls_test_driver_signature_sign_hooks.forced_output_length = + expected_output->len; + } + + actual_status = psa_sign_message( key, alg, + data_input->x, data_input->len, + signature, sizeof( signature ), + &signature_length ); + TEST_EQUAL( actual_status, expected_status ); + if( expected_status == PSA_SUCCESS ) + { + ASSERT_COMPARE( signature, signature_length, + expected_output->x, expected_output->len ); + } + TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_test_driver_signature_sign_hooks = + mbedtls_test_driver_signature_hooks_init(); +} +/* END_CASE */ + +/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +void ecdsa_verify_message( int force_status_arg, + int register_public_key, + data_t *key_input, + data_t *data_input, + data_t *signature_input, + int expected_status_arg ) +{ + psa_status_t force_status = force_status_arg; + psa_status_t expected_status = expected_status_arg; + mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; + psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; + psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); + psa_status_t actual_status; + mbedtls_test_driver_signature_verify_hooks = + mbedtls_test_driver_signature_hooks_init(); + + PSA_ASSERT( psa_crypto_init( ) ); + if( register_public_key ) + { + psa_set_key_type( &attributes, + PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_CURVE_SECP_R1 ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_import_key( &attributes, + key_input->x, key_input->len, + &key ); + } + else + { + psa_set_key_type( &attributes, + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); + psa_set_key_algorithm( &attributes, alg ); + psa_import_key( &attributes, + key_input->x, key_input->len, + &key ); + } + + mbedtls_test_driver_signature_verify_hooks.forced_status = force_status; + + actual_status = psa_verify_message( key, alg, + data_input->x, data_input->len, + signature_input->x, signature_input->len ); + TEST_EQUAL( actual_status, expected_status ); + TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); + +exit: + psa_reset_key_attributes( &attributes ); + psa_destroy_key( key ); + PSA_DONE( ); + mbedtls_test_driver_signature_verify_hooks = + mbedtls_test_driver_signature_hooks_init(); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ void generate_key( int force_status_arg, data_t *fake_output, From 4c6a47a8332a66f9816e82dcd56ffd5f7db13d73 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 26 Apr 2021 20:12:17 +0200 Subject: [PATCH 064/271] Add test for sign/verify message key policies Update the mbedtls_test_psa_exercise_key to handle and use PSA_KEY_USAGE_SIGN_MESSAGE and PSA_KEY_USAGE_VERIFY_MESSAGE key policies. Add new tests for PSA_KEY_USAGE_SIGN_MESSAGE and PSA_KEY_USAGE_VERIFY_MESSAGE policies. Signed-off-by: gabor-mezei-arm --- tests/src/psa_exercise_key.c | 114 ++++++++++++++++-------- tests/suites/test_suite_psa_crypto.data | 52 ++++++++++- 2 files changed, 126 insertions(+), 40 deletions(-) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index e7e68631ad..197e31a349 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -297,46 +297,77 @@ static int exercise_signature_key( mbedtls_svc_key_id_t key, psa_key_usage_t usage, psa_algorithm_t alg ) { - unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; - size_t payload_length = 16; - unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; - size_t signature_length = sizeof( signature ); - psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); - - /* If the policy allows signing with any hash, just pick one. */ - if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH ) + if( usage & ( PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ) ) { -#if defined(KNOWN_SUPPORTED_HASH_ALG) - hash_alg = KNOWN_SUPPORTED_HASH_ALG; - alg ^= PSA_ALG_ANY_HASH ^ hash_alg; -#else - TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" ); -#endif + unsigned char payload[PSA_HASH_MAX_SIZE] = {1}; + size_t payload_length = 16; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; + size_t signature_length = sizeof( signature ); + psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg ); + + /* If the policy allows signing with any hash, just pick one. */ + if( PSA_ALG_IS_HASH_AND_SIGN( alg ) && hash_alg == PSA_ALG_ANY_HASH ) + { + #if defined(KNOWN_SUPPORTED_HASH_ALG) + hash_alg = KNOWN_SUPPORTED_HASH_ALG; + alg ^= PSA_ALG_ANY_HASH ^ hash_alg; + #else + TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" ); + #endif + } + + if( usage & PSA_KEY_USAGE_SIGN_HASH ) + { + /* Some algorithms require the payload to have the size of + * the hash encoded in the algorithm. Use this input size + * even for algorithms that allow other input sizes. */ + if( hash_alg != 0 ) + payload_length = PSA_HASH_LENGTH( hash_alg ); + PSA_ASSERT( psa_sign_hash( key, alg, + payload, payload_length, + signature, sizeof( signature ), + &signature_length ) ); + } + + if( usage & PSA_KEY_USAGE_VERIFY_HASH ) + { + psa_status_t verify_status = + ( usage & PSA_KEY_USAGE_SIGN_HASH ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_verify_hash( key, alg, + payload, payload_length, + signature, signature_length ), + verify_status ); + } } - if( usage & PSA_KEY_USAGE_SIGN_HASH ) + if( usage & ( PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ) ) { - /* Some algorithms require the payload to have the size of - * the hash encoded in the algorithm. Use this input size - * even for algorithms that allow other input sizes. */ - if( hash_alg != 0 ) - payload_length = PSA_HASH_LENGTH( hash_alg ); - PSA_ASSERT( psa_sign_hash( key, alg, - payload, payload_length, - signature, sizeof( signature ), - &signature_length ) ); - } + unsigned char message[256] = "Hello, world..."; + unsigned char signature[PSA_SIGNATURE_MAX_SIZE] = {0}; + size_t message_length = 16; + size_t signature_length = sizeof( signature ); - if( usage & PSA_KEY_USAGE_VERIFY_HASH ) - { - psa_status_t verify_status = - ( usage & PSA_KEY_USAGE_SIGN_HASH ? - PSA_SUCCESS : - PSA_ERROR_INVALID_SIGNATURE ); - TEST_EQUAL( psa_verify_hash( key, alg, - payload, payload_length, - signature, signature_length ), - verify_status ); + if( usage & PSA_KEY_USAGE_SIGN_MESSAGE ) + { + PSA_ASSERT( psa_sign_message( key, alg, + message, message_length, + signature, sizeof( signature ), + &signature_length ) ); + } + + if( usage & PSA_KEY_USAGE_VERIFY_MESSAGE ) + { + psa_status_t verify_status = + ( usage & PSA_KEY_USAGE_SIGN_MESSAGE ? + PSA_SUCCESS : + PSA_ERROR_INVALID_SIGNATURE ); + TEST_EQUAL( psa_verify_message( key, alg, + message, message_length, + signature, signature_length ), + verify_status ); + } } return( 1 ); @@ -893,9 +924,16 @@ psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type, { if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ) { - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH : - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); + if( PSA_ALG_SIGN_GET_HASH( alg ) ) + return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE: + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); + + else + return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_VERIFY_HASH: + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); } else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d745ae3e59..8f4f5525b8 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -373,6 +373,14 @@ PSA key policy: ECC SECP256R1, sign+verify depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY +PSA key policy: ECC SECP256R1, sign message +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + +PSA key policy: ECC SECP256R1, sign+verify message +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +check_key_policy:PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ):256:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + Key attributes initializers zero properly key_attributes_init: @@ -648,6 +656,42 @@ PSA key policy: asymmetric signature, neither sign nor verify depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 +PSA key policy: asymmetric signature for message, sign | verify +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 + +PSA key policy: asymmetric signature for message, wrong algorithm family +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature for message, wildcard in policy, wrong algorithm family +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature for message, wildcard in policy, ECDSA SHA-256 +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 + +PSA key policy: asymmetric signature for message, wildcard in policy, PKCS#1v1.5 SHA-256 +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 + +PSA key policy: asymmetric signature for message, wrong hash algorithm +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature for message, alg=0 in policy +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 + +PSA key policy: asymmetric signature for message, sign but not verify +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 + +PSA key policy: asymmetric signature for message, verify but not sign +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 + PSA key policy: derive via HKDF, permitted depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256 derive_key_policy:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_TYPE_DERIVE:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":PSA_ALG_HKDF(PSA_ALG_SHA_256) @@ -720,6 +764,10 @@ PSA key policy algorithm2: ECDH, ECDSA depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDH:PSA_ALG_ECDSA_ANY +PSA key policy algorithm2 with message signature: ECDH, ECDSA +depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +key_policy_alg2:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDH:PSA_ALG_ECDSA(PSA_ALG_SHA_256) + Copy key: raw, 1 byte copy_success:PSA_KEY_USAGE_COPY:0:0:PSA_KEY_TYPE_RAW_DATA:"2a":1:-1:-1:0:PSA_KEY_USAGE_COPY:0:0 @@ -2103,8 +2151,8 @@ depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLI import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ) PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C From 2522c0b1cd4a0c4782ebac9df7a88bc650908223 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 27 Apr 2021 18:52:51 +0200 Subject: [PATCH 065/271] Update macro names Signed-off-by: gabor-mezei-arm --- library/psa_crypto_driver_wrappers.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 1f204ccfd9..dd9f165775 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -149,7 +149,7 @@ psa_status_t psa_driver_wrapper_sign_message( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( mbedtls_test_opaque_signature_sign_message( attributes, key_buffer, @@ -250,7 +250,7 @@ psa_status_t psa_driver_wrapper_verify_message( /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) - case PSA_CRYPTO_TEST_DRIVER_LIFETIME: + case PSA_CRYPTO_TEST_DRIVER_LOCATION: return( mbedtls_test_opaque_signature_verify_message( attributes, key_buffer, From 46c23a051cb0a1f92d7ead1393a1a3c3c63daf80 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 29 Apr 2021 16:44:59 +0200 Subject: [PATCH 066/271] Fix error checking Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 33b97079cf..5b9d8cb511 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2489,24 +2489,26 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, *signature_length = 0; - if( operation == PSA_SIGN_MESSAGE ) + if( operation == PSA_SIGN_INVALID ) + return( PSA_ERROR_INVALID_ARGUMENT ); + else { if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + if( operation == PSA_SIGN_MESSAGE ) { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } } /* Curently only hash-then-sign algorithms are supported. */ else return( PSA_ERROR_INVALID_ARGUMENT ); } - else if( operation == PSA_SIGN_INVALID ) - return( PSA_ERROR_INVALID_ARGUMENT ); - /* Immediately reject a zero-length signature buffer. This guarantees * that signature must be a valid pointer. (On the other hand, the hash * buffer can in principle be empty since it doesn't actually have @@ -2580,24 +2582,26 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - if( operation == PSA_VERIFY_MESSAGE ) + if( operation == PSA_VERIFY_INVALID ) + return( PSA_ERROR_INVALID_ARGUMENT ); + else { if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); - if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + if( operation == PSA_VERIFY_MESSAGE ) { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } } /* Curently only hash-then-sign algorithms are supported. */ else return( PSA_ERROR_INVALID_ARGUMENT ); } - else if( operation == PSA_VERIFY_INVALID ) - return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_get_and_lock_key_slot_with_policy( key, &slot, operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH : From 0f622409425776c2495c1e48e227beed0d9d1113 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 29 Apr 2021 16:48:44 +0200 Subject: [PATCH 067/271] Enable algorithms other than hash-then-sign For psa_hash/verify_message other algorithms than hash-then-sign is enabled like PureEdDSA. Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 5b9d8cb511..533963ebfe 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2504,9 +2504,6 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, return( PSA_ERROR_INVALID_ARGUMENT ); } } - /* Curently only hash-then-sign algorithms are supported. */ - else - return( PSA_ERROR_INVALID_ARGUMENT ); } /* Immediately reject a zero-length signature buffer. This guarantees @@ -2597,9 +2594,6 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, return( PSA_ERROR_INVALID_ARGUMENT ); } } - /* Curently only hash-then-sign algorithms are supported. */ - else - return( PSA_ERROR_INVALID_ARGUMENT ); } status = psa_get_and_lock_key_slot_with_policy( @@ -2651,13 +2645,16 @@ psa_status_t psa_sign_message_internal( size_t hash_length; uint8_t hash[PSA_HASH_MAX_SIZE]; - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + status = psa_driver_wrapper_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), &hash_length ); - if( status != PSA_SUCCESS ) - return status; + if( status != PSA_SUCCESS ) + return status; + } return psa_sign_hash_internal( attributes, key_buffer, key_buffer_size, @@ -2692,13 +2689,16 @@ psa_status_t psa_verify_message_internal( size_t hash_length; uint8_t hash[PSA_HASH_MAX_SIZE]; - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + status = psa_driver_wrapper_hash_compute( + PSA_ALG_SIGN_GET_HASH( alg ), + input, input_length, + hash, sizeof( hash ), &hash_length ); - if( status != PSA_SUCCESS ) - return status; + if( status != PSA_SUCCESS ) + return status; + } return psa_verify_hash_internal( attributes, key_buffer, key_buffer_size, From df0f23076229fa20b94312518d460341d069024b Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 29 Apr 2021 16:53:31 +0200 Subject: [PATCH 068/271] Typo Signed-off-by: gabor-mezei-arm --- library/psa_crypto_core.h | 1 + 1 file changed, 1 insertion(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index d28b18eac8..a742b6dbbc 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -377,6 +377,7 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ); + /** Sign a message with a private key. For hash-and-sign algorithms, * this includes the hashing step. * From b5c1e37affc726c3e0b890a32715b8c12c753cd0 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 29 Apr 2021 16:53:58 +0200 Subject: [PATCH 069/271] Use driver-wrapper functions for psa_sign/verify_message To avoid code duplication of the old-style SE interface usage call psa_driver_wrapper_sign/verify_hash function instead of the direct internal functions. Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 4 +- library/psa_crypto_driver_wrappers.c | 66 ---------------------------- 2 files changed, 2 insertions(+), 68 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 533963ebfe..b6353c4c01 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2656,7 +2656,7 @@ psa_status_t psa_sign_message_internal( return status; } - return psa_sign_hash_internal( + return psa_driver_wrapper_sign_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_size, signature_length ); @@ -2700,7 +2700,7 @@ psa_status_t psa_verify_message_internal( return status; } - return psa_verify_hash_internal( + return psa_driver_wrapper_verify_hash( attributes, key_buffer, key_buffer_size, alg, hash, hash_length, signature, signature_length ); diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index dd9f165775..5c36daf6f2 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -77,39 +77,6 @@ psa_status_t psa_driver_wrapper_sign_message( size_t *signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - /* Try dynamically-registered SE interface first */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - const psa_drv_se_t *drv; - psa_drv_se_context_t *drv_context; - - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->asymmetric == NULL || - drv->asymmetric->p_sign == NULL ) - { - /* Key is defined in SE, but we have no way to exercise it */ - return( PSA_ERROR_NOT_SUPPORTED ); - } - - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; - - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); - - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); - - return( drv->asymmetric->p_sign( - drv_context, *( (psa_key_slot_number_t *)key_buffer ), - alg, hash, hash_length, - signature, signature_size, signature_length ) ); - } -#endif /* PSA_CRYPTO_SE_C */ - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); @@ -180,39 +147,6 @@ psa_status_t psa_driver_wrapper_verify_message( size_t signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - - /* Try dynamically-registered SE interface first */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - const psa_drv_se_t *drv; - psa_drv_se_context_t *drv_context; - - if( psa_get_se_driver( attributes->core.lifetime, &drv, &drv_context ) ) - { - if( drv->asymmetric == NULL || - drv->asymmetric->p_verify == NULL ) - { - /* Key is defined in SE, but we have no way to exercise it */ - return( PSA_ERROR_NOT_SUPPORTED ); - } - - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; - - status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), - input, input_length, - hash, sizeof( hash ), - &hash_length ); - - if( status != PSA_ERROR_NOT_SUPPORTED ) - return( status ); - - return( drv->asymmetric->p_verify( - drv_context, *( (psa_key_slot_number_t *)key_buffer ), - alg, hash, hash_length, - signature, signature_length ) ); - } -#endif /* PSA_CRYPTO_SE_C */ - psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( attributes->core.lifetime ); From f9820f92cf6fe9090c8e70809cbc5fbe374069c0 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 3 May 2021 16:26:20 +0200 Subject: [PATCH 070/271] Fix for algorithms other than hash-then-sign Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index b6353c4c01..778ef1bad4 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2642,11 +2642,12 @@ psa_status_t psa_sign_message_internal( size_t *signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) { + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, @@ -2654,11 +2655,16 @@ psa_status_t psa_sign_message_internal( if( status != PSA_SUCCESS ) return status; + + return psa_driver_wrapper_sign_hash( + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_size, signature_length ); } return psa_driver_wrapper_sign_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, + alg, input, input_length, signature, signature_size, signature_length ); } @@ -2686,11 +2692,12 @@ psa_status_t psa_verify_message_internal( size_t signature_length ) { psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; - size_t hash_length; - uint8_t hash[PSA_HASH_MAX_SIZE]; if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) { + size_t hash_length; + uint8_t hash[PSA_HASH_MAX_SIZE]; + status = psa_driver_wrapper_hash_compute( PSA_ALG_SIGN_GET_HASH( alg ), input, input_length, @@ -2698,11 +2705,16 @@ psa_status_t psa_verify_message_internal( if( status != PSA_SUCCESS ) return status; + + return psa_driver_wrapper_verify_hash( + attributes, key_buffer, key_buffer_size, + alg, hash, hash_length, + signature, signature_length ); } return psa_driver_wrapper_verify_hash( attributes, key_buffer, key_buffer_size, - alg, hash, hash_length, + alg, input, input_length, signature, signature_length ); } From 6dcaa3b5a1fb14767e9438cc07e77d1f69c5dd33 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 3 May 2021 16:29:54 +0200 Subject: [PATCH 071/271] Update driver tests for psa_hash/verify_message Signed-off-by: gabor-mezei-arm --- .../suites/test_suite_psa_crypto_driver_wrappers.function | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 5cc5a32b7b..2041588857 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -168,7 +168,9 @@ void ecdsa_sign_message( int force_status_arg, ASSERT_COMPARE( signature, signature_length, expected_output->x, expected_output->len ); } - TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, 1 ); + /* In the builtin algorithm the driver is called twice. */ + TEST_EQUAL( mbedtls_test_driver_signature_sign_hooks.hits, + force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); exit: psa_reset_key_attributes( &attributes ); @@ -224,7 +226,9 @@ void ecdsa_verify_message( int force_status_arg, data_input->x, data_input->len, signature_input->x, signature_input->len ); TEST_EQUAL( actual_status, expected_status ); - TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, 1 ); + /* In the builtin algorithm the driver is called twice. */ + TEST_EQUAL( mbedtls_test_driver_signature_verify_hooks.hits, + force_status == PSA_ERROR_NOT_SUPPORTED ? 2 : 1 ); exit: psa_reset_key_attributes( &attributes ); From 6cdf637f881f8507b72566ec944eb63ffeaca8f7 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Mon, 3 May 2021 16:30:53 +0200 Subject: [PATCH 072/271] Use switch-case for error handling Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 42 ++++++++++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 16 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 778ef1bad4..991c169707 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2489,21 +2489,26 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, *signature_length = 0; - if( operation == PSA_SIGN_INVALID ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else + switch( operation ) { - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + case PSA_SIGN_HASH: + if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; + + case PSA_SIGN_MESSAGE: + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); - if( operation == PSA_SIGN_MESSAGE ) - { if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) { if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); } - } + break; + + default: + return( PSA_ERROR_INVALID_ARGUMENT ); } /* Immediately reject a zero-length signature buffer. This guarantees @@ -2579,21 +2584,26 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - if( operation == PSA_VERIFY_INVALID ) - return( PSA_ERROR_INVALID_ARGUMENT ); - else + switch( operation ) { - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); + case PSA_VERIFY_HASH: + if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + break; + + case PSA_VERIFY_MESSAGE: + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); - if( operation == PSA_VERIFY_MESSAGE ) - { if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) { if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); } - } + break; + + default: + return( PSA_ERROR_INVALID_ARGUMENT ); } status = psa_get_and_lock_key_slot_with_policy( From 12b4f34fff2132b8d079dd39263434c76010f636 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 13:54:55 +0200 Subject: [PATCH 073/271] Fix documentation Signed-off-by: gabor-mezei-arm --- include/psa/crypto.h | 4 ++-- library/psa_crypto.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index c45ad844bd..6aa7ccc924 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -2912,8 +2912,8 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation); * must be appropriate for the selected * algorithm and key: * - The required signature size is - * #PSA_SIGN_OUTPUT_SIZE(key_type, key_bits, \p alg) - * where key_type and key_bits are the type and + * #PSA_SIGN_OUTPUT_SIZE(\c key_type, \c key_bits, \p alg) + * where \c key_type and \c key_bits are the type and * bit-size respectively of key. * - #PSA_SIGNATURE_MAX_SIZE evaluates to the * maximum signature size of any supported diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 991c169707..4f2cdb3950 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2512,7 +2512,7 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, } /* Immediately reject a zero-length signature buffer. This guarantees - * that signature must be a valid pointer. (On the other hand, the hash + * that signature must be a valid pointer. (On the other hand, the input * buffer can in principle be empty since it doesn't actually have * to be a hash.) */ if( signature_size == 0 ) From 8b3e88614cec3d07da74546abe04d338c51061d7 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 13:56:27 +0200 Subject: [PATCH 074/271] Use bool variable instead of enum values Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 112 ++++++++++++++++--------------------------- 1 file changed, 41 insertions(+), 71 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 4f2cdb3950..575853981d 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2460,22 +2460,31 @@ cleanup: /* Asymmetric cryptography */ /****************************************************************/ -typedef enum +static psa_status_t psa_sign_verify_check_alg( uint8_t do_hash, + psa_algorithm_t alg ) { - PSA_SIGN_INVALID = 0, - PSA_SIGN_HASH = 1, - PSA_SIGN_MESSAGE -} psa_sign_operation_t; + if( do_hash ) + { + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); -typedef enum -{ - PSA_VERIFY_INVALID = 0, - PSA_VERIFY_HASH = 1, - PSA_VERIFY_MESSAGE -} psa_verify_operation_t; + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + } + else + { + if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + return( PSA_SUCCESS ); +} static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, - psa_sign_operation_t operation, + uint8_t do_hash, psa_algorithm_t alg, const uint8_t * input, size_t input_length, @@ -2489,27 +2498,9 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, *signature_length = 0; - switch( operation ) - { - case PSA_SIGN_HASH: - if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; - - case PSA_SIGN_MESSAGE: - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } - break; - - default: - return( PSA_ERROR_INVALID_ARGUMENT ); - } + status = psa_sign_verify_check_alg( do_hash, alg ); + if( status != PSA_SUCCESS ) + return status; /* Immediately reject a zero-length signature buffer. This guarantees * that signature must be a valid pointer. (On the other hand, the input @@ -2520,8 +2511,8 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, status = psa_get_and_lock_key_slot_with_policy( key, &slot, - operation == PSA_SIGN_HASH ? PSA_KEY_USAGE_SIGN_HASH : - PSA_KEY_USAGE_SIGN_MESSAGE, + do_hash ? PSA_KEY_USAGE_SIGN_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH, alg ); if( status != PSA_SUCCESS ) @@ -2537,14 +2528,14 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, .core = slot->attr }; - if( operation == PSA_SIGN_MESSAGE ) + if( do_hash ) { status = psa_driver_wrapper_sign_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, signature, signature_size, signature_length ); } - else if( operation == PSA_SIGN_HASH ) + else { status = psa_driver_wrapper_sign_hash( @@ -2573,7 +2564,7 @@ exit: } static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, - psa_verify_operation_t operation, + uint8_t do_hash, psa_algorithm_t alg, const uint8_t * input, size_t input_length, @@ -2584,32 +2575,14 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - switch( operation ) - { - case PSA_VERIFY_HASH: - if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; - - case PSA_VERIFY_MESSAGE: - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } - break; - - default: - return( PSA_ERROR_INVALID_ARGUMENT ); - } + status = psa_sign_verify_check_alg( do_hash, alg ); + if( status != PSA_SUCCESS ) + return status; status = psa_get_and_lock_key_slot_with_policy( key, &slot, - operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH : - PSA_KEY_USAGE_VERIFY_MESSAGE, + do_hash ? PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_VERIFY_HASH, alg ); if( status != PSA_SUCCESS ) @@ -2619,14 +2592,14 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, .core = slot->attr }; - if( operation == PSA_VERIFY_MESSAGE ) + if( do_hash ) { status = psa_driver_wrapper_verify_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, signature, signature_length ); } - else if( operation == PSA_VERIFY_HASH ) + else { status = psa_driver_wrapper_verify_hash( &attributes, slot->key.data, slot->key.bytes, @@ -2672,10 +2645,7 @@ psa_status_t psa_sign_message_internal( signature, signature_size, signature_length ); } - return psa_driver_wrapper_sign_hash( - attributes, key_buffer, key_buffer_size, - alg, input, input_length, - signature, signature_size, signature_length ); + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, @@ -2687,7 +2657,7 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, size_t * signature_length ) { return psa_sign_internal( - key, PSA_SIGN_MESSAGE, alg, input, input_length, + key, 1, alg, input, input_length, signature, signature_size, signature_length ); } @@ -2736,7 +2706,7 @@ psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, size_t signature_length ) { return psa_verify_internal( - key, PSA_VERIFY_MESSAGE, alg, input, input_length, + key, 1, alg, input, input_length, signature, signature_length ); } @@ -2807,7 +2777,7 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, size_t *signature_length ) { return psa_sign_internal( - key, PSA_SIGN_HASH, alg, hash, hash_length, + key, 0, alg, hash, hash_length, signature, signature_size, signature_length ); } @@ -2876,7 +2846,7 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, size_t signature_length ) { return psa_verify_internal( - key, PSA_VERIFY_HASH, alg, hash, hash_length, + key, 0, alg, hash, hash_length, signature, signature_length ); } From 474a35f635409561d86de1fd3bff3a8c07361153 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 13:59:01 +0200 Subject: [PATCH 075/271] Return error if algorithm is not hash-then-sign for psa_sign_message Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 575853981d..519c70aa6b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2692,10 +2692,7 @@ psa_status_t psa_verify_message_internal( signature, signature_length ); } - return psa_driver_wrapper_verify_hash( - attributes, key_buffer, key_buffer_size, - alg, input, input_length, - signature, signature_length ); + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, From 4fabc5666b8682cec2bb559f46ba16cf0bd5b951 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 6 May 2021 11:47:31 +0200 Subject: [PATCH 076/271] Use non-deterministic ecdsa algorithm for verify_hash/message tests Signed-off-by: gabor-mezei-arm --- .../suites/test_suite_psa_crypto_driver_wrappers.function | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 2041588857..db495c2c27 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -65,7 +65,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ void ecdsa_verify_hash( int force_status_arg, int register_public_key, data_t *key_input, @@ -77,7 +77,7 @@ void ecdsa_verify_hash( int force_status_arg, psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); + psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); @@ -181,7 +181,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ void ecdsa_verify_message( int force_status_arg, int register_public_key, data_t *key_input, @@ -193,7 +193,7 @@ void ecdsa_verify_message( int force_status_arg, psa_status_t expected_status = expected_status_arg; mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_algorithm_t alg = PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ); + psa_algorithm_t alg = PSA_ALG_ECDSA( PSA_ALG_SHA_256 ); psa_status_t actual_status; mbedtls_test_driver_signature_verify_hooks = mbedtls_test_driver_signature_hooks_init(); From ce8804fd6e7fa7c0f5711277ebc06da92d63a18c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 6 May 2021 11:56:20 +0200 Subject: [PATCH 077/271] Update tests dependencies Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 10 +++++----- .../test_suite_psa_crypto_driver_wrappers.function | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 8f4f5525b8..1812bf1bf4 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -657,7 +657,7 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS asymmetric_signature_key_policy:0:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:1 PSA key policy: asymmetric signature for message, sign | verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 PSA key policy: asymmetric signature for message, wrong algorithm family @@ -673,7 +673,7 @@ depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAI asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_ECDSA(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_ECDSA(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature for message, wildcard in policy, PKCS#1v1.5 SHA-256 -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):32 PSA key policy: asymmetric signature for message, wrong hash algorithm @@ -681,15 +681,15 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature for message, alg=0 in policy -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE:0:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):0 PSA key policy: asymmetric signature for message, sign but not verify -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR asymmetric_signature_key_policy:PSA_KEY_USAGE_SIGN_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 PSA key policy: asymmetric signature for message, verify but not sign -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR asymmetric_signature_key_policy:PSA_KEY_USAGE_VERIFY_MESSAGE:PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):PSA_KEY_TYPE_RSA_KEY_PAIR:"3082013b020100024100ee2b131d6b1818a94ca8e91c42387eb15a7c271f57b89e7336b144d4535b16c83097ecdefbbb92d1b5313b5a37214d0e8f25922dca778b424b25295fc8a1a7070203010001024100978ac8eadb0dc6035347d6aba8671215ff21283385396f7897c04baf5e2a835f3b53ef80a82ed36ae687a925380b55a0c73eb85656e989dcf0ed7fb4887024e1022100fdad8e1c6853563f8b921d2d112462ae7d6b176082d2ba43e87e1a37fc1a8b33022100f0592cf4c55ba44307b18981bcdbda376c51e590ffa5345ba866f6962dca94dd02201995f1a967d44ff4a4cd1de837bc65bf97a2bf7eda730a9a62cea53254591105022027f96cf4b8ee68ff8d04062ec1ce7f18c0b74e4b3379b29f9bfea3fc8e592731022100cefa6d220496b43feb83194255d8fb930afcf46f36606e3aa0eb7a93ad88c10c":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):1 PSA key policy: derive via HKDF, permitted diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index db495c2c27..5123def4af 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -7,7 +7,7 @@ * END_DEPENDENCIES */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ void ecdsa_sign_hash( int force_status_arg, data_t *key_input, data_t *data_input, @@ -121,7 +121,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_ALG_SHA_256 */ void ecdsa_sign_message( int force_status_arg, data_t *key_input, data_t *data_input, @@ -239,7 +239,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ void generate_key( int force_status_arg, data_t *fake_output, int expected_status_arg ) @@ -312,7 +312,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ void validate_key( int force_status_arg, int key_type_arg, data_t *key_input, @@ -348,7 +348,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */ +/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */ void export_key( int force_status_arg, data_t *fake_output, int key_in_type_arg, From e088985496a91741bafb10bfc75c3c244609f16d Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 14:02:59 +0200 Subject: [PATCH 078/271] Fix test names Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 1812bf1bf4..ef56d2c28c 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2438,11 +2438,11 @@ PSA sign/verify message: RSA PSS SHA-256, 0 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"" -PSA sign/verify message: RSA PSS SHA-256, 32 bytes (hash size) +PSA sign/verify message: RSA PSS SHA-256, 32 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -PSA sign/verify message: RSA PSS SHA-256, 128 bytes (signature size) +PSA sign/verify message: RSA PSS SHA-256, 128 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" @@ -2458,11 +2458,11 @@ PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 0 bytes depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"" -PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 32 bytes (hash size) +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 32 bytes depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 64 bytes (signature size) +PSA sign/verify message: randomized ECDSA SECP256R1 SHA-256, 64 bytes depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" @@ -2514,11 +2514,11 @@ PSA verify message: RSA PSS SHA-256, good signature, 129 bytes depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C verify_message:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"43286cc0fc599603fbb0cd1fd70c3a17b08d2adf4f90202dddfa4b9d74be8c720bbb1c714665466de6452d401ca061b68225785ff387c2615f03c81351cc3838cd3014a031a4f4c9f70bba06f504c6a9942ac2dbfed2329e590d526a9be26b4025a6d7c4151b4e795cfe756c9a8a5e8fa9228a6f5f6f427a5a070e5c0ea69830" -PSA verify message ECDSA SECP256R1, good +PSA verify message: ECDSA SECP256R1 SHA-256, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 verify_message:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b" -PSA verify message with keypair: ECDSA SECP256R1, good +PSA verify message with keypair: ECDSA SECP256R1 SHA-256, good depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ALG_SHA_256:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"0f8c19f5affea6d593a33e176aa52717bff8d5875165fc63e80a2d65580d295789db5ffb5397ba4c67834e2731ee268ea6f7e83846fbb02145b35442db18cf0b" From d785a79477afd4e1aa1eedd0dfcf09fb7adf2de4 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 14:03:48 +0200 Subject: [PATCH 079/271] Fix test Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index ef56d2c28c..2898dda05d 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2151,8 +2151,8 @@ depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLI import_and_exercise_key:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_ALG_RSA_PSS(PSA_ALG_SHA_256) PSA import/exercise: ECP SECP256R1 keypair, ECDSA -depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 -import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA( PSA_ALG_SHA_256 ) +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +import_and_exercise_key:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_ALG_ECDSA_ANY PSA import/exercise: ECP SECP256R1 keypair, deterministic ECDSA depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C From 6e2a8daef450748f4c7d925515501cc72ca01ea5 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 14:04:07 +0200 Subject: [PATCH 080/271] Add new tests for psa_sign/verify_message Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 2898dda05d..6101a765e6 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2394,6 +2394,10 @@ PSA sign message: RSA PKCS#1 v1.5 SHA-256, empty output buffer depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":0:PSA_ERROR_BUFFER_TOO_SMALL +PSA sign message: RSA PKCS#1 v1.5 without hash +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":0:PSA_ERROR_INVALID_ARGUMENT + PSA sign message: RSA PKCS#1 v1.5 SHA-256, invalid key type depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_CHACHA20:MBEDTLS_MD_C sign_message_fail:PSA_KEY_TYPE_CHACHA20:"4bddc98c551a95395ef719557f813656b566bc45aac04eca3866324cc75489f2":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":128:PSA_ERROR_INVALID_ARGUMENT @@ -2426,6 +2430,10 @@ PSA sign message: deterministic ECDSA not supported depends_on:!PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_MD_C sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":96:PSA_ERROR_NOT_SUPPORTED +PSA sign message: ECDSA without hash +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C +sign_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA_ANY:"616263":96:PSA_ERROR_INVALID_ARGUMENT + PSA sign/verify message: RSA PKCS#1 v1.5 SHA-256 depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C sign_verify_message:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263" @@ -2542,6 +2550,10 @@ PSA verify message: RSA PKCS#1 v1.5 SHA-256, wrong signature (leading junk) depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_SIGNATURE +PSA verify message: RSA PKCS#1 v1.5 without hash +depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C +verify_message_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"616263":"21a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT + PSA verify message: ECDSA SECP256R1, wrong signature size (correct but ASN1-encoded) depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA(PSA_ALG_SHA_256):"616263":"304502200b295f3dc3ac2bde92f550b7e73a2de15a753b4ebc761c521a32d1ed9bf5800a022100fe7301254058347c3dec7768f62dfc63f7c049d28bfdd1d6712126fd888e9f04":PSA_ERROR_INVALID_SIGNATURE @@ -2570,7 +2582,11 @@ PSA verify message: invalid algorithm for ECC key depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C verify_message_fail:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_RSA_PSS(PSA_ALG_SHA_256):"":"":PSA_ERROR_INVALID_ARGUMENT -PSA encrypt: RSA PKCS#1 v1.5, good +PSA verify message: ECDSA without hash +depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 +verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"":"":PSA_ERROR_INVALID_ARGUMENT + +PPSA encrypt: RSA PKCS#1 v1.5, good depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS From 6883fd248d0e2d1b072cc58b06f450f34d9dc40b Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 14:18:36 +0200 Subject: [PATCH 081/271] Rename sign/verify builtin functions called by driver wrapper functions Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 8 ++-- library/psa_crypto_core.h | 8 ++-- library/psa_crypto_driver_wrappers.c | 68 ++++++++++++++-------------- 3 files changed, 42 insertions(+), 42 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 519c70aa6b..077b294388 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2613,7 +2613,7 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, } -psa_status_t psa_sign_message_internal( +psa_status_t psa_sign_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -2661,7 +2661,7 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, signature, signature_size, signature_length ); } -psa_status_t psa_verify_message_internal( +psa_status_t psa_verify_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, @@ -2707,7 +2707,7 @@ psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, signature, signature_length ); } -psa_status_t psa_sign_hash_internal( +psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -2778,7 +2778,7 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, signature, signature_size, signature_length ); } -psa_status_t psa_verify_hash_internal( +psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index a742b6dbbc..356d5489e3 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -412,7 +412,7 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY */ -psa_status_t psa_sign_message_internal( +psa_status_t psa_sign_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -446,7 +446,7 @@ psa_status_t psa_sign_message_internal( * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY */ -psa_status_t psa_verify_message_internal( +psa_status_t psa_verify_message_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *input, size_t input_length, @@ -485,7 +485,7 @@ psa_status_t psa_verify_message_internal( * \retval #PSA_ERROR_CORRUPTION_DETECTED * \retval #PSA_ERROR_INSUFFICIENT_ENTROPY */ -psa_status_t psa_sign_hash_internal( +psa_status_t psa_sign_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, @@ -520,7 +520,7 @@ psa_status_t psa_sign_hash_internal( * \retval #PSA_ERROR_INVALID_ARGUMENT * \retval #PSA_ERROR_INSUFFICIENT_MEMORY */ -psa_status_t psa_verify_hash_internal( +psa_status_t psa_verify_hash_builtin( const psa_key_attributes_t *attributes, const uint8_t *key_buffer, size_t key_buffer_size, psa_algorithm_t alg, const uint8_t *hash, size_t hash_length, diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 5c36daf6f2..0b7bd559f5 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -103,15 +103,15 @@ psa_status_t psa_driver_wrapper_sign_message( #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_sign_message_internal( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ) ); + return( psa_sign_message_builtin( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length ) ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) @@ -172,14 +172,14 @@ psa_status_t psa_driver_wrapper_verify_message( #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - return( psa_verify_message_internal( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ) ); + return( psa_verify_message_builtin( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length ) ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) @@ -255,15 +255,15 @@ psa_status_t psa_driver_wrapper_sign_hash( #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ /* Fell through, meaning no accelerator supports this operation */ - return( psa_sign_hash_internal( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_size, - signature_length ) ); + return( psa_sign_hash_builtin( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_size, + signature_length ) ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) @@ -339,14 +339,14 @@ psa_status_t psa_driver_wrapper_verify_hash( #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - return( psa_verify_hash_internal( attributes, - key_buffer, - key_buffer_size, - alg, - hash, - hash_length, - signature, - signature_length ) ); + return( psa_verify_hash_builtin( attributes, + key_buffer, + key_buffer_size, + alg, + hash, + hash_length, + signature, + signature_length ) ); /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) From 256443e64e5318f0041b9ef5831b0a653f6ea576 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Fri, 7 May 2021 15:16:34 +0200 Subject: [PATCH 082/271] Change the driver calling logic for psa_sign/verify_messsage The changed logic is to try a sign-message driver (opaque or transparent); if there isn't one, fallback to builtin sofware and do the hashing, then try a sign-hash driver. This will enable to the opaque driver to fallback to software. Signed-off-by: gabor-mezei-arm --- library/psa_crypto_driver_wrappers.c | 50 ++++++++++++++++------------ 1 file changed, 29 insertions(+), 21 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 0b7bd559f5..95daf80328 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -102,22 +102,13 @@ psa_status_t psa_driver_wrapper_sign_message( return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - /* Fell through, meaning no accelerator supports this operation */ - return( psa_sign_message_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_size, - signature_length ) ); + break; /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) #if defined(PSA_CRYPTO_DRIVER_TEST) case PSA_CRYPTO_TEST_DRIVER_LOCATION: - return( mbedtls_test_opaque_signature_sign_message( + status = mbedtls_test_opaque_signature_sign_message( attributes, key_buffer, key_buffer_size, @@ -126,7 +117,10 @@ psa_status_t psa_driver_wrapper_sign_message( input_length, signature, signature_size, - signature_length ) ); + signature_length ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -134,6 +128,16 @@ psa_status_t psa_driver_wrapper_sign_message( (void)status; return( PSA_ERROR_INVALID_ARGUMENT ); } + + return( psa_sign_message_builtin( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_size, + signature_length ) ); } psa_status_t psa_driver_wrapper_verify_message( @@ -171,15 +175,7 @@ psa_status_t psa_driver_wrapper_verify_message( return( status ); #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ - - return( psa_verify_message_builtin( attributes, - key_buffer, - key_buffer_size, - alg, - input, - input_length, - signature, - signature_length ) ); + break; /* Add cases for opaque driver here */ #if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT) @@ -194,6 +190,9 @@ psa_status_t psa_driver_wrapper_verify_message( input_length, signature, signature_length ) ); + if( status != PSA_ERROR_NOT_SUPPORTED ) + return( status ); + break; #endif /* PSA_CRYPTO_DRIVER_TEST */ #endif /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */ default: @@ -201,6 +200,15 @@ psa_status_t psa_driver_wrapper_verify_message( (void)status; return( PSA_ERROR_INVALID_ARGUMENT ); } + + return( psa_verify_message_builtin( attributes, + key_buffer, + key_buffer_size, + alg, + input, + input_length, + signature, + signature_length ) ); } psa_status_t psa_driver_wrapper_sign_hash( From 4a6fcda03100659bf0ca573b824a064abb2114be Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 11 May 2021 13:28:50 +0200 Subject: [PATCH 083/271] Typo Signed-off-by: gabor-mezei-arm --- include/psa/crypto_values.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 5fc868814d..497bd8f01f 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1549,7 +1549,6 @@ PSA_ALG_IS_ECDSA(alg) || PSA_ALG_IS_HASH_EDDSA(alg) || \ PSA_ALG_IS_VENDOR_HASH_AND_SIGN(alg)) - /** Whether the specified algorithm is a signature algorithm that can be used * with psa_sign_message() and psa_verify_message(). * From 041887bfc30578a54fc646a57e969c15166b80a0 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Tue, 11 May 2021 13:29:24 +0200 Subject: [PATCH 084/271] Update key usage determination for exercise key tests Signed-off-by: gabor-mezei-arm --- tests/src/psa_exercise_key.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c index 197e31a349..f48a64e947 100644 --- a/tests/src/psa_exercise_key.c +++ b/tests/src/psa_exercise_key.c @@ -924,16 +924,22 @@ psa_key_usage_t mbedtls_test_psa_usage_to_exercise( psa_key_type_t type, { if( PSA_ALG_IS_MAC( alg ) || PSA_ALG_IS_SIGN( alg ) ) { - if( PSA_ALG_SIGN_GET_HASH( alg ) ) + if( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( PSA_ALG_SIGN_GET_HASH( alg ) ) + return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE: + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); + } + else if( PSA_ALG_IS_SIGN_MESSAGE( alg) ) return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_VERIFY_MESSAGE: - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH | + PSA_KEY_USAGE_VERIFY_MESSAGE : PSA_KEY_USAGE_SIGN_MESSAGE | PSA_KEY_USAGE_VERIFY_MESSAGE ); - else - return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? - PSA_KEY_USAGE_VERIFY_HASH: - PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); + return( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) ? + PSA_KEY_USAGE_VERIFY_HASH : + PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH ); } else if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_ASYMMETRIC_ENCRYPTION( alg ) ) From 4bc0edb919a7e52cf2b8e985c5c1c0f79755fb1c Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 12 May 2021 10:48:55 +0200 Subject: [PATCH 085/271] Typo Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 6101a765e6..cb0cb9cd44 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -2586,7 +2586,7 @@ PSA verify message: ECDSA without hash depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256 verify_message_fail:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_ALG_ECDSA_ANY:"":"":PSA_ERROR_INVALID_ARGUMENT -PPSA encrypt: RSA PKCS#1 v1.5, good +PSA encrypt: RSA PKCS#1 v1.5, good depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":128:PSA_SUCCESS From 2b8373f8567e457ce59b1d5b68b87e4c1f3f24e8 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 12 May 2021 10:49:27 +0200 Subject: [PATCH 086/271] Update documentation Signed-off-by: gabor-mezei-arm --- library/psa_crypto_core.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index 356d5489e3..4420ec2569 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -386,6 +386,9 @@ psa_status_t psa_generate_key_internal( const psa_key_attributes_t *attributes, * entry point as defined in the PSA driver interface specification for * transparent drivers. * + * \note This function will call the driver for psa_sign_hash + * and go through driver dispatch again. + * * \param[in] attributes The attributes of the key to use for the * operation. * \param[in] key_buffer The buffer containing the key context. @@ -426,6 +429,9 @@ psa_status_t psa_sign_message_builtin( * entry point as defined in the PSA driver interface specification for * transparent drivers. * + * \note This function will call the driver for psa_verify_hash + * and go through driver dispatch again. + * * \param[in] attributes The attributes of the key to use for the * operation. * \param[in] key_buffer The buffer containing the key context. From f048618b43f74e7383ba62b94c65b4bfdf73d6ac Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 12 May 2021 11:03:09 +0200 Subject: [PATCH 087/271] Unify variable type and rename to be unambiguous Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 077b294388..1ecab4e077 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2460,10 +2460,10 @@ cleanup: /* Asymmetric cryptography */ /****************************************************************/ -static psa_status_t psa_sign_verify_check_alg( uint8_t do_hash, +static psa_status_t psa_sign_verify_check_alg( int input_is_message, psa_algorithm_t alg ) { - if( do_hash ) + if( input_is_message ) { if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -2484,7 +2484,7 @@ static psa_status_t psa_sign_verify_check_alg( uint8_t do_hash, } static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, - uint8_t do_hash, + int input_is_message, psa_algorithm_t alg, const uint8_t * input, size_t input_length, @@ -2498,7 +2498,7 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, *signature_length = 0; - status = psa_sign_verify_check_alg( do_hash, alg ); + status = psa_sign_verify_check_alg( input_is_message, alg ); if( status != PSA_SUCCESS ) return status; @@ -2511,8 +2511,8 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, status = psa_get_and_lock_key_slot_with_policy( key, &slot, - do_hash ? PSA_KEY_USAGE_SIGN_MESSAGE : - PSA_KEY_USAGE_SIGN_HASH, + input_is_message ? PSA_KEY_USAGE_SIGN_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH, alg ); if( status != PSA_SUCCESS ) @@ -2528,7 +2528,7 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, .core = slot->attr }; - if( do_hash ) + if( input_is_message ) { status = psa_driver_wrapper_sign_message( &attributes, slot->key.data, slot->key.bytes, @@ -2564,7 +2564,7 @@ exit: } static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, - uint8_t do_hash, + int input_is_message, psa_algorithm_t alg, const uint8_t * input, size_t input_length, @@ -2575,14 +2575,14 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - status = psa_sign_verify_check_alg( do_hash, alg ); + status = psa_sign_verify_check_alg( input_is_message, alg ); if( status != PSA_SUCCESS ) return status; status = psa_get_and_lock_key_slot_with_policy( key, &slot, - do_hash ? PSA_KEY_USAGE_VERIFY_MESSAGE : - PSA_KEY_USAGE_VERIFY_HASH, + input_is_message ? PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_VERIFY_HASH, alg ); if( status != PSA_SUCCESS ) @@ -2592,7 +2592,7 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, .core = slot->attr }; - if( do_hash ) + if( input_is_message ) { status = psa_driver_wrapper_verify_message( &attributes, slot->key.data, slot->key.bytes, From d5218df572159b80fbc31adb88062a0532032ccc Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 12 May 2021 11:12:25 +0200 Subject: [PATCH 088/271] Enable fallback to software implementation in psa_sign/verify_message driver Signed-off-by: gabor-mezei-arm --- library/psa_crypto_driver_wrappers.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index 95daf80328..aab66ab20f 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -126,7 +126,7 @@ psa_status_t psa_driver_wrapper_sign_message( default: /* Key is declared with a lifetime not known to us */ (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + break; } return( psa_sign_message_builtin( attributes, @@ -198,7 +198,7 @@ psa_status_t psa_driver_wrapper_verify_message( default: /* Key is declared with a lifetime not known to us */ (void)status; - return( PSA_ERROR_INVALID_ARGUMENT ); + break; } return( psa_verify_message_builtin( attributes, From 07a35f68ee469d8d79ecef9184d76c789f362186 Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Thu, 13 May 2021 16:27:46 +0200 Subject: [PATCH 089/271] Update key type name Signed-off-by: gabor-mezei-arm --- tests/suites/test_suite_psa_crypto_driver_wrappers.function | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function index 5123def4af..e86309b065 100644 --- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function +++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function @@ -142,7 +142,7 @@ void ecdsa_sign_message( int force_status_arg, PSA_ASSERT( psa_crypto_init( ) ); psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) ); + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_MESSAGE ); psa_set_key_algorithm( &attributes, alg ); psa_import_key( &attributes, @@ -202,7 +202,7 @@ void ecdsa_verify_message( int force_status_arg, if( register_public_key ) { psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_CURVE_SECP_R1 ) ); + PSA_KEY_TYPE_ECC_PUBLIC_KEY( PSA_ECC_FAMILY_SECP_R1 ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); psa_set_key_algorithm( &attributes, alg ); psa_import_key( &attributes, @@ -212,7 +212,7 @@ void ecdsa_verify_message( int force_status_arg, else { psa_set_key_type( &attributes, - PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) ); + PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_FAMILY_SECP_R1 ) ); psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_VERIFY_MESSAGE ); psa_set_key_algorithm( &attributes, alg ); psa_import_key( &attributes, From b94fdae3c387628cbc5b934bb33c76a926880e22 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 04:42:43 +0100 Subject: [PATCH 090/271] Improve code structure for session cache query Signed-off-by: Hanno Becker --- library/ssl_srv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 213cd3ce66..5190367669 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2801,9 +2801,9 @@ static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) } /* Move semantics */ - /* Zeroization of session_tmp happens at the end of the function. */ mbedtls_ssl_session_free( session ); *session = session_tmp; + memset( &session_tmp, 0, sizeof( mbedtls_ssl_session ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); ssl->handshake->resume = 1; From 0d05f40222a513a9dcce937583f9de337aa0659f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 04:54:01 +0100 Subject: [PATCH 091/271] Clarify that session cache query must return free-able session Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 972cac2c16..63417c3551 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -639,11 +639,16 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; * \param data The address of the session cache structure to query. * \param session_id The buffer holding the session ID to query. * \param session_id_len The length of \p session_id in Bytes. - * \param session The address at which to store the session found - * in the cache. + * \param session The address of the session structure to populate. + * It is initialized with mbdtls_ssl_session_init(), + * and the callback must always leave it in a state + * where it can savely be freed via + * mbedtls_ssl_session_free() independent of the + * return code of this function. * * \return \c 0 on success * \return A non-zero return value on failure. + * */ typedef int mbedtls_ssl_cache_get_t( void *data, unsigned char const *session_id, From 006f2cce2eb1b73fa966fe52e75089dd5ec34912 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 04:55:35 +0100 Subject: [PATCH 092/271] Fix compile-time guard in session cache implementation Signed-off-by: Hanno Becker --- library/ssl_cache.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 1bbcc957b9..f33754798b 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -131,8 +131,9 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, { #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t t = mbedtls_time( NULL ), oldest = 0; +#endif /* MBEDTLS_HAVE_TIME */ + mbedtls_ssl_cache_entry *old = NULL; -#endif int count = 0; mbedtls_ssl_cache_entry *cur, *prv; From 95f8f22c2701218c1d24ef568c8e1632f19dcd41 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 14 May 2021 14:07:51 +0200 Subject: [PATCH 093/271] Migration guide added and ChangeLog clarified Signed-off-by: TRodziewicz --- ChangeLog.d/issue4361.txt | 3 ++- .../remove_ssl_record_checking.md | 13 +++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 docs/3.0-migration-guide.d/remove_ssl_record_checking.md diff --git a/ChangeLog.d/issue4361.txt b/ChangeLog.d/issue4361.txt index 670c8a6580..f1dbb3f195 100644 --- a/ChangeLog.d/issue4361.txt +++ b/ChangeLog.d/issue4361.txt @@ -1,2 +1,3 @@ Removals - * Remove the MBEDTLS_SSL_RECORD_CHECKING option. Fixes #4361. + * Remove the MBEDTLS_SSL_RECORD_CHECKING option and enable by default its + previous action. Fixes #4361. diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md new file mode 100644 index 0000000000..a1b8a5757b --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -0,0 +1,13 @@ +Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default +-------------------------------------------------------------------------- + +This change does not affects users who use the default config.h, as the +option MBEDTLS_SSL_RECORD_CHECKING was already on by default. + +This option was added only to controls compilation of one function +(mbedtls_ssl_check_record()) used in DTLS to check a buffer's validity and +authenticity. Switching it off poses a security risk. + +For users who changed the default setting of the option there is no real path +of migration. + From 1cf33bf94d173343da7e94a4ee56eb08c6e8f936 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 14 May 2021 14:35:26 +0200 Subject: [PATCH 094/271] Corrections o the migration guide Signed-off-by: TRodziewicz --- docs/3.0-migration-guide.d/remove_ssl_record_checking.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index a1b8a5757b..91f6f7e88b 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -1,10 +1,10 @@ Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default -------------------------------------------------------------------------- -This change does not affects users who use the default config.h, as the +This change does not affect users who use the default config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. -This option was added only to controls compilation of one function +This option was added only to control compilation of one function (mbedtls_ssl_check_record()) used in DTLS to check a buffer's validity and authenticity. Switching it off poses a security risk. From 5cf6f7eafe7a22af2481b973c2b69c317522d618 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 14:45:04 +0100 Subject: [PATCH 095/271] Fix swapping of first and last entry in SSL session cache Signed-off-by: Hanno Becker --- library/ssl_cache.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index f33754798b..11afd86240 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -225,7 +225,7 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, old = cache->chain; cache->chain = old->next; - cur->next = NULL; + old->next = NULL; prv->next = old; #endif /* MBEDTLS_HAVE_TIME */ From 466ed6fd08a62b6d65416b8a78fe0682720e0408 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 14:54:00 +0100 Subject: [PATCH 096/271] Improve local variable naming in SSL session cache implementation Signed-off-by: Hanno Becker --- library/ssl_cache.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 11afd86240..cdefa01b31 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -135,17 +135,17 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, mbedtls_ssl_cache_entry *old = NULL; int count = 0; - mbedtls_ssl_cache_entry *cur, *prv; + mbedtls_ssl_cache_entry *cur, *last; cur = cache->chain; - prv = NULL; + last = NULL; /* Check 1: Is there already an entry with the given session ID? * * If yes, overwrite it. * * If not, `count` will hold the size of the session cache - * at the end of this loop, and `prv` will point to the last + * at the end of this loop, and `last` will point to the last * entry, both of which will be used later. */ while( cur != NULL ) @@ -158,7 +158,7 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, goto found; } - prv = cur; + last = cur; cur = cur->next; } @@ -184,7 +184,7 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, old = cur; } - prv = cur; + last = cur; cur = cur->next; } #endif /* MBEDTLS_HAVE_TIME */ @@ -199,10 +199,10 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, return( 1 ); /* Append to the end of the linked list. */ - if( prv == NULL ) + if( last == NULL ) cache->chain = cur; else - prv->next = cur; + last->next = cur; goto found; } @@ -226,7 +226,7 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, old = cache->chain; cache->chain = old->next; old->next = NULL; - prv->next = old; + last->next = old; #endif /* MBEDTLS_HAVE_TIME */ /* Now `old` points to the oldest entry to be overwritten. */ From c3f4a97b8fd7113f22a23c56035021fe5f3015a3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 14:54:24 +0100 Subject: [PATCH 097/271] Don't infer last element of SSL session cache twice Signed-off-by: Hanno Becker --- library/ssl_cache.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index cdefa01b31..367edf51d6 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -151,14 +151,11 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, while( cur != NULL ) { count++; - if( session_id_len == cur->session_id_len && memcmp( session_id, cur->session_id, cur->session_id_len ) == 0 ) { goto found; } - - last = cur; cur = cur->next; } From 78196e366faab94b9cd57320e54c3b2c9bcf157d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 14:45:38 +0100 Subject: [PATCH 098/271] Fix search for outdated entries in SSL session cache Signed-off-by: Hanno Becker --- library/ssl_cache.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 367edf51d6..fe4f30cf8d 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -137,9 +137,6 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, int count = 0; mbedtls_ssl_cache_entry *cur, *last; - cur = cache->chain; - last = NULL; - /* Check 1: Is there already an entry with the given session ID? * * If yes, overwrite it. @@ -148,7 +145,8 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, * at the end of this loop, and `last` will point to the last * entry, both of which will be used later. */ - while( cur != NULL ) + last = NULL; + for( cur = cache->chain; cur != NULL; cur = cur->next ) { count++; if( session_id_len == cur->session_id_len && @@ -156,7 +154,7 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, { goto found; } - cur = cur->next; + last = cur; } /* Check 2: Is there an outdated entry in the cache? @@ -167,7 +165,7 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, */ #if defined(MBEDTLS_HAVE_TIME) - while( cur != NULL ) + for( cur = cache->chain; cur != NULL; cur = cur->next ) { if( cache->timeout != 0 && (int) ( t - cur->timestamp ) > cache->timeout ) @@ -180,9 +178,6 @@ static int ssl_cache_pick_writing_slot( mbedtls_ssl_cache_context *cache, oldest = cur->timestamp; old = cur; } - - last = cur; - cur = cur->next; } #endif /* MBEDTLS_HAVE_TIME */ From 9caed14a218e0a5e1bf16bc48e2a427405870e42 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 14:57:13 +0100 Subject: [PATCH 099/271] Fix typo in ssl session cache documentation Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 63417c3551..dd30161080 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -642,7 +642,7 @@ typedef struct mbedtls_ssl_flight_item mbedtls_ssl_flight_item; * \param session The address of the session structure to populate. * It is initialized with mbdtls_ssl_session_init(), * and the callback must always leave it in a state - * where it can savely be freed via + * where it can safely be freed via * mbedtls_ssl_session_free() independent of the * return code of this function. * From fc1f4135c3ff35a15e930c96f234e20fe2f90e58 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 14:57:54 +0100 Subject: [PATCH 100/271] Use `memset( x, 0, sizeof( x ) )` to clear local structure Signed-off-by: Hanno Becker --- library/ssl_srv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 5190367669..8c6967885d 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2803,7 +2803,7 @@ static void ssl_handle_id_based_session_resumption( mbedtls_ssl_context *ssl ) /* Move semantics */ mbedtls_ssl_session_free( session ); *session = session_tmp; - memset( &session_tmp, 0, sizeof( mbedtls_ssl_session ) ); + memset( &session_tmp, 0, sizeof( session_tmp ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); ssl->handshake->resume = 1; From 541af8575ea00cd95c405937de0e81c2efb4b8bd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 16:49:01 +0100 Subject: [PATCH 101/271] Use -1 instead of 1 as failure return value in internal SSL function Signed-off-by: Hanno Becker --- library/ssl_tls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fd77dc3d3a..1c54b5f77b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6999,14 +6999,14 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) { #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - return( 1 ); + return( -1 ); switch( md ) { #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) #if defined(MBEDTLS_MD5_C) case MBEDTLS_SSL_HASH_MD5: - return( 1 ); + return( -1 ); #endif #if defined(MBEDTLS_SHA1_C) case MBEDTLS_SSL_HASH_SHA1: @@ -7025,7 +7025,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) break; #endif default: - return( 1 ); + return( -1 ); } return 0; @@ -7033,7 +7033,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) (void) ssl; (void) md; - return( 1 ); + return( -1 ); #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } From a808ec3f0d9de3ec8d4789abf1119905d4ea7b8c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 17:10:15 +0100 Subject: [PATCH 102/271] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/ssl-error-code-cleanup.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/ssl-error-code-cleanup.txt diff --git a/ChangeLog.d/ssl-error-code-cleanup.txt b/ChangeLog.d/ssl-error-code-cleanup.txt new file mode 100644 index 0000000000..0438aa2f6b --- /dev/null +++ b/ChangeLog.d/ssl-error-code-cleanup.txt @@ -0,0 +1,7 @@ +API changes + * Remove SSL error codes `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` + and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` which are never + returned from the public SSL API. + * Remove `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` and return + `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead. + ` From 8e184e2debf4e0d26f4324c4debd36d6a4844bea Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 17:10:27 +0100 Subject: [PATCH 103/271] Add migration guide Signed-off-by: Hanno Becker --- .../ssl-error-code-cleanup.md | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 docs/3.0-migration-guide.d/ssl-error-code-cleanup.md diff --git a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md new file mode 100644 index 0000000000..49d1a0f223 --- /dev/null +++ b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md @@ -0,0 +1,20 @@ +Removal of some SSL error codes +----------------------------------------------------------------- + +This affects users manually checking for the following error codes: +- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` +- `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` +- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` + +Migration paths: +- `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` + should never be returned from Mbed TLS, and there is no need to check for it. + Users should simply remove manual checks for those codes, and let the Mbed TLS + team know if -- contrary to the team's understanding -- there is in fact a situation + where one of them was ever returned. +- `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and + `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate + is too large to fit into the output buffers. Users should check for + `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their + own certificate against the configured size of the output buffer to understand if + the error is due to an overly large certificate. From 59b97bbe065ce04f716624795081f898ecc21a9e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 17:12:15 +0100 Subject: [PATCH 104/271] Fixup glitch in ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/ssl-error-code-cleanup.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/ChangeLog.d/ssl-error-code-cleanup.txt b/ChangeLog.d/ssl-error-code-cleanup.txt index 0438aa2f6b..768d1905ad 100644 --- a/ChangeLog.d/ssl-error-code-cleanup.txt +++ b/ChangeLog.d/ssl-error-code-cleanup.txt @@ -4,4 +4,3 @@ API changes returned from the public SSL API. * Remove `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` and return `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead. - ` From 67e49a627d5d22b5ed67a593200b48f4654c032b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 20:02:42 +0100 Subject: [PATCH 105/271] Add migration guide Signed-off-by: Hanno Becker --- .../relaxed-psk-semantics.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 docs/3.0-migration-guide.d/relaxed-psk-semantics.md diff --git a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md new file mode 100644 index 0000000000..5af2b61089 --- /dev/null +++ b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md @@ -0,0 +1,23 @@ +Relaxed semantics for PSK configuration +----------------------------------------------------------------- + +This affects users which call the PSK configuration APIs +`mbedtlsl_ssl_conf_psk()` and `mbedtls_ssl_conf_psk_opaque()` +multiple times on the same SSL configuration. + +In Mbed TLS 2.x, users would observe later calls overwriting +the effect of earlier calls, with the prevailing PSK being +the one that has been configured last. + +To achieve equivalent functionality when migrating to Mbed TLS 3.0, +users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should +remove all but the last call, so that only one call to _either_ +`mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` +remains. + +However, if the _intent_ of the multiple calls to +`mbedtls_ssl_conf_[opaque_]psk()` was to offer multiple PSKs, then +users should _keep_ all calls and only check for the expected +non-fatal failure code `MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE` +indicating that no more PSKs could be buffered by the +implementation. From 90671489183d81633a03594f10461b06e52e0679 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 14 May 2021 20:12:36 +0100 Subject: [PATCH 106/271] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/relaxed-psk-semantics.txt | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 ChangeLog.d/relaxed-psk-semantics.txt diff --git a/ChangeLog.d/relaxed-psk-semantics.txt b/ChangeLog.d/relaxed-psk-semantics.txt new file mode 100644 index 0000000000..a5063c9d8e --- /dev/null +++ b/ChangeLog.d/relaxed-psk-semantics.txt @@ -0,0 +1,9 @@ +API changes + * Modify semantics of `mbedtls_ssl_conf_[opaque_]psk()`: + In Mbed TLS 2.X, the API prescribes that later calls overwrite + the effect of earlier calls, implying that there can be at most one + statically configured PSK. In Mbed TLS 3.X, multiple invocations of + `mbedtls_ssl_conf_[opaque_]psk()` can be attempted to register + multiple PSKs. Once an implementation-defined limit of PSKs + is reached, the functions ignore the request to add + further PSKs and fail non-fatally. From fd86ca8626388cd2f0e5cb1a3fe35b3262a41953 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 30 Nov 2020 08:54:23 +0000 Subject: [PATCH 107/271] Rename SOME_MODES_USE_MAC -> SOME_SUITES_USE_MAC Signed-off-by: Hanno Becker --- library/ssl_misc.h | 12 ++++++------ library/ssl_msg.c | 12 ++++++------ library/ssl_tls.c | 24 ++++++++++++------------ tests/suites/test_suite_ssl.function | 6 +++--- 4 files changed, 27 insertions(+), 27 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9ac48c757c..8a006620cc 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -149,10 +149,10 @@ #if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) -#define MBEDTLS_SSL_SOME_MODES_USE_MAC +#define MBEDTLS_SSL_SOME_SUITES_USE_MAC #endif -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) /* Ciphersuites using HMAC */ #if defined(MBEDTLS_SHA512_C) #define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ @@ -161,7 +161,7 @@ #else #define MBEDTLS_SSL_MAC_ADD 20 /* SHA-1 used for HMAC */ #endif -#else /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#else /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ /* AEAD ciphersuites: GCM and CCM use a 128 bits tag */ #define MBEDTLS_SSL_MAC_ADD 16 #endif @@ -711,7 +711,7 @@ struct mbedtls_ssl_transform unsigned char iv_enc[16]; /*!< IV (encryption) */ unsigned char iv_dec[16]; /*!< IV (decryption) */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */ mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */ @@ -720,7 +720,7 @@ struct mbedtls_ssl_transform int encrypt_then_mac; /*!< flag for EtM activation */ #endif -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ mbedtls_cipher_context_t cipher_ctx_enc; /*!< encryption context */ mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ @@ -747,7 +747,7 @@ struct mbedtls_ssl_transform static inline int mbedtls_ssl_transform_uses_aead( const mbedtls_ssl_transform *transform ) { -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) return( transform->maclen == 0 && transform->taglen != 0 ); #else (void) transform; diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 3956a67d27..10ddf0d65f 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -633,7 +633,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, /* * Add MAC before if needed */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if( mode == MBEDTLS_MODE_STREAM || ( mode == MBEDTLS_MODE_CBC #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) @@ -678,7 +678,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, post_avail -= transform->maclen; auth_done++; } -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ /* * Encrypt @@ -1209,7 +1209,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, size_t olen; mbedtls_cipher_mode_t mode; int ret, auth_done = 0; -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) size_t padlen = 0, correct = 1; #endif unsigned char* data; @@ -1636,7 +1636,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, * Authenticate if not done yet. * Compute the MAC regardless of the padding result (RFC4346, CBCTIME). */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if( auth_done == 0 ) { unsigned char mac_expect[MBEDTLS_SSL_MAC_ADD]; @@ -1712,7 +1712,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, */ if( correct == 0 ) return( MBEDTLS_ERR_SSL_INVALID_MAC ); -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ /* Make extra sure authentication was performed, exactly once */ if( auth_done != 1 ) @@ -5628,7 +5628,7 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform ) mbedtls_cipher_free( &transform->cipher_ctx_enc ); mbedtls_cipher_free( &transform->cipher_ctx_dec ); -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) mbedtls_md_free( &transform->md_ctx_enc ); mbedtls_md_free( &transform->md_ctx_dec ); #endif diff --git a/library/ssl_tls.c b/library/ssl_tls.c index bc2f269a9c..a503b0ee47 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -806,14 +806,14 @@ typedef int ssl_tls_prf_t(const unsigned char *, size_t, const char *, static int ssl_populate_transform( mbedtls_ssl_transform *transform, int ciphersuite, const unsigned char master[48], -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) int encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) int trunc_hmac, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls_prf_t tls_prf, const unsigned char randbytes[64], int minor_ver, @@ -846,7 +846,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * Some data just needs copying into the structure */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) + defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) transform->encrypt_then_mac = encrypt_then_mac; #endif transform->minor_ver = minor_ver; @@ -967,7 +967,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, } else #endif /* MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if( cipher_info->mode == MBEDTLS_MODE_STREAM || cipher_info->mode == MBEDTLS_MODE_CBC ) { @@ -1044,7 +1044,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, } } else -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -1105,7 +1105,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, goto end; } -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) @@ -1125,7 +1125,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; goto end; } -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ((void) mac_dec); ((void) mac_enc); @@ -1518,14 +1518,14 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) ret = ssl_populate_transform( ssl->transform_negotiate, ssl->session_negotiate->ciphersuite, ssl->session_negotiate->master, -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl->session_negotiate->encrypt_then_mac, #endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) ssl->session_negotiate->trunc_hmac, #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl->handshake->tls_prf, ssl->handshake->randbytes, ssl->minor_ver, @@ -3322,7 +3322,7 @@ void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform ) mbedtls_cipher_init( &transform->cipher_ctx_enc ); mbedtls_cipher_init( &transform->cipher_ctx_dec ); -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) mbedtls_md_init( &transform->md_ctx_enc ); mbedtls_md_init( &transform->md_ctx_dec ); #endif @@ -6161,14 +6161,14 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ret = ssl_populate_transform( ssl->transform, ssl->session->ciphersuite, ssl->session->master, -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl->session->encrypt_then_mac, #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) ssl->session->trunc_hmac, #endif -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ ssl_tls12prf_from_cs( ssl->session->ciphersuite ), p, /* currently pointing to randbytes */ MBEDTLS_SSL_MINOR_VERSION_3, /* (D)TLS 1.2 is forced */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2f59afea4f..ef8d3b269d 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1254,7 +1254,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, keylen << 3, MBEDTLS_DECRYPT ) == 0 ); /* Setup MAC contexts */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) if( cipher_info->mode == MBEDTLS_MODE_CBC || cipher_info->mode == MBEDTLS_MODE_STREAM ) { @@ -1287,7 +1287,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, } #else ((void) hash_id); -#endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */ /* Pick IV's (regardless of whether they @@ -1301,7 +1301,7 @@ static int build_transforms( mbedtls_ssl_transform *t_in, */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) + defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) t_out->encrypt_then_mac = etm; t_in->encrypt_then_mac = etm; #else From 0cc4661365db14e0bf9e5c2e529b5acd2bf1aef4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 30 Nov 2020 08:56:52 +0000 Subject: [PATCH 108/271] Introduce helper macro for presence of stream ciphersuites Signed-off-by: Hanno Becker --- library/ssl_misc.h | 19 ++++++++++++++++++- library/ssl_msg.c | 8 ++++---- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8a006620cc..402da8db9f 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -130,6 +130,15 @@ * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256). */ +#if defined(MBEDTLS_SSL_PROTO_SSL3) || \ + defined(MBEDTLS_SSL_PROTO_TLS1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ + defined(MBEDTLS_SSL_PROTO_TLS1_2) +#define MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER) + /* This macro determines whether CBC is supported. */ #if defined(MBEDTLS_CIPHER_MODE_CBC) && \ ( defined(MBEDTLS_AES_C) || \ @@ -139,6 +148,12 @@ #define MBEDTLS_SSL_SOME_SUITES_USE_CBC #endif +/* This macro determines whether a ciphersuite using a + * stream cipher can be used. */ +#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#define MBEDTLS_SSL_SOME_SUITES_USE_STREAM +#endif + /* This macro determines whether the CBC construct used in TLS 1.0-1.2 is supported. */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ ( defined(MBEDTLS_SSL_PROTO_TLS1) || \ @@ -147,11 +162,13 @@ #define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC #endif -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_STREAM) || defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) #define MBEDTLS_SSL_SOME_SUITES_USE_MAC #endif +#endif /* MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER */ + #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) /* Ciphersuites using HMAC */ #if defined(MBEDTLS_SHA512_C) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 10ddf0d65f..f3cf8f5dd8 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -683,7 +683,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, /* * Encrypt */ -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_STREAM) if( mode == MBEDTLS_MODE_STREAM ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -708,7 +708,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } } else -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_SSL_SOME_MODES_USE_STREAM */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ @@ -1245,7 +1245,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_STREAM) if( mode == MBEDTLS_MODE_STREAM ) { padlen = 0; @@ -1266,7 +1266,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, } } else -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ +#endif /* MBEDTLS_SSL_SOME_MODES_USE_STREAM */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) From 31351cef6fa9b2c62c00140be8f43b511c8b6f0f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 11:05:58 +0000 Subject: [PATCH 109/271] Add missing escape character in multi-line preprocessor directive Signed-off-by: Hanno Becker --- library/ssl_misc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 402da8db9f..13c331fc2f 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -162,7 +162,7 @@ #define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC #endif -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_STREAM) || +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_STREAM) || \ defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) #define MBEDTLS_SSL_SOME_SUITES_USE_MAC #endif From d086bf0c629b9e0d9436cabbb71d3d48af16c6b6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 22 Mar 2021 13:01:27 +0000 Subject: [PATCH 110/271] Fix typo Signed-off-by: Hanno Becker --- library/ssl_msg.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index f3cf8f5dd8..faafaba857 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -683,7 +683,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, /* * Encrypt */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_STREAM) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_STREAM) if( mode == MBEDTLS_MODE_STREAM ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -708,7 +708,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, } } else -#endif /* MBEDTLS_SSL_SOME_MODES_USE_STREAM */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ @@ -1245,7 +1245,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, } #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_SOME_MODES_USE_STREAM) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_STREAM) if( mode == MBEDTLS_MODE_STREAM ) { padlen = 0; @@ -1266,7 +1266,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, } } else -#endif /* MBEDTLS_SSL_SOME_MODES_USE_STREAM */ +#endif /* MBEDTLS_SSL_SOME_SUITES_USE_STREAM */ #if defined(MBEDTLS_GCM_C) || \ defined(MBEDTLS_CCM_C) || \ defined(MBEDTLS_CHACHAPOLY_C) From 8cce50d7262201bc5e0475826d62c57b3131448d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sat, 15 May 2021 06:15:52 +0100 Subject: [PATCH 111/271] Remove reference to SSLv3 Signed-off-by: Hanno Becker --- library/ssl_misc.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 13c331fc2f..b6124fc2ee 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -130,8 +130,7 @@ * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256). */ -#if defined(MBEDTLS_SSL_PROTO_SSL3) || \ - defined(MBEDTLS_SSL_PROTO_TLS1) || \ +#if defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) #define MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER From 57d7ab72fb9952a86bf88c5730ac8ef0534a2e4f Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 17 May 2021 10:43:41 +0200 Subject: [PATCH 112/271] Correction to migration guide entry wording Signed-off-by: TRodziewicz --- .../remove_ssl_record_checking.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index 91f6f7e88b..203e740240 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -4,10 +4,10 @@ Remove MBEDTLS_SSL_RECORD_CHECKING option and enable its action by default This change does not affect users who use the default config.h, as the option MBEDTLS_SSL_RECORD_CHECKING was already on by default. -This option was added only to control compilation of one function -(mbedtls_ssl_check_record()) used in DTLS to check a buffer's validity and -authenticity. Switching it off poses a security risk. - -For users who changed the default setting of the option there is no real path -of migration. +This option was added only to control compilation of one function, +mbedtls_ssl_check_record(), which is only useful in some specific cases, so it +was made optional to allow users who don't need it to save some code space. +However, the same effect can be achieve by using link-time garbage collection. +Users who changed the default setting of the option need to change the config/ +build system to remove that change. \ No newline at end of file From 0fdd8d297a2d0374571fb0c8b026c83cfcfe2c81 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 17 May 2021 09:58:05 +0100 Subject: [PATCH 113/271] Adding correction to documentation As picked up in review, this commit modifies the documentation by removing some wording that is now superfluous given the removal of the mode parameter. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index a4ef488609..a54ac4dd09 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -714,11 +714,6 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * hold the decryption of the particular ciphertext provided, * the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG function. This is used for blinding and should * be provided; see mbedtls_rsa_private() for more. @@ -755,10 +750,6 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * hold the decryption of the particular ciphertext provided, * the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG function. This is used for blinding and should * be provided; see mbedtls_rsa_private() for more. @@ -797,10 +788,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * ciphertext provided, the function returns * #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG function. This is used for blinding and should * be provided; see mbedtls_rsa_private() for more. From c32e2b0921dafb07412628ca1460a2a5999608a1 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 13 May 2021 17:03:47 +0100 Subject: [PATCH 114/271] Removal and modification of tests Changes for tests involving mbedtls_rsa_pkcs1_encrypt. Removal of test in test_suite_rsa.function where invalid mode is used. Also modification of other tests to use the constant MBEDTLS_RSA_PUBLIC instead of the mode variable. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 1182cc6e69..1eca3148a3 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -103,22 +103,17 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - invalid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, sizeof( buf ), buf, NULL ) ); From 2177277ddab7896b295205ed5d5e15180b6aca08 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 13 May 2021 17:30:32 +0100 Subject: [PATCH 115/271] Removes mode param from mbedtls_rsa_pkcs1_encrypt Removal of the mode parameter from mbedtls_rsa_pkcs1_encrypt function. This change is propagated throughout the codebase and to relevant tests. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 17 +++-------------- library/pk_wrap.c | 2 +- library/psa_crypto.c | 1 - library/rsa.c | 16 ++++++++-------- programs/pkey/rsa_encrypt.c | 3 +-- tests/suites/test_suite_pkcs1_v15.function | 4 ++-- tests/suites/test_suite_pkcs1_v21.function | 4 ++-- tests/suites/test_suite_rsa.function | 11 ++++------- 8 files changed, 21 insertions(+), 37 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index a54ac4dd09..943321544a 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -571,12 +571,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * operation. * * It is the generic wrapper for performing a PKCS#1 encryption - * operation using the \p mode from the context. - * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PUBLIC. + * operation. * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead @@ -584,16 +579,10 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * * \param ctx The initialized RSA context to use. * \param f_rng The RNG to use. It is mandatory for PKCS#1 v2.1 padding - * encoding, and for PKCS#1 v1.5 padding encoding when used - * with \p mode set to #MBEDTLS_RSA_PUBLIC. For PKCS#1 v1.5 - * padding encoding and \p mode set to #MBEDTLS_RSA_PRIVATE, - * it is used for blinding and should be provided in this - * case; see mbedtls_rsa_private() for more. + * encoding, and for PKCS#1 v1.5 padding encoding. * \param p_rng The RNG context to be passed to \p f_rng. May be * \c NULL if \p f_rng is \c NULL or if \p f_rng doesn't * need a context argument. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param ilen The length of the plaintext in Bytes. * \param input The input data to encrypt. This must be a readable * buffer of size \p ilen Bytes. It may be \c NULL if @@ -608,7 +597,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t ilen, + size_t ilen, const unsigned char *input, unsigned char *output ); diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 8e4f251231..e1ad50795d 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -149,7 +149,7 @@ static int rsa_encrypt_wrap( void *ctx, if( *olen > osize ) return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); - return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, + return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, ilen, input, output ) ); } diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 64ead5b6ed..c4354d7581 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3064,7 +3064,6 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, mbedtls_rsa_pkcs1_encrypt( rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, input_length, input, output ) ); diff --git a/library/rsa.c b/library/rsa.c index 6761fbdb79..5ecc778355 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1317,13 +1317,11 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t ilen, + size_t ilen, const unsigned char *input, unsigned char *output ) { RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( output != NULL ); RSA_VALIDATE_RET( ilen == 0 || input != NULL ); @@ -1331,14 +1329,16 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, - input, output ); + return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, + MBEDTLS_RSA_PUBLIC, ilen, + input, output ); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, - ilen, input, output ); + return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, + MBEDTLS_RSA_PUBLIC, NULL, 0, + ilen, input, output ); #endif default: @@ -2691,7 +2691,7 @@ int mbedtls_rsa_self_test( int verbose ) memcpy( rsa_plaintext, RSA_PT, PT_LEN ); - if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, MBEDTLS_RSA_PUBLIC, + if( mbedtls_rsa_pkcs1_encrypt( &rsa, myrand, NULL, PT_LEN, rsa_plaintext, rsa_ciphertext ) != 0 ) { diff --git a/programs/pkey/rsa_encrypt.c b/programs/pkey/rsa_encrypt.c index ba01201729..6c654ad188 100644 --- a/programs/pkey/rsa_encrypt.c +++ b/programs/pkey/rsa_encrypt.c @@ -143,8 +143,7 @@ int main( int argc, char *argv[] ) fflush( stdout ); ret = mbedtls_rsa_pkcs1_encrypt( &rsa, mbedtls_ctr_drbg_random, - &ctr_drbg, MBEDTLS_RSA_PUBLIC, - strlen( argv[1] ), input, buf ); + &ctr_drbg, strlen( argv[1] ), input, buf ); if( ret != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_encrypt returned %d\n\n", diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index b03bddac68..878c414ad6 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -36,8 +36,8 @@ void pkcs1_rsaes_v15_encrypt( int mod, int radix_N, char * input_N, message_str->x = NULL; TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, + &info, message_str->len, + message_str->x, output ) == result ); if( result == 0 ) diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 2e7f3399db..623f7bc552 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -35,8 +35,8 @@ void pkcs1_rsaes_oaep_encrypt( int mod, data_t * input_N, data_t * input_E, message_str->x = NULL; TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, + &info, message_str->len, + message_str->x, output ) == result ); if( result == 0 ) { diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 1eca3148a3..c051ed3504 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -103,17 +103,14 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_encrypt( NULL, NULL, NULL, - MBEDTLS_RSA_PUBLIC, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_encrypt( &ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, sizeof( buf ), buf, NULL ) ); @@ -703,8 +700,8 @@ void mbedtls_rsa_pkcs1_encrypt( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, + &rnd_info, message_str->len, + message_str->x, output ) == result ); if( result == 0 ) { @@ -743,8 +740,8 @@ void rsa_pkcs1_encrypt_bad_rng( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_rsa_pkcs1_encrypt( &ctx, &mbedtls_test_rnd_zero_rand, - NULL, MBEDTLS_RSA_PUBLIC, - message_str->len, message_str->x, + NULL, message_str->len, + message_str->x, output ) == result ); if( result == 0 ) { From 69a8c3809e1a6b5fd2a234da2771a89210734180 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 13 May 2021 17:59:50 +0100 Subject: [PATCH 116/271] Removes and modifies tests Removal and modification of tests relating to mbedtls_rsa_rsaes_pkcs1_v15_encrypt. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 40 +++------------------------- 1 file changed, 3 insertions(+), 37 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index c051ed3504..4a818c59a5 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -117,25 +117,19 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, NULL, - invalid_mode, - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, sizeof( buf ), buf, NULL ) ); @@ -605,34 +599,6 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, ctx.len, result_str->len ) == 0 ); -#if defined(MBEDTLS_PKCS1_V15) - /* For PKCS#1 v1.5, there is an alternative way to generate signatures */ - if( padding_mode == MBEDTLS_RSA_PKCS_V15 ) - { - int res; - memset( output, 0x00, sizeof( output) ); - - res = mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, - &mbedtls_test_rnd_pseudo_rand, &rnd_info, - MBEDTLS_RSA_PRIVATE, hash_result->len, - hash_result->x, output ); - -#if !defined(MBEDTLS_RSA_ALT) - TEST_ASSERT( res == 0 ); -#else - TEST_ASSERT( ( res == 0 ) || - ( res == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ) ); -#endif - - if( res == 0 ) - { - TEST_ASSERT( mbedtls_test_hexcmp( output, result_str->x, - ctx.len, - result_str->len ) == 0 ); - } - } -#endif /* MBEDTLS_PKCS1_V15 */ - exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q ); mbedtls_mpi_free( &E ); From 53e4ac64b7dd34e537ddf7b203629dd4cde89eda Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 13 May 2021 18:26:49 +0100 Subject: [PATCH 117/271] Removes mode param from mbedtls_rsa_rsaes_pkcs1_v15_encrypt Removal of mode parameter from mbedtls_rsa_rsaes_pkcs1_v15_encrypt. This commit propagates the change to all relevant function calls and tests. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 14 ++------ library/rsa.c | 54 ++++++++++------------------ tests/suites/test_suite_rsa.function | 18 ++++------ 3 files changed, 26 insertions(+), 60 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 943321544a..47726ec72c 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -605,25 +605,15 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 encryption operation * (RSAES-PKCS1-v1_5-ENCRYPT). * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PUBLIC. - * * \note Alternative implementations of RSA need not support * mode being set to #MBEDTLS_RSA_PRIVATE and might instead * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function to use. It is needed for padding generation - * if \p mode is #MBEDTLS_RSA_PUBLIC. If \p mode is - * #MBEDTLS_RSA_PRIVATE (discouraged), it is used for - * blinding and should be provided; see mbedtls_rsa_private(). + * \param f_rng The RNG function to use. It is needed for padding generation. * \param p_rng The RNG context to be passed to \p f_rng. This may * be \c NULL if \p f_rng is \c NULL or if \p f_rng * doesn't need a context argument. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param ilen The length of the plaintext in Bytes. * \param input The input data to encrypt. This must be a readable * buffer of size \p ilen Bytes. It may be \c NULL if @@ -638,7 +628,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, size_t ilen, + size_t ilen, const unsigned char *input, unsigned char *output ); diff --git a/library/rsa.c b/library/rsa.c index 5ecc778355..6651c880a2 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1244,8 +1244,7 @@ exit: */ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, + void *p_rng, size_t ilen, const unsigned char *input, unsigned char *output ) { @@ -1254,14 +1253,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, unsigned char *p = output; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( output != NULL ); RSA_VALIDATE_RET( ilen == 0 || input != NULL ); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - olen = ctx->len; /* first comparison checks for overflow */ @@ -1271,43 +1265,32 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, nb_pad = olen - 3 - ilen; *p++ = 0; - if( mode == MBEDTLS_RSA_PUBLIC ) + + if( f_rng == NULL ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + + *p++ = MBEDTLS_RSA_CRYPT; + + while( nb_pad-- > 0 ) { - if( f_rng == NULL ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + int rng_dl = 100; - *p++ = MBEDTLS_RSA_CRYPT; + do { + ret = f_rng( p_rng, p, 1 ); + } while( *p == 0 && --rng_dl && ret == 0 ); - while( nb_pad-- > 0 ) - { - int rng_dl = 100; + /* Check if RNG failed to generate data */ + if( rng_dl == 0 || ret != 0 ) + return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); - do { - ret = f_rng( p_rng, p, 1 ); - } while( *p == 0 && --rng_dl && ret == 0 ); - - /* Check if RNG failed to generate data */ - if( rng_dl == 0 || ret != 0 ) - return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_RSA_RNG_FAILED, ret ) ); - - p++; - } - } - else - { - *p++ = MBEDTLS_RSA_SIGN; - - while( nb_pad-- > 0 ) - *p++ = 0xFF; + p++; } *p++ = 0; if( ilen != 0 ) memcpy( p, input, ilen ); - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, output, output ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); + return( mbedtls_rsa_public( ctx, output, output ) ); } #endif /* MBEDTLS_PKCS1_V15 */ @@ -1330,8 +1313,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: return mbedtls_rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, - MBEDTLS_RSA_PUBLIC, ilen, - input, output ); + ilen, input, output ); #endif #if defined(MBEDTLS_PKCS1_V21) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 4a818c59a5..d3b65b2056 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -116,22 +116,16 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( NULL, NULL, - NULL, - MBEDTLS_RSA_PUBLIC, - sizeof( buf ), buf, - buf ) ); + NULL, sizeof( buf ), + buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - MBEDTLS_RSA_PUBLIC, - sizeof( buf ), NULL, - buf ) ); + NULL, sizeof( buf ), + NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_pkcs1_v15_encrypt( &ctx, NULL, - NULL, - MBEDTLS_RSA_PUBLIC, - sizeof( buf ), buf, - NULL ) ); + NULL, sizeof( buf ), + buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, From 3c487f4b8eefc20e6bda94ed4fd5dd1603a4ba89 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 13 May 2021 18:45:01 +0100 Subject: [PATCH 118/271] Removes and modifies tests Removes and modifies tests for mbedtls_rsa_rsaes_oaep_encrypt. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index d3b65b2056..6da946e0ca 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -129,31 +129,25 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, buf, sizeof( buf ), sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - invalid_mode, - buf, sizeof( buf ), - sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, NULL, sizeof( buf ), sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, buf, sizeof( buf ), sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, buf, sizeof( buf ), sizeof( buf ), buf, NULL ) ); From 141700f0573fc2711709dfc05b97b1c44280545c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 13 May 2021 19:06:10 +0100 Subject: [PATCH 119/271] Removes mode param from mbedtls_rsa_rsaes_oaep_encrypt Removes mode parameter from mbedtls_rsa_rsaes_oaep_encrypt and propagates changes throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 12 ------------ library/psa_crypto.c | 1 - library/rsa.c | 13 ++----------- tests/suites/test_suite_rsa.function | 4 ---- 4 files changed, 2 insertions(+), 28 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 47726ec72c..c250525d70 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -639,22 +639,11 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, * \note The output buffer must be as large as the size * of ctx->N. For example, 128 Bytes if RSA-1024 is used. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PUBLIC. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initnialized RSA context to use. * \param f_rng The RNG function to use. This is needed for padding * generation and must be provided. * \param p_rng The RNG context to be passed to \p f_rng. This may * be \c NULL if \p f_rng doesn't need a context argument. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param label The buffer holding the custom label to use. * This must be a readable buffer of length \p label_len * Bytes. It may be \c NULL if \p label_len is \c 0. @@ -673,7 +662,6 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, diff --git a/library/psa_crypto.c b/library/psa_crypto.c index c4354d7581..098c4bba87 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -3078,7 +3078,6 @@ psa_status_t psa_asymmetric_encrypt( mbedtls_svc_key_id_t key, mbedtls_rsa_rsaes_oaep_encrypt( rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PUBLIC, salt, salt_length, input_length, input, diff --git a/library/rsa.c b/library/rsa.c index 6651c880a2..86bd71d47d 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1156,7 +1156,6 @@ exit: int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, const unsigned char *label, size_t label_len, size_t ilen, const unsigned char *input, @@ -1170,15 +1169,10 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( output != NULL ); RSA_VALIDATE_RET( ilen == 0 || input != NULL ); RSA_VALIDATE_RET( label_len == 0 || label != NULL ); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( f_rng == NULL ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1232,9 +1226,7 @@ exit: if( ret != 0 ) return( ret ); - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, output, output ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, output, output ) ); + return( mbedtls_rsa_public( ctx, output, output ) ); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -1318,8 +1310,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, - MBEDTLS_RSA_PUBLIC, NULL, 0, + return mbedtls_rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, NULL, 0, ilen, input, output ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 6da946e0ca..1bf1850027 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -129,25 +129,21 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( NULL, NULL, NULL, - MBEDTLS_RSA_PUBLIC, buf, sizeof( buf ), sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, NULL, sizeof( buf ), sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, buf, sizeof( buf ), sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsaes_oaep_encrypt( &ctx, NULL, NULL, - MBEDTLS_RSA_PUBLIC, buf, sizeof( buf ), sizeof( buf ), buf, NULL ) ); From e13a23b4394454943605ddeaeea892c420178290 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 17 May 2021 11:16:52 +0200 Subject: [PATCH 120/271] New line added at the end of the migration guide entry Signed-off-by: TRodziewicz --- docs/3.0-migration-guide.d/remove_ssl_record_checking.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md index 203e740240..7550f7b5a5 100644 --- a/docs/3.0-migration-guide.d/remove_ssl_record_checking.md +++ b/docs/3.0-migration-guide.d/remove_ssl_record_checking.md @@ -10,4 +10,4 @@ was made optional to allow users who don't need it to save some code space. However, the same effect can be achieve by using link-time garbage collection. Users who changed the default setting of the option need to change the config/ -build system to remove that change. \ No newline at end of file +build system to remove that change. From 3eac6126505ad5a62a189961bdbb8fa4f3146c3f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 May 2021 22:16:26 +0200 Subject: [PATCH 121/271] Add changelog entry for #4510 Signed-off-by: Gilles Peskine --- ChangeLog.d/psa_sign_message.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/psa_sign_message.txt diff --git a/ChangeLog.d/psa_sign_message.txt b/ChangeLog.d/psa_sign_message.txt new file mode 100644 index 0000000000..2d77ec054e --- /dev/null +++ b/ChangeLog.d/psa_sign_message.txt @@ -0,0 +1,2 @@ +Features + * Implement psa_sign_message() and psa_verify_message(). From c86f20af985b397db5aefdee925cec014af22349 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 00:20:47 +0200 Subject: [PATCH 122/271] Allow running source file generators from a subdirectory Signed-off-by: Gilles Peskine --- scripts/generate_psa_constants.py | 4 +-- scripts/generate_query_config.pl | 6 +++++ scripts/mbedtls_dev/build_tree.py | 38 +++++++++++++++++++++++++++++ tests/scripts/generate_psa_tests.py | 10 ++++++-- 4 files changed, 54 insertions(+), 4 deletions(-) create mode 100644 scripts/mbedtls_dev/build_tree.py diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 71afd02c89..960a07986f 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -29,6 +29,7 @@ file is written: import os import sys +from mbedtls_dev import build_tree from mbedtls_dev import macro_collector OUTPUT_TEMPLATE = '''\ @@ -335,8 +336,7 @@ def generate_psa_constants(header_file_names, output_file_name): os.replace(temp_file_name, output_file_name) if __name__ == '__main__': - if not os.path.isdir('programs') and os.path.isdir('../programs'): - os.chdir('..') + build_tree.chdir_to_root() # Allow to change the directory where psa_constant_names_generated.c is written to. OUTPUT_FILE_DIR = sys.argv[1] if len(sys.argv) == 2 else "programs/psa" generate_psa_constants(['include/psa/crypto_values.h', diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 3cef101e3a..8c8c1880e2 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -38,6 +38,12 @@ my $config_file = "./include/mbedtls/config.h"; my $query_config_format_file = "./scripts/data_files/query_config.fmt"; my $query_config_file = "./programs/test/query_config.c"; +unless( -f $config_file && -f $query_config_format_file ) { + chdir '..' or die; + -f $config_file && -f $query_config_format_file + or die "Without arguments, must be run from root or a subdirectory\n"; +} + # Excluded macros from the generated query_config.c. For example, macros that # have commas or function-like macros cannot be transformed into strings easily # using the preprocessor, so they should be excluded or the preprocessor will diff --git a/scripts/mbedtls_dev/build_tree.py b/scripts/mbedtls_dev/build_tree.py new file mode 100644 index 0000000000..772410473d --- /dev/null +++ b/scripts/mbedtls_dev/build_tree.py @@ -0,0 +1,38 @@ +"""Mbed TLS build tree information and manipulation. +""" + +# Copyright The Mbed TLS Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os + +def looks_like_mbedtls_root(path: str) -> bool: + """Whether the given directory looks like the root of the Mbed TLS source tree.""" + return all(os.path.isdir(os.path.join(path, subdir)) + for subdir in ['include', 'library', 'programs', 'tests']) + +def chdir_to_root() -> None: + """Detect the root of the Mbed TLS source tree and change to it. + + The current directory must be up to two levels deep inside an Mbed TLS + source tree. + """ + for d in [os.path.curdir, + os.path.pardir, + os.path.join(os.path.pardir, os.path.pardir)]: + if looks_like_mbedtls_root(d): + os.chdir(d) + return + raise Exception('Mbed TLS source tree not found') diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 669c75da91..ab8ebffe44 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -27,6 +27,7 @@ import sys from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional, TypeVar import scripts_path # pylint: disable=unused-import +from mbedtls_dev import build_tree from mbedtls_dev import crypto_knowledge from mbedtls_dev import macro_collector from mbedtls_dev import psa_storage @@ -79,9 +80,13 @@ def read_implemented_dependencies(filename: str) -> FrozenSet[str]: return frozenset(symbol for line in open(filename) for symbol in re.findall(r'\bPSA_WANT_\w+\b', line)) -IMPLEMENTED_DEPENDENCIES = read_implemented_dependencies('include/psa/crypto_config.h') +_implemented_dependencies = None #type: Optional[FrozenSet[str]] #pylint: disable=invalid-name def hack_dependencies_not_implemented(dependencies: List[str]) -> None: - if not all(dep.lstrip('!') in IMPLEMENTED_DEPENDENCIES + global _implemented_dependencies #pylint: disable=global-statement,invalid-name + if _implemented_dependencies is None: + _implemented_dependencies = \ + read_implemented_dependencies('include/psa/crypto_config.h') + if not all(dep.lstrip('!') in _implemented_dependencies for dep in dependencies): dependencies.append('DEPENDENCY_NOT_IMPLEMENTED_YET') @@ -426,6 +431,7 @@ def main(args): parser.add_argument('targets', nargs='*', metavar='TARGET', help='Target file to generate (default: all; "-": none)') options = parser.parse_args(args) + build_tree.chdir_to_root() generator = TestGenerator(options) if options.list: for name in sorted(generator.TARGETS): From b61a614cdb85255ce0629246ca1d934af48a5d86 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 00:21:58 +0200 Subject: [PATCH 123/271] Use Python 3 instead of Python 2 to generate test files Python 2 is no longer officially supported, but we were still using it to generate test suite .c files from .function files when using GNU make. Switch to looking for Python 3. This change was done for CMake a long time ago. Signed-off-by: Gilles Peskine --- tests/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/Makefile b/tests/Makefile index 53f64b93df..7afd0f59f6 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -53,8 +53,7 @@ else DLEXT ?= so EXEXT= SHARED_SUFFIX= -# python2 for POSIX since FreeBSD has only python2 as default. -PYTHON ?= python2 +PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif # A test application is built for each suites/test_suite_*.data file. From 687d1ab7146f1abbc0b8bf218d876cee68278cd0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 01:01:56 +0200 Subject: [PATCH 124/271] Makefile targets for automatically generated files Run `make generated_files` to generate the automatically generated C source files and build scripts. Run `make neat` to remove all automatically generated files, even C source files and build scripts. Signed-off-by: Gilles Peskine --- Makefile | 42 +++++++++++++++++++++++++++++++++++++++++- library/Makefile | 27 +++++++++++++++++++++++++++ programs/Makefile | 28 ++++++++++++++++++++++++++++ tests/Makefile | 29 ++++++++++++++++++++++++++++- 4 files changed, 124 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 6a8b230077..a0c4386764 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,6 @@ DESTDIR=/usr/local PREFIX=mbedtls_ +PERL ?= perl .SILENT: @@ -22,6 +23,32 @@ tests: lib mbedtls_test mbedtls_test: $(MAKE) -C tests mbedtls_test +library/%: + $(MAKE) -C library $* +programs/%: + $(MAKE) -C programs $* +tests/%: + $(MAKE) -C tests $* + +.PHONY: generated_files +generated_files: library/generated_files +generated_files: programs/generated_files +generated_files: tests/generated_files +generated_files: visualc_files + +.PHONY: visualc_files +VISUALC_FILES = visualc/VS2010/mbedTLS.sln visualc/VS2010/mbedTLS.vcxproj +# TODO: $(app).vcxproj for each $(app) in programs/ +visualc_files: $(VISUALC_FILES) +$(VISUALC_FILES): scripts/generate_visualc_files.pl +$(VISUALC_FILES): scripts/data_files/vs2010-app-template.vcxproj +$(VISUALC_FILES): scripts/data_files/vs2010-main-template.vcxproj +$(VISUALC_FILES): scripts/data_files/vs2010-sln-template.sln +# TODO: also the list of .c and .h source files, but not their content +$(VISUALC_FILES): + echo " Gen $@ ..." + $(PERL) scripts/generate_visualc_files.pl + ifndef WINDOWS install: no_test mkdir -p $(DESTDIR)/include/mbedtls @@ -86,14 +113,27 @@ ifndef WINDOWS echo '$(NULL_ENTROPY_WARNING)' endif -clean: +clean: clean_more_on_top $(MAKE) -C library clean $(MAKE) -C programs clean $(MAKE) -C tests clean + +clean_more_on_top: ifndef WINDOWS find . \( -name \*.gcno -o -name \*.gcda -o -name \*.info \) -exec rm {} + endif +neat: clean_more_on_top + $(MAKE) -C library neat + $(MAKE) -C programs neat + $(MAKE) -C tests neat +ifndef WINDOWS + rm -f visualc/VS2010/*.vcxproj visualc/VS2010/mbedTLS.sln +else + if exist visualc\VS2010\*.vcxproj del /Q /F visualc\VS2010\*.vcxproj + if exist visualc\VS2010\mbedTLS.sln del /Q /F visualc\VS2010\mbedTLS.sln +endif + check: lib tests $(MAKE) -C tests check diff --git a/library/Makefile b/library/Makefile index d7fa4d9275..aff814d00d 100644 --- a/library/Makefile +++ b/library/Makefile @@ -22,6 +22,8 @@ endif # To compile on Plan9: # CFLAGS += -D_BSD_EXTENSION +PERL ?= perl + # if were running on Windows build for Windows ifdef WINDOWS WINDOWS_BUILD=1 @@ -271,6 +273,24 @@ libmbedcrypto.dll: $(OBJS_CRYPTO) echo " CC $<" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) -o $@ -c $< +.PHONY: generated_files +GENERATED_FILES = error.c version_features.c +generated_files: $(GENERATED_FILES) + +error.c: ../scripts/generate_errors.pl +error.c: ../scripts/data_files/error.fmt +error.c: $(wildcard ../include/mbedtls/*.h) +error.c: + echo " Gen $@" + $(PERL) ../scripts/generate_errors.pl + +version_features.c: ../scripts/generate_features.pl +version_features.c: ../scripts/data_files/version_features.fmt +version_features.c: ../include/mbedtls/config.h +version_features.c: + echo " Gen $@" + $(PERL) ../scripts/generate_features.pl + clean: ifndef WINDOWS rm -f *.o libmbed* @@ -280,3 +300,10 @@ else if exist libmbed* del /Q /F libmbed* del /Q /F del_errors_out_if_the_file_list_is_empty_but_not_if_a_file_does_not_exist $(subst /,\,$(THIRDPARTY_CRYPTO_OBJECTS)) endif + +neat: clean +ifndef WINDOWS + rm -f $(GENERATED_FILES) +else + for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f +endif diff --git a/programs/Makefile b/programs/Makefile index 0f1356e76a..b2ba08e135 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -43,10 +43,12 @@ LOCAL_LDFLAGS += -lws2_32 ifdef SHARED SHARED_SUFFIX=.$(DLEXT) endif +PYTHON ?= python else DLEXT ?= so EXEXT= SHARED_SUFFIX= +PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif APPS = \ @@ -131,6 +133,25 @@ $(MBEDLIBS): ${MBEDTLS_TEST_OBJS}: $(MAKE) -C ../tests mbedtls_test +.PHONY: generated_files +GENERATED_FILES = psa/psa_constant_names_generated.c test/query_config.c +generated_files: $(GENERATED_FILES) + +psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py +psa/psa_constant_names_generated.c: ../include/psa/crypto_values.h +psa/psa_constant_names_generated.c: ../include/psa/crypto_extra.h +psa/psa_constant_names_generated.c: ../tests/suites/test_suite_psa_crypto_metadata.data +psa/psa_constant_names_generated.c: + echo " Gen $@" + $(PYTHON) ../scripts/generate_psa_constants.py + +test/query_config.c: ../scripts/generate_query_config.pl +test/query_config.c: ../include/mbedtls/config.h +test/query_config.c: ../scripts/data_files/query_config.fmt +test/query_config.c: + echo " Gen $@" + $(PERL) ../scripts/generate_query_config.pl + aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP) echo " CC aes/crypt_and_hash.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ @@ -365,5 +386,12 @@ else endif $(MAKE) -C fuzz clean +neat: clean +ifndef WINDOWS + rm -f $(GENERATED_FILES) +else + for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f +endif + list: echo $(APPS) diff --git a/tests/Makefile b/tests/Makefile index 7afd0f59f6..ef571698c3 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -5,6 +5,8 @@ CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral LDFLAGS ?= +default: all + # Include public header files from ../include, test-specific header files # from ./include, and private header files (used by some invasive tests) # from ../library. @@ -56,10 +58,28 @@ SHARED_SUFFIX= PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif +.PHONY: generated_files +GENERATED_DATA_FILES := $(patsubst tests/%,%,$(shell $(PYTHON) scripts/generate_psa_tests.py --list)) +GENERATED_FILES := $(GENERATED_DATA_FILES) +generated_files: $(GENERATED_FILES) + +$(GENERATED_DATA_FILES): scripts/generate_psa_tests.py +$(GENERATED_DATA_FILES): ../include/psa/crypto_config.h +$(GENERATED_DATA_FILES): ../include/psa/crypto_values.h +$(GENERATED_DATA_FILES): ../include/psa/crypto_extra.h +$(GENERATED_DATA_FILES): suites/test_suite_psa_crypto_metadata.data +$(GENERATED_DATA_FILES): + echo " Gen $@ ..." + $(PYTHON) scripts/generate_psa_tests.py + # A test application is built for each suites/test_suite_*.data file. # Application name is same as .data file's base name and can be # constructed by stripping path 'suites/' and extension .data. -APPS = $(basename $(subst suites/,,$(wildcard suites/test_suite_*.data))) +DATA_FILES := $(wildcard suites/test_suite_*.data) +# Make sure that generated data files are included even if they don't +# exist yet when the makefile is parsed. +DATA_FILES += $(filter-out $(DATA_FILES),$(GENERATED_DATA_FILES)) +APPS = $(basename $(subst suites/,,$(DATA_FILES))) # Construct executable name by adding OS specific suffix $(EXEXT). BINARIES := $(addsuffix $(EXEXT),$(APPS)) @@ -144,6 +164,13 @@ ifneq ($(wildcard TESTS/.*),) endif endif +neat: clean +ifndef WINDOWS + rm -f $(GENERATED_FILES) +else + for %f in ($(subst /,\,$(GENERATED_FILES))) if exist %f del /Q /F %f +endif + # Test suites caught by SKIP_TEST_SUITES are built but not executed. check: $(BINARIES) perl scripts/run-test-suites.pl --skip=$(SKIP_TEST_SUITES) From 9c58274484de6ea34e4c0b17044e86a547734b25 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 01:03:15 +0200 Subject: [PATCH 125/271] Remove automatically generated source files Signed-off-by: Gilles Peskine --- library/error.c | 855 ------ library/version_features.c | 842 ----- programs/psa/psa_constant_names_generated.c | 449 --- programs/test/query_config.c | 2724 ----------------- ...te_psa_crypto_not_supported.generated.data | 1078 ------- ...ite_psa_crypto_storage_format.current.data | 775 ----- ...st_suite_psa_crypto_storage_format.v0.data | 775 ----- visualc/VS2010/benchmark.vcxproj | 167 - visualc/VS2010/cert_app.vcxproj | 167 - visualc/VS2010/cert_req.vcxproj | 167 - visualc/VS2010/cert_write.vcxproj | 167 - visualc/VS2010/crl_app.vcxproj | 167 - visualc/VS2010/crypt_and_hash.vcxproj | 167 - visualc/VS2010/crypto_examples.vcxproj | 167 - visualc/VS2010/dh_client.vcxproj | 167 - visualc/VS2010/dh_genprime.vcxproj | 167 - visualc/VS2010/dh_server.vcxproj | 167 - visualc/VS2010/dtls_client.vcxproj | 167 - visualc/VS2010/dtls_server.vcxproj | 167 - visualc/VS2010/ecdh_curve25519.vcxproj | 167 - visualc/VS2010/ecdsa.vcxproj | 167 - visualc/VS2010/gen_entropy.vcxproj | 167 - visualc/VS2010/gen_key.vcxproj | 167 - visualc/VS2010/gen_random_ctr_drbg.vcxproj | 167 - visualc/VS2010/generic_sum.vcxproj | 167 - visualc/VS2010/hello.vcxproj | 167 - visualc/VS2010/key_app.vcxproj | 167 - visualc/VS2010/key_app_writer.vcxproj | 167 - visualc/VS2010/key_ladder_demo.vcxproj | 167 - visualc/VS2010/mbedTLS.sln | 676 ---- visualc/VS2010/mbedTLS.vcxproj | 400 --- visualc/VS2010/mini_client.vcxproj | 167 - visualc/VS2010/mpi_demo.vcxproj | 167 - visualc/VS2010/pem2der.vcxproj | 167 - visualc/VS2010/pk_decrypt.vcxproj | 167 - visualc/VS2010/pk_encrypt.vcxproj | 167 - visualc/VS2010/pk_sign.vcxproj | 167 - visualc/VS2010/pk_verify.vcxproj | 167 - visualc/VS2010/psa_constant_names.vcxproj | 167 - .../VS2010/query_compile_time_config.vcxproj | 168 - visualc/VS2010/req_app.vcxproj | 167 - visualc/VS2010/rsa_decrypt.vcxproj | 167 - visualc/VS2010/rsa_encrypt.vcxproj | 167 - visualc/VS2010/rsa_genkey.vcxproj | 167 - visualc/VS2010/rsa_sign.vcxproj | 167 - visualc/VS2010/rsa_sign_pss.vcxproj | 167 - visualc/VS2010/rsa_verify.vcxproj | 167 - visualc/VS2010/rsa_verify_pss.vcxproj | 167 - visualc/VS2010/selftest.vcxproj | 167 - visualc/VS2010/ssl_client1.vcxproj | 167 - visualc/VS2010/ssl_client2.vcxproj | 169 - visualc/VS2010/ssl_context_info.vcxproj | 167 - visualc/VS2010/ssl_fork_server.vcxproj | 167 - visualc/VS2010/ssl_mail_client.vcxproj | 167 - visualc/VS2010/ssl_server.vcxproj | 167 - visualc/VS2010/ssl_server2.vcxproj | 169 - visualc/VS2010/strerror.vcxproj | 167 - visualc/VS2010/udp_proxy.vcxproj | 167 - visualc/VS2010/zeroize.vcxproj | 167 - 59 files changed, 16929 deletions(-) delete mode 100644 library/error.c delete mode 100644 library/version_features.c delete mode 100644 programs/psa/psa_constant_names_generated.c delete mode 100644 programs/test/query_config.c delete mode 100644 tests/suites/test_suite_psa_crypto_not_supported.generated.data delete mode 100644 tests/suites/test_suite_psa_crypto_storage_format.current.data delete mode 100644 tests/suites/test_suite_psa_crypto_storage_format.v0.data delete mode 100644 visualc/VS2010/benchmark.vcxproj delete mode 100644 visualc/VS2010/cert_app.vcxproj delete mode 100644 visualc/VS2010/cert_req.vcxproj delete mode 100644 visualc/VS2010/cert_write.vcxproj delete mode 100644 visualc/VS2010/crl_app.vcxproj delete mode 100644 visualc/VS2010/crypt_and_hash.vcxproj delete mode 100644 visualc/VS2010/crypto_examples.vcxproj delete mode 100644 visualc/VS2010/dh_client.vcxproj delete mode 100644 visualc/VS2010/dh_genprime.vcxproj delete mode 100644 visualc/VS2010/dh_server.vcxproj delete mode 100644 visualc/VS2010/dtls_client.vcxproj delete mode 100644 visualc/VS2010/dtls_server.vcxproj delete mode 100644 visualc/VS2010/ecdh_curve25519.vcxproj delete mode 100644 visualc/VS2010/ecdsa.vcxproj delete mode 100644 visualc/VS2010/gen_entropy.vcxproj delete mode 100644 visualc/VS2010/gen_key.vcxproj delete mode 100644 visualc/VS2010/gen_random_ctr_drbg.vcxproj delete mode 100644 visualc/VS2010/generic_sum.vcxproj delete mode 100644 visualc/VS2010/hello.vcxproj delete mode 100644 visualc/VS2010/key_app.vcxproj delete mode 100644 visualc/VS2010/key_app_writer.vcxproj delete mode 100644 visualc/VS2010/key_ladder_demo.vcxproj delete mode 100644 visualc/VS2010/mbedTLS.sln delete mode 100644 visualc/VS2010/mbedTLS.vcxproj delete mode 100644 visualc/VS2010/mini_client.vcxproj delete mode 100644 visualc/VS2010/mpi_demo.vcxproj delete mode 100644 visualc/VS2010/pem2der.vcxproj delete mode 100644 visualc/VS2010/pk_decrypt.vcxproj delete mode 100644 visualc/VS2010/pk_encrypt.vcxproj delete mode 100644 visualc/VS2010/pk_sign.vcxproj delete mode 100644 visualc/VS2010/pk_verify.vcxproj delete mode 100644 visualc/VS2010/psa_constant_names.vcxproj delete mode 100644 visualc/VS2010/query_compile_time_config.vcxproj delete mode 100644 visualc/VS2010/req_app.vcxproj delete mode 100644 visualc/VS2010/rsa_decrypt.vcxproj delete mode 100644 visualc/VS2010/rsa_encrypt.vcxproj delete mode 100644 visualc/VS2010/rsa_genkey.vcxproj delete mode 100644 visualc/VS2010/rsa_sign.vcxproj delete mode 100644 visualc/VS2010/rsa_sign_pss.vcxproj delete mode 100644 visualc/VS2010/rsa_verify.vcxproj delete mode 100644 visualc/VS2010/rsa_verify_pss.vcxproj delete mode 100644 visualc/VS2010/selftest.vcxproj delete mode 100644 visualc/VS2010/ssl_client1.vcxproj delete mode 100644 visualc/VS2010/ssl_client2.vcxproj delete mode 100644 visualc/VS2010/ssl_context_info.vcxproj delete mode 100644 visualc/VS2010/ssl_fork_server.vcxproj delete mode 100644 visualc/VS2010/ssl_mail_client.vcxproj delete mode 100644 visualc/VS2010/ssl_server.vcxproj delete mode 100644 visualc/VS2010/ssl_server2.vcxproj delete mode 100644 visualc/VS2010/strerror.vcxproj delete mode 100644 visualc/VS2010/udp_proxy.vcxproj delete mode 100644 visualc/VS2010/zeroize.vcxproj diff --git a/library/error.c b/library/error.c deleted file mode 100644 index 3a84366327..0000000000 --- a/library/error.c +++ /dev/null @@ -1,855 +0,0 @@ -/* - * Error message information - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "common.h" - -#include "mbedtls/error.h" - -#if defined(MBEDTLS_ERROR_C) || defined(MBEDTLS_ERROR_STRERROR_DUMMY) - -#if defined(MBEDTLS_ERROR_C) - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#define mbedtls_snprintf snprintf -#endif - -#include -#include - -#if defined(MBEDTLS_AES_C) -#include "mbedtls/aes.h" -#endif - -#if defined(MBEDTLS_ARIA_C) -#include "mbedtls/aria.h" -#endif - -#if defined(MBEDTLS_ASN1_PARSE_C) -#include "mbedtls/asn1.h" -#endif - -#if defined(MBEDTLS_BASE64_C) -#include "mbedtls/base64.h" -#endif - -#if defined(MBEDTLS_BIGNUM_C) -#include "mbedtls/bignum.h" -#endif - -#if defined(MBEDTLS_BLOWFISH_C) -#include "mbedtls/blowfish.h" -#endif - -#if defined(MBEDTLS_CAMELLIA_C) -#include "mbedtls/camellia.h" -#endif - -#if defined(MBEDTLS_CCM_C) -#include "mbedtls/ccm.h" -#endif - -#if defined(MBEDTLS_CHACHA20_C) -#include "mbedtls/chacha20.h" -#endif - -#if defined(MBEDTLS_CHACHAPOLY_C) -#include "mbedtls/chachapoly.h" -#endif - -#if defined(MBEDTLS_CIPHER_C) -#include "mbedtls/cipher.h" -#endif - -#if defined(MBEDTLS_CTR_DRBG_C) -#include "mbedtls/ctr_drbg.h" -#endif - -#if defined(MBEDTLS_DES_C) -#include "mbedtls/des.h" -#endif - -#if defined(MBEDTLS_DHM_C) -#include "mbedtls/dhm.h" -#endif - -#if defined(MBEDTLS_ECP_C) -#include "mbedtls/ecp.h" -#endif - -#if defined(MBEDTLS_ENTROPY_C) -#include "mbedtls/entropy.h" -#endif - -#if defined(MBEDTLS_ERROR_C) -#include "mbedtls/error.h" -#endif - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#endif - -#if defined(MBEDTLS_GCM_C) -#include "mbedtls/gcm.h" -#endif - -#if defined(MBEDTLS_HKDF_C) -#include "mbedtls/hkdf.h" -#endif - -#if defined(MBEDTLS_HMAC_DRBG_C) -#include "mbedtls/hmac_drbg.h" -#endif - -#if defined(MBEDTLS_MD_C) -#include "mbedtls/md.h" -#endif - -#if defined(MBEDTLS_NET_C) -#include "mbedtls/net_sockets.h" -#endif - -#if defined(MBEDTLS_OID_C) -#include "mbedtls/oid.h" -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) -#include "mbedtls/pem.h" -#endif - -#if defined(MBEDTLS_PK_C) -#include "mbedtls/pk.h" -#endif - -#if defined(MBEDTLS_PKCS12_C) -#include "mbedtls/pkcs12.h" -#endif - -#if defined(MBEDTLS_PKCS5_C) -#include "mbedtls/pkcs5.h" -#endif - -#if defined(MBEDTLS_POLY1305_C) -#include "mbedtls/poly1305.h" -#endif - -#if defined(MBEDTLS_RSA_C) -#include "mbedtls/rsa.h" -#endif - -#if defined(MBEDTLS_SHA1_C) -#include "mbedtls/sha1.h" -#endif - -#if defined(MBEDTLS_SHA256_C) -#include "mbedtls/sha256.h" -#endif - -#if defined(MBEDTLS_SHA512_C) -#include "mbedtls/sha512.h" -#endif - -#if defined(MBEDTLS_SSL_TLS_C) -#include "mbedtls/ssl.h" -#endif - -#if defined(MBEDTLS_THREADING_C) -#include "mbedtls/threading.h" -#endif - -#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) -#include "mbedtls/x509.h" -#endif - -#if defined(MBEDTLS_XTEA_C) -#include "mbedtls/xtea.h" -#endif - - -const char * mbedtls_high_level_strerr( int error_code ) -{ - int high_level_error_code; - - if( error_code < 0 ) - error_code = -error_code; - - /* Extract the high-level part from the error code. */ - high_level_error_code = error_code & 0xFF80; - - switch( high_level_error_code ) - { - /* Begin Auto-Generated Code. */ -#if defined(MBEDTLS_CIPHER_C) - case -(MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE): - return( "CIPHER - The selected feature is not available" ); - case -(MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA): - return( "CIPHER - Bad input parameters" ); - case -(MBEDTLS_ERR_CIPHER_ALLOC_FAILED): - return( "CIPHER - Failed to allocate memory" ); - case -(MBEDTLS_ERR_CIPHER_INVALID_PADDING): - return( "CIPHER - Input data contains invalid padding and is rejected" ); - case -(MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED): - return( "CIPHER - Decryption of block requires a full block" ); - case -(MBEDTLS_ERR_CIPHER_AUTH_FAILED): - return( "CIPHER - Authentication failed (for AEAD modes)" ); - case -(MBEDTLS_ERR_CIPHER_INVALID_CONTEXT): - return( "CIPHER - The context is invalid. For example, because it was freed" ); -#endif /* MBEDTLS_CIPHER_C */ - -#if defined(MBEDTLS_DHM_C) - case -(MBEDTLS_ERR_DHM_BAD_INPUT_DATA): - return( "DHM - Bad input parameters" ); - case -(MBEDTLS_ERR_DHM_READ_PARAMS_FAILED): - return( "DHM - Reading of the DHM parameters failed" ); - case -(MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED): - return( "DHM - Making of the DHM parameters failed" ); - case -(MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED): - return( "DHM - Reading of the public values failed" ); - case -(MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED): - return( "DHM - Making of the public value failed" ); - case -(MBEDTLS_ERR_DHM_CALC_SECRET_FAILED): - return( "DHM - Calculation of the DHM secret failed" ); - case -(MBEDTLS_ERR_DHM_INVALID_FORMAT): - return( "DHM - The ASN.1 data is not formatted correctly" ); - case -(MBEDTLS_ERR_DHM_ALLOC_FAILED): - return( "DHM - Allocation of memory failed" ); - case -(MBEDTLS_ERR_DHM_FILE_IO_ERROR): - return( "DHM - Read or write of file failed" ); - case -(MBEDTLS_ERR_DHM_SET_GROUP_FAILED): - return( "DHM - Setting the modulus and generator failed" ); -#endif /* MBEDTLS_DHM_C */ - -#if defined(MBEDTLS_ECP_C) - case -(MBEDTLS_ERR_ECP_BAD_INPUT_DATA): - return( "ECP - Bad input parameters to function" ); - case -(MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL): - return( "ECP - The buffer is too small to write to" ); - case -(MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE): - return( "ECP - The requested feature is not available, for example, the requested curve is not supported" ); - case -(MBEDTLS_ERR_ECP_VERIFY_FAILED): - return( "ECP - The signature is not valid" ); - case -(MBEDTLS_ERR_ECP_ALLOC_FAILED): - return( "ECP - Memory allocation failed" ); - case -(MBEDTLS_ERR_ECP_RANDOM_FAILED): - return( "ECP - Generation of random value, such as ephemeral key, failed" ); - case -(MBEDTLS_ERR_ECP_INVALID_KEY): - return( "ECP - Invalid private or public key" ); - case -(MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH): - return( "ECP - The buffer contains a valid signature followed by more data" ); - case -(MBEDTLS_ERR_ECP_IN_PROGRESS): - return( "ECP - Operation in progress, call again with the same parameters to continue" ); -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_MD_C) - case -(MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE): - return( "MD - The selected feature is not available" ); - case -(MBEDTLS_ERR_MD_BAD_INPUT_DATA): - return( "MD - Bad input parameters to function" ); - case -(MBEDTLS_ERR_MD_ALLOC_FAILED): - return( "MD - Failed to allocate memory" ); - case -(MBEDTLS_ERR_MD_FILE_IO_ERROR): - return( "MD - Opening or reading of file failed" ); -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C) - case -(MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT): - return( "PEM - No PEM header or footer found" ); - case -(MBEDTLS_ERR_PEM_INVALID_DATA): - return( "PEM - PEM string is not as expected" ); - case -(MBEDTLS_ERR_PEM_ALLOC_FAILED): - return( "PEM - Failed to allocate memory" ); - case -(MBEDTLS_ERR_PEM_INVALID_ENC_IV): - return( "PEM - RSA IV is not in hex-format" ); - case -(MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG): - return( "PEM - Unsupported key encryption algorithm" ); - case -(MBEDTLS_ERR_PEM_PASSWORD_REQUIRED): - return( "PEM - Private key password can't be empty" ); - case -(MBEDTLS_ERR_PEM_PASSWORD_MISMATCH): - return( "PEM - Given private key password does not allow for correct decryption" ); - case -(MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE): - return( "PEM - Unavailable feature, e.g. hashing/encryption combination" ); - case -(MBEDTLS_ERR_PEM_BAD_INPUT_DATA): - return( "PEM - Bad input parameters to function" ); -#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */ - -#if defined(MBEDTLS_PK_C) - case -(MBEDTLS_ERR_PK_ALLOC_FAILED): - return( "PK - Memory allocation failed" ); - case -(MBEDTLS_ERR_PK_TYPE_MISMATCH): - return( "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" ); - case -(MBEDTLS_ERR_PK_BAD_INPUT_DATA): - return( "PK - Bad input parameters to function" ); - case -(MBEDTLS_ERR_PK_FILE_IO_ERROR): - return( "PK - Read/write of file failed" ); - case -(MBEDTLS_ERR_PK_KEY_INVALID_VERSION): - return( "PK - Unsupported key version" ); - case -(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT): - return( "PK - Invalid key tag or value" ); - case -(MBEDTLS_ERR_PK_UNKNOWN_PK_ALG): - return( "PK - Key algorithm is unsupported (only RSA and EC are supported)" ); - case -(MBEDTLS_ERR_PK_PASSWORD_REQUIRED): - return( "PK - Private key password can't be empty" ); - case -(MBEDTLS_ERR_PK_PASSWORD_MISMATCH): - return( "PK - Given private key password does not allow for correct decryption" ); - case -(MBEDTLS_ERR_PK_INVALID_PUBKEY): - return( "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" ); - case -(MBEDTLS_ERR_PK_INVALID_ALG): - return( "PK - The algorithm tag or value is invalid" ); - case -(MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE): - return( "PK - Elliptic curve is unsupported (only NIST curves are supported)" ); - case -(MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE): - return( "PK - Unavailable feature, e.g. RSA disabled for RSA key" ); - case -(MBEDTLS_ERR_PK_SIG_LEN_MISMATCH): - return( "PK - The buffer contains a valid signature followed by more data" ); -#endif /* MBEDTLS_PK_C */ - -#if defined(MBEDTLS_PKCS12_C) - case -(MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA): - return( "PKCS12 - Bad input parameters to function" ); - case -(MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE): - return( "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); - case -(MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT): - return( "PKCS12 - PBE ASN.1 data not as expected" ); - case -(MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH): - return( "PKCS12 - Given private key password does not allow for correct decryption" ); -#endif /* MBEDTLS_PKCS12_C */ - -#if defined(MBEDTLS_PKCS5_C) - case -(MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA): - return( "PKCS5 - Bad input parameters to function" ); - case -(MBEDTLS_ERR_PKCS5_INVALID_FORMAT): - return( "PKCS5 - Unexpected ASN.1 data" ); - case -(MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE): - return( "PKCS5 - Requested encryption or digest alg not available" ); - case -(MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH): - return( "PKCS5 - Given private key password does not allow for correct decryption" ); -#endif /* MBEDTLS_PKCS5_C */ - -#if defined(MBEDTLS_RSA_C) - case -(MBEDTLS_ERR_RSA_BAD_INPUT_DATA): - return( "RSA - Bad input parameters to function" ); - case -(MBEDTLS_ERR_RSA_INVALID_PADDING): - return( "RSA - Input data contains invalid padding and is rejected" ); - case -(MBEDTLS_ERR_RSA_KEY_GEN_FAILED): - return( "RSA - Something failed during generation of a key" ); - case -(MBEDTLS_ERR_RSA_KEY_CHECK_FAILED): - return( "RSA - Key failed to pass the validity check of the library" ); - case -(MBEDTLS_ERR_RSA_PUBLIC_FAILED): - return( "RSA - The public key operation failed" ); - case -(MBEDTLS_ERR_RSA_PRIVATE_FAILED): - return( "RSA - The private key operation failed" ); - case -(MBEDTLS_ERR_RSA_VERIFY_FAILED): - return( "RSA - The PKCS#1 verification failed" ); - case -(MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE): - return( "RSA - The output buffer for decryption is not large enough" ); - case -(MBEDTLS_ERR_RSA_RNG_FAILED): - return( "RSA - The random generator failed to generate non-zeros" ); -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_SSL_TLS_C) - case -(MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE): - return( "SSL - The requested feature is not available" ); - case -(MBEDTLS_ERR_SSL_BAD_INPUT_DATA): - return( "SSL - Bad input parameters to function" ); - case -(MBEDTLS_ERR_SSL_INVALID_MAC): - return( "SSL - Verification of the message MAC failed" ); - case -(MBEDTLS_ERR_SSL_INVALID_RECORD): - return( "SSL - An invalid SSL record was received" ); - case -(MBEDTLS_ERR_SSL_CONN_EOF): - return( "SSL - The connection indicated an EOF" ); - case -(MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN): - return( "SSL - The server has no ciphersuites in common with the client" ); - case -(MBEDTLS_ERR_SSL_NO_RNG): - return( "SSL - No RNG was provided to the SSL module" ); - case -(MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE): - return( "SSL - No client certification received from the client, but required by the authentication mode" ); - case -(MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED): - return( "SSL - The own private key or pre-shared key is not set, but needed" ); - case -(MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED): - return( "SSL - No CA Chain is set, but required to operate" ); - case -(MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE): - return( "SSL - An unexpected message was received from our peer" ); - case -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE): - return( "SSL - A fatal alert message was received from our peer" ); - case -(MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY): - return( "SSL - The peer notified us that the connection is going to be closed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO): - return( "SSL - Processing of the ClientHello handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO): - return( "SSL - Processing of the ServerHello handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE): - return( "SSL - Processing of the Certificate handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST): - return( "SSL - Processing of the CertificateRequest handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE): - return( "SSL - Processing of the ServerKeyExchange handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE): - return( "SSL - Processing of the ServerHelloDone handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE): - return( "SSL - Processing of the ClientKeyExchange handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP): - return( "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS): - return( "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY): - return( "SSL - Processing of the CertificateVerify handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC): - return( "SSL - Processing of the ChangeCipherSpec handshake message failed" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_FINISHED): - return( "SSL - Processing of the Finished handshake message failed" ); - case -(MBEDTLS_ERR_SSL_ALLOC_FAILED): - return( "SSL - Memory allocation failed" ); - case -(MBEDTLS_ERR_SSL_HW_ACCEL_FAILED): - return( "SSL - Hardware acceleration function returned with error" ); - case -(MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH): - return( "SSL - Hardware acceleration function skipped / left alone data" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION): - return( "SSL - Handshake protocol not within min/max boundaries" ); - case -(MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET): - return( "SSL - Processing of the NewSessionTicket handshake message failed" ); - case -(MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED): - return( "SSL - Session ticket has expired" ); - case -(MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH): - return( "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); - case -(MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY): - return( "SSL - Unknown identity received (eg, PSK identity)" ); - case -(MBEDTLS_ERR_SSL_INTERNAL_ERROR): - return( "SSL - Internal error (eg, unexpected failure in lower-level module)" ); - case -(MBEDTLS_ERR_SSL_COUNTER_WRAPPING): - return( "SSL - A counter would wrap (eg, too many messages exchanged)" ); - case -(MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO): - return( "SSL - Unexpected message at ServerHello in renegotiation" ); - case -(MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED): - return( "SSL - DTLS client must retry for hello verification" ); - case -(MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL): - return( "SSL - A buffer is too small to receive or write a message" ); - case -(MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE): - return( "SSL - None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages)" ); - case -(MBEDTLS_ERR_SSL_WANT_READ): - return( "SSL - No data of requested type currently available on underlying transport" ); - case -(MBEDTLS_ERR_SSL_WANT_WRITE): - return( "SSL - Connection requires a write call" ); - case -(MBEDTLS_ERR_SSL_TIMEOUT): - return( "SSL - The operation timed out" ); - case -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT): - return( "SSL - The client initiated a reconnect from the same port" ); - case -(MBEDTLS_ERR_SSL_UNEXPECTED_RECORD): - return( "SSL - Record header looks valid but is not expected" ); - case -(MBEDTLS_ERR_SSL_NON_FATAL): - return( "SSL - The alert message received indicates a non-fatal error" ); - case -(MBEDTLS_ERR_SSL_CONTINUE_PROCESSING): - return( "SSL - Internal-only message signaling that further message-processing should be done" ); - case -(MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS): - return( "SSL - The asynchronous operation is not completed yet" ); - case -(MBEDTLS_ERR_SSL_EARLY_MESSAGE): - return( "SSL - Internal-only message signaling that a message arrived early" ); - case -(MBEDTLS_ERR_SSL_UNEXPECTED_CID): - return( "SSL - An encrypted DTLS-frame with an unexpected CID was received" ); - case -(MBEDTLS_ERR_SSL_VERSION_MISMATCH): - return( "SSL - An operation failed due to an unexpected version or configuration" ); - case -(MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS): - return( "SSL - A cryptographic operation is in progress. Try again later" ); - case -(MBEDTLS_ERR_SSL_BAD_CONFIG): - return( "SSL - Invalid value in SSL config" ); -#endif /* MBEDTLS_SSL_TLS_C */ - -#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) - case -(MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE): - return( "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); - case -(MBEDTLS_ERR_X509_UNKNOWN_OID): - return( "X509 - Requested OID is unknown" ); - case -(MBEDTLS_ERR_X509_INVALID_FORMAT): - return( "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" ); - case -(MBEDTLS_ERR_X509_INVALID_VERSION): - return( "X509 - The CRT/CRL/CSR version element is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_SERIAL): - return( "X509 - The serial tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_ALG): - return( "X509 - The algorithm tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_NAME): - return( "X509 - The name tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_DATE): - return( "X509 - The date tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_SIGNATURE): - return( "X509 - The signature tag or value invalid" ); - case -(MBEDTLS_ERR_X509_INVALID_EXTENSIONS): - return( "X509 - The extension tag or value is invalid" ); - case -(MBEDTLS_ERR_X509_UNKNOWN_VERSION): - return( "X509 - CRT/CRL/CSR has an unsupported version number" ); - case -(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG): - return( "X509 - Signature algorithm (oid) is unsupported" ); - case -(MBEDTLS_ERR_X509_SIG_MISMATCH): - return( "X509 - Signature algorithms do not match. (see \\c ::mbedtls_x509_crt sig_oid)" ); - case -(MBEDTLS_ERR_X509_CERT_VERIFY_FAILED): - return( "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); - case -(MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT): - return( "X509 - Format not recognized as DER or PEM" ); - case -(MBEDTLS_ERR_X509_BAD_INPUT_DATA): - return( "X509 - Input invalid" ); - case -(MBEDTLS_ERR_X509_ALLOC_FAILED): - return( "X509 - Allocation of memory failed" ); - case -(MBEDTLS_ERR_X509_FILE_IO_ERROR): - return( "X509 - Read/write of file failed" ); - case -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL): - return( "X509 - Destination buffer is too small" ); - case -(MBEDTLS_ERR_X509_FATAL_ERROR): - return( "X509 - A fatal error occurred, eg the chain is too long or the vrfy callback failed" ); -#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */ - /* End Auto-Generated Code. */ - - default: - break; - } - - return( NULL ); -} - -const char * mbedtls_low_level_strerr( int error_code ) -{ - int low_level_error_code; - - if( error_code < 0 ) - error_code = -error_code; - - /* Extract the low-level part from the error code. */ - low_level_error_code = error_code & ~0xFF80; - - switch( low_level_error_code ) - { - /* Begin Auto-Generated Code. */ -#if defined(MBEDTLS_AES_C) - case -(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH): - return( "AES - Invalid key length" ); - case -(MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH): - return( "AES - Invalid data input length" ); - case -(MBEDTLS_ERR_AES_BAD_INPUT_DATA): - return( "AES - Invalid input data" ); -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_ARIA_C) - case -(MBEDTLS_ERR_ARIA_BAD_INPUT_DATA): - return( "ARIA - Bad input data" ); - case -(MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH): - return( "ARIA - Invalid data input length" ); -#endif /* MBEDTLS_ARIA_C */ - -#if defined(MBEDTLS_ASN1_PARSE_C) - case -(MBEDTLS_ERR_ASN1_OUT_OF_DATA): - return( "ASN1 - Out of data when parsing an ASN1 data structure" ); - case -(MBEDTLS_ERR_ASN1_UNEXPECTED_TAG): - return( "ASN1 - ASN1 tag was of an unexpected value" ); - case -(MBEDTLS_ERR_ASN1_INVALID_LENGTH): - return( "ASN1 - Error when trying to determine the length or invalid length" ); - case -(MBEDTLS_ERR_ASN1_LENGTH_MISMATCH): - return( "ASN1 - Actual length differs from expected length" ); - case -(MBEDTLS_ERR_ASN1_INVALID_DATA): - return( "ASN1 - Data is invalid" ); - case -(MBEDTLS_ERR_ASN1_ALLOC_FAILED): - return( "ASN1 - Memory allocation failed" ); - case -(MBEDTLS_ERR_ASN1_BUF_TOO_SMALL): - return( "ASN1 - Buffer too small when writing ASN.1 data structure" ); -#endif /* MBEDTLS_ASN1_PARSE_C */ - -#if defined(MBEDTLS_BASE64_C) - case -(MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL): - return( "BASE64 - Output buffer too small" ); - case -(MBEDTLS_ERR_BASE64_INVALID_CHARACTER): - return( "BASE64 - Invalid character in input" ); -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_BIGNUM_C) - case -(MBEDTLS_ERR_MPI_FILE_IO_ERROR): - return( "BIGNUM - An error occurred while reading from or writing to a file" ); - case -(MBEDTLS_ERR_MPI_BAD_INPUT_DATA): - return( "BIGNUM - Bad input parameters to function" ); - case -(MBEDTLS_ERR_MPI_INVALID_CHARACTER): - return( "BIGNUM - There is an invalid character in the digit string" ); - case -(MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL): - return( "BIGNUM - The buffer is too small to write to" ); - case -(MBEDTLS_ERR_MPI_NEGATIVE_VALUE): - return( "BIGNUM - The input arguments are negative or result in illegal output" ); - case -(MBEDTLS_ERR_MPI_DIVISION_BY_ZERO): - return( "BIGNUM - The input argument for division is zero, which is not allowed" ); - case -(MBEDTLS_ERR_MPI_NOT_ACCEPTABLE): - return( "BIGNUM - The input arguments are not acceptable" ); - case -(MBEDTLS_ERR_MPI_ALLOC_FAILED): - return( "BIGNUM - Memory allocation failed" ); -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_BLOWFISH_C) - case -(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA): - return( "BLOWFISH - Bad input data" ); - case -(MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH): - return( "BLOWFISH - Invalid data input length" ); -#endif /* MBEDTLS_BLOWFISH_C */ - -#if defined(MBEDTLS_CAMELLIA_C) - case -(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA): - return( "CAMELLIA - Bad input data" ); - case -(MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH): - return( "CAMELLIA - Invalid data input length" ); -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_CCM_C) - case -(MBEDTLS_ERR_CCM_BAD_INPUT): - return( "CCM - Bad input parameters to the function" ); - case -(MBEDTLS_ERR_CCM_AUTH_FAILED): - return( "CCM - Authenticated decryption failed" ); -#endif /* MBEDTLS_CCM_C */ - -#if defined(MBEDTLS_CHACHA20_C) - case -(MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA): - return( "CHACHA20 - Invalid input parameter(s)" ); -#endif /* MBEDTLS_CHACHA20_C */ - -#if defined(MBEDTLS_CHACHAPOLY_C) - case -(MBEDTLS_ERR_CHACHAPOLY_BAD_STATE): - return( "CHACHAPOLY - The requested operation is not permitted in the current state" ); - case -(MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED): - return( "CHACHAPOLY - Authenticated decryption failed: data was not authentic" ); -#endif /* MBEDTLS_CHACHAPOLY_C */ - -#if defined(MBEDTLS_CTR_DRBG_C) - case -(MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED): - return( "CTR_DRBG - The entropy source failed" ); - case -(MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG): - return( "CTR_DRBG - The requested random buffer length is too big" ); - case -(MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG): - return( "CTR_DRBG - The input (entropy + additional data) is too large" ); - case -(MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR): - return( "CTR_DRBG - Read or write error in file" ); -#endif /* MBEDTLS_CTR_DRBG_C */ - -#if defined(MBEDTLS_DES_C) - case -(MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH): - return( "DES - The data input has an invalid length" ); -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_ENTROPY_C) - case -(MBEDTLS_ERR_ENTROPY_SOURCE_FAILED): - return( "ENTROPY - Critical entropy source failure" ); - case -(MBEDTLS_ERR_ENTROPY_MAX_SOURCES): - return( "ENTROPY - No more sources can be added" ); - case -(MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED): - return( "ENTROPY - No sources have been added to poll" ); - case -(MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE): - return( "ENTROPY - No strong sources have been added to poll" ); - case -(MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR): - return( "ENTROPY - Read/write error in file" ); -#endif /* MBEDTLS_ENTROPY_C */ - -#if defined(MBEDTLS_ERROR_C) - case -(MBEDTLS_ERR_ERROR_GENERIC_ERROR): - return( "ERROR - Generic error" ); - case -(MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED): - return( "ERROR - This is a bug in the library" ); -#endif /* MBEDTLS_ERROR_C */ - -#if defined(MBEDTLS_PLATFORM_C) - case -(MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED): - return( "PLATFORM - Hardware accelerator failed" ); - case -(MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED): - return( "PLATFORM - The requested feature is not supported by the platform" ); -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_GCM_C) - case -(MBEDTLS_ERR_GCM_AUTH_FAILED): - return( "GCM - Authenticated decryption failed" ); - case -(MBEDTLS_ERR_GCM_BAD_INPUT): - return( "GCM - Bad input parameters to function" ); -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_HKDF_C) - case -(MBEDTLS_ERR_HKDF_BAD_INPUT_DATA): - return( "HKDF - Bad input parameters to function" ); -#endif /* MBEDTLS_HKDF_C */ - -#if defined(MBEDTLS_HMAC_DRBG_C) - case -(MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG): - return( "HMAC_DRBG - Too many random requested in single call" ); - case -(MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG): - return( "HMAC_DRBG - Input too large (Entropy + additional)" ); - case -(MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR): - return( "HMAC_DRBG - Read/write error in file" ); - case -(MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED): - return( "HMAC_DRBG - The entropy source failed" ); -#endif /* MBEDTLS_HMAC_DRBG_C */ - -#if defined(MBEDTLS_NET_C) - case -(MBEDTLS_ERR_NET_SOCKET_FAILED): - return( "NET - Failed to open a socket" ); - case -(MBEDTLS_ERR_NET_CONNECT_FAILED): - return( "NET - The connection to the given server / port failed" ); - case -(MBEDTLS_ERR_NET_BIND_FAILED): - return( "NET - Binding of the socket failed" ); - case -(MBEDTLS_ERR_NET_LISTEN_FAILED): - return( "NET - Could not listen on the socket" ); - case -(MBEDTLS_ERR_NET_ACCEPT_FAILED): - return( "NET - Could not accept the incoming connection" ); - case -(MBEDTLS_ERR_NET_RECV_FAILED): - return( "NET - Reading information from the socket failed" ); - case -(MBEDTLS_ERR_NET_SEND_FAILED): - return( "NET - Sending information through the socket failed" ); - case -(MBEDTLS_ERR_NET_CONN_RESET): - return( "NET - Connection was reset by peer" ); - case -(MBEDTLS_ERR_NET_UNKNOWN_HOST): - return( "NET - Failed to get an IP address for the given hostname" ); - case -(MBEDTLS_ERR_NET_BUFFER_TOO_SMALL): - return( "NET - Buffer is too small to hold the data" ); - case -(MBEDTLS_ERR_NET_INVALID_CONTEXT): - return( "NET - The context is invalid, eg because it was free()ed" ); - case -(MBEDTLS_ERR_NET_POLL_FAILED): - return( "NET - Polling the net context failed" ); - case -(MBEDTLS_ERR_NET_BAD_INPUT_DATA): - return( "NET - Input invalid" ); -#endif /* MBEDTLS_NET_C */ - -#if defined(MBEDTLS_OID_C) - case -(MBEDTLS_ERR_OID_NOT_FOUND): - return( "OID - OID is not found" ); - case -(MBEDTLS_ERR_OID_BUF_TOO_SMALL): - return( "OID - output buffer is too small" ); -#endif /* MBEDTLS_OID_C */ - -#if defined(MBEDTLS_POLY1305_C) - case -(MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA): - return( "POLY1305 - Invalid input parameter(s)" ); -#endif /* MBEDTLS_POLY1305_C */ - -#if defined(MBEDTLS_SHA1_C) - case -(MBEDTLS_ERR_SHA1_BAD_INPUT_DATA): - return( "SHA1 - SHA-1 input data was malformed" ); -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - case -(MBEDTLS_ERR_SHA256_BAD_INPUT_DATA): - return( "SHA256 - SHA-256 input data was malformed" ); -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - case -(MBEDTLS_ERR_SHA512_BAD_INPUT_DATA): - return( "SHA512 - SHA-512 input data was malformed" ); -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_THREADING_C) - case -(MBEDTLS_ERR_THREADING_BAD_INPUT_DATA): - return( "THREADING - Bad input parameters to function" ); - case -(MBEDTLS_ERR_THREADING_MUTEX_ERROR): - return( "THREADING - Locking / unlocking / free failed with error code" ); -#endif /* MBEDTLS_THREADING_C */ - -#if defined(MBEDTLS_XTEA_C) - case -(MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH): - return( "XTEA - The data input has an invalid length" ); -#endif /* MBEDTLS_XTEA_C */ - /* End Auto-Generated Code. */ - - default: - break; - } - - return( NULL ); -} - -void mbedtls_strerror( int ret, char *buf, size_t buflen ) -{ - size_t len; - int use_ret; - const char * high_level_error_description = NULL; - const char * low_level_error_description = NULL; - - if( buflen == 0 ) - return; - - memset( buf, 0x00, buflen ); - - if( ret < 0 ) - ret = -ret; - - if( ret & 0xFF80 ) - { - use_ret = ret & 0xFF80; - - // Translate high level error code. - high_level_error_description = mbedtls_high_level_strerr( ret ); - - if( high_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", high_level_error_description ); - -#if defined(MBEDTLS_SSL_TLS_C) - // Early return in case of a fatal error - do not try to translate low - // level code. - if(use_ret == -(MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE)) - return; -#endif /* MBEDTLS_SSL_TLS_C */ - } - - use_ret = ret & ~0xFF80; - - if( use_ret == 0 ) - return; - - // If high level code is present, make a concatenation between both - // error strings. - // - len = strlen( buf ); - - if( len > 0 ) - { - if( buflen - len < 5 ) - return; - - mbedtls_snprintf( buf + len, buflen - len, " : " ); - - buf += len + 3; - buflen -= len + 3; - } - - // Translate low level error code. - low_level_error_description = mbedtls_low_level_strerr( ret ); - - if( low_level_error_description == NULL ) - mbedtls_snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", (unsigned int) use_ret ); - else - mbedtls_snprintf( buf, buflen, "%s", low_level_error_description ); -} - -#else /* MBEDTLS_ERROR_C */ - -/* - * Provide an non-function in case MBEDTLS_ERROR_C is not defined - */ -void mbedtls_strerror( int ret, char *buf, size_t buflen ) -{ - ((void) ret); - - if( buflen > 0 ) - buf[0] = '\0'; -} - -#endif /* MBEDTLS_ERROR_C */ - -#if defined(MBEDTLS_TEST_HOOKS) -void (*mbedtls_test_hook_error_add)( int, int, const char *, int ); -#endif - -#endif /* MBEDTLS_ERROR_C || MBEDTLS_ERROR_STRERROR_DUMMY */ diff --git a/library/version_features.c b/library/version_features.c deleted file mode 100644 index d2de8957d2..0000000000 --- a/library/version_features.c +++ /dev/null @@ -1,842 +0,0 @@ -/* - * Version feature information - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "common.h" - -#if defined(MBEDTLS_VERSION_C) - -#include "mbedtls/version.h" - -#include - -static const char * const features[] = { -#if defined(MBEDTLS_VERSION_FEATURES) -#if defined(MBEDTLS_HAVE_ASM) - "MBEDTLS_HAVE_ASM", -#endif /* MBEDTLS_HAVE_ASM */ -#if defined(MBEDTLS_NO_UDBL_DIVISION) - "MBEDTLS_NO_UDBL_DIVISION", -#endif /* MBEDTLS_NO_UDBL_DIVISION */ -#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) - "MBEDTLS_NO_64BIT_MULTIPLICATION", -#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ -#if defined(MBEDTLS_HAVE_SSE2) - "MBEDTLS_HAVE_SSE2", -#endif /* MBEDTLS_HAVE_SSE2 */ -#if defined(MBEDTLS_HAVE_TIME) - "MBEDTLS_HAVE_TIME", -#endif /* MBEDTLS_HAVE_TIME */ -#if defined(MBEDTLS_HAVE_TIME_DATE) - "MBEDTLS_HAVE_TIME_DATE", -#endif /* MBEDTLS_HAVE_TIME_DATE */ -#if defined(MBEDTLS_PLATFORM_MEMORY) - "MBEDTLS_PLATFORM_MEMORY", -#endif /* MBEDTLS_PLATFORM_MEMORY */ -#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) - "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", -#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ -#if defined(MBEDTLS_PLATFORM_EXIT_ALT) - "MBEDTLS_PLATFORM_EXIT_ALT", -#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ -#if defined(MBEDTLS_PLATFORM_TIME_ALT) - "MBEDTLS_PLATFORM_TIME_ALT", -#endif /* MBEDTLS_PLATFORM_TIME_ALT */ -#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) - "MBEDTLS_PLATFORM_FPRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) - "MBEDTLS_PLATFORM_PRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) - "MBEDTLS_PLATFORM_SNPRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) - "MBEDTLS_PLATFORM_VSNPRINTF_ALT", -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ -#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) - "MBEDTLS_PLATFORM_NV_SEED_ALT", -#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ -#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) - "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", -#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ -#if defined(MBEDTLS_DEPRECATED_WARNING) - "MBEDTLS_DEPRECATED_WARNING", -#endif /* MBEDTLS_DEPRECATED_WARNING */ -#if defined(MBEDTLS_DEPRECATED_REMOVED) - "MBEDTLS_DEPRECATED_REMOVED", -#endif /* MBEDTLS_DEPRECATED_REMOVED */ -#if defined(MBEDTLS_CHECK_PARAMS) - "MBEDTLS_CHECK_PARAMS", -#endif /* MBEDTLS_CHECK_PARAMS */ -#if defined(MBEDTLS_CHECK_PARAMS_ASSERT) - "MBEDTLS_CHECK_PARAMS_ASSERT", -#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */ -#if defined(MBEDTLS_TIMING_ALT) - "MBEDTLS_TIMING_ALT", -#endif /* MBEDTLS_TIMING_ALT */ -#if defined(MBEDTLS_AES_ALT) - "MBEDTLS_AES_ALT", -#endif /* MBEDTLS_AES_ALT */ -#if defined(MBEDTLS_ARC4_ALT) - "MBEDTLS_ARC4_ALT", -#endif /* MBEDTLS_ARC4_ALT */ -#if defined(MBEDTLS_ARIA_ALT) - "MBEDTLS_ARIA_ALT", -#endif /* MBEDTLS_ARIA_ALT */ -#if defined(MBEDTLS_BLOWFISH_ALT) - "MBEDTLS_BLOWFISH_ALT", -#endif /* MBEDTLS_BLOWFISH_ALT */ -#if defined(MBEDTLS_CAMELLIA_ALT) - "MBEDTLS_CAMELLIA_ALT", -#endif /* MBEDTLS_CAMELLIA_ALT */ -#if defined(MBEDTLS_CCM_ALT) - "MBEDTLS_CCM_ALT", -#endif /* MBEDTLS_CCM_ALT */ -#if defined(MBEDTLS_CHACHA20_ALT) - "MBEDTLS_CHACHA20_ALT", -#endif /* MBEDTLS_CHACHA20_ALT */ -#if defined(MBEDTLS_CHACHAPOLY_ALT) - "MBEDTLS_CHACHAPOLY_ALT", -#endif /* MBEDTLS_CHACHAPOLY_ALT */ -#if defined(MBEDTLS_CMAC_ALT) - "MBEDTLS_CMAC_ALT", -#endif /* MBEDTLS_CMAC_ALT */ -#if defined(MBEDTLS_DES_ALT) - "MBEDTLS_DES_ALT", -#endif /* MBEDTLS_DES_ALT */ -#if defined(MBEDTLS_DHM_ALT) - "MBEDTLS_DHM_ALT", -#endif /* MBEDTLS_DHM_ALT */ -#if defined(MBEDTLS_ECJPAKE_ALT) - "MBEDTLS_ECJPAKE_ALT", -#endif /* MBEDTLS_ECJPAKE_ALT */ -#if defined(MBEDTLS_GCM_ALT) - "MBEDTLS_GCM_ALT", -#endif /* MBEDTLS_GCM_ALT */ -#if defined(MBEDTLS_NIST_KW_ALT) - "MBEDTLS_NIST_KW_ALT", -#endif /* MBEDTLS_NIST_KW_ALT */ -#if defined(MBEDTLS_MD2_ALT) - "MBEDTLS_MD2_ALT", -#endif /* MBEDTLS_MD2_ALT */ -#if defined(MBEDTLS_MD4_ALT) - "MBEDTLS_MD4_ALT", -#endif /* MBEDTLS_MD4_ALT */ -#if defined(MBEDTLS_MD5_ALT) - "MBEDTLS_MD5_ALT", -#endif /* MBEDTLS_MD5_ALT */ -#if defined(MBEDTLS_POLY1305_ALT) - "MBEDTLS_POLY1305_ALT", -#endif /* MBEDTLS_POLY1305_ALT */ -#if defined(MBEDTLS_RIPEMD160_ALT) - "MBEDTLS_RIPEMD160_ALT", -#endif /* MBEDTLS_RIPEMD160_ALT */ -#if defined(MBEDTLS_RSA_ALT) - "MBEDTLS_RSA_ALT", -#endif /* MBEDTLS_RSA_ALT */ -#if defined(MBEDTLS_SHA1_ALT) - "MBEDTLS_SHA1_ALT", -#endif /* MBEDTLS_SHA1_ALT */ -#if defined(MBEDTLS_SHA256_ALT) - "MBEDTLS_SHA256_ALT", -#endif /* MBEDTLS_SHA256_ALT */ -#if defined(MBEDTLS_SHA512_ALT) - "MBEDTLS_SHA512_ALT", -#endif /* MBEDTLS_SHA512_ALT */ -#if defined(MBEDTLS_XTEA_ALT) - "MBEDTLS_XTEA_ALT", -#endif /* MBEDTLS_XTEA_ALT */ -#if defined(MBEDTLS_ECP_ALT) - "MBEDTLS_ECP_ALT", -#endif /* MBEDTLS_ECP_ALT */ -#if defined(MBEDTLS_MD2_PROCESS_ALT) - "MBEDTLS_MD2_PROCESS_ALT", -#endif /* MBEDTLS_MD2_PROCESS_ALT */ -#if defined(MBEDTLS_MD4_PROCESS_ALT) - "MBEDTLS_MD4_PROCESS_ALT", -#endif /* MBEDTLS_MD4_PROCESS_ALT */ -#if defined(MBEDTLS_MD5_PROCESS_ALT) - "MBEDTLS_MD5_PROCESS_ALT", -#endif /* MBEDTLS_MD5_PROCESS_ALT */ -#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) - "MBEDTLS_RIPEMD160_PROCESS_ALT", -#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ -#if defined(MBEDTLS_SHA1_PROCESS_ALT) - "MBEDTLS_SHA1_PROCESS_ALT", -#endif /* MBEDTLS_SHA1_PROCESS_ALT */ -#if defined(MBEDTLS_SHA256_PROCESS_ALT) - "MBEDTLS_SHA256_PROCESS_ALT", -#endif /* MBEDTLS_SHA256_PROCESS_ALT */ -#if defined(MBEDTLS_SHA512_PROCESS_ALT) - "MBEDTLS_SHA512_PROCESS_ALT", -#endif /* MBEDTLS_SHA512_PROCESS_ALT */ -#if defined(MBEDTLS_DES_SETKEY_ALT) - "MBEDTLS_DES_SETKEY_ALT", -#endif /* MBEDTLS_DES_SETKEY_ALT */ -#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) - "MBEDTLS_DES_CRYPT_ECB_ALT", -#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ -#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) - "MBEDTLS_DES3_CRYPT_ECB_ALT", -#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ -#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) - "MBEDTLS_AES_SETKEY_ENC_ALT", -#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ -#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) - "MBEDTLS_AES_SETKEY_DEC_ALT", -#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ -#if defined(MBEDTLS_AES_ENCRYPT_ALT) - "MBEDTLS_AES_ENCRYPT_ALT", -#endif /* MBEDTLS_AES_ENCRYPT_ALT */ -#if defined(MBEDTLS_AES_DECRYPT_ALT) - "MBEDTLS_AES_DECRYPT_ALT", -#endif /* MBEDTLS_AES_DECRYPT_ALT */ -#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) - "MBEDTLS_ECDH_GEN_PUBLIC_ALT", -#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ -#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) - "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", -#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ -#if defined(MBEDTLS_ECDSA_VERIFY_ALT) - "MBEDTLS_ECDSA_VERIFY_ALT", -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - "MBEDTLS_ECDSA_SIGN_ALT", -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ -#if defined(MBEDTLS_ECDSA_GENKEY_ALT) - "MBEDTLS_ECDSA_GENKEY_ALT", -#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ -#if defined(MBEDTLS_ECP_INTERNAL_ALT) - "MBEDTLS_ECP_INTERNAL_ALT", -#endif /* MBEDTLS_ECP_INTERNAL_ALT */ -#if defined(MBEDTLS_ECP_NO_FALLBACK) - "MBEDTLS_ECP_NO_FALLBACK", -#endif /* MBEDTLS_ECP_NO_FALLBACK */ -#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", -#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ -#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - "MBEDTLS_ECP_ADD_MIXED_ALT", -#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ -#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - "MBEDTLS_ECP_DOUBLE_JAC_ALT", -#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - "MBEDTLS_ECP_NORMALIZE_JAC_ALT", -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ -#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", -#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ -#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", -#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ -#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", -#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - "MBEDTLS_TEST_NULL_ENTROPY", -#endif /* MBEDTLS_TEST_NULL_ENTROPY */ -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - "MBEDTLS_ENTROPY_HARDWARE_ALT", -#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ -#if defined(MBEDTLS_AES_ROM_TABLES) - "MBEDTLS_AES_ROM_TABLES", -#endif /* MBEDTLS_AES_ROM_TABLES */ -#if defined(MBEDTLS_AES_FEWER_TABLES) - "MBEDTLS_AES_FEWER_TABLES", -#endif /* MBEDTLS_AES_FEWER_TABLES */ -#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) - "MBEDTLS_CAMELLIA_SMALL_MEMORY", -#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ -#if defined(MBEDTLS_CIPHER_MODE_CBC) - "MBEDTLS_CIPHER_MODE_CBC", -#endif /* MBEDTLS_CIPHER_MODE_CBC */ -#if defined(MBEDTLS_CIPHER_MODE_CFB) - "MBEDTLS_CIPHER_MODE_CFB", -#endif /* MBEDTLS_CIPHER_MODE_CFB */ -#if defined(MBEDTLS_CIPHER_MODE_CTR) - "MBEDTLS_CIPHER_MODE_CTR", -#endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if defined(MBEDTLS_CIPHER_MODE_OFB) - "MBEDTLS_CIPHER_MODE_OFB", -#endif /* MBEDTLS_CIPHER_MODE_OFB */ -#if defined(MBEDTLS_CIPHER_MODE_XTS) - "MBEDTLS_CIPHER_MODE_XTS", -#endif /* MBEDTLS_CIPHER_MODE_XTS */ -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) - "MBEDTLS_CIPHER_NULL_CIPHER", -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ -#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - "MBEDTLS_CIPHER_PADDING_PKCS7", -#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ -#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) - "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", -#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) - "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) - "MBEDTLS_CIPHER_PADDING_ZEROS", -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ -#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) - "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", -#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ -#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - "MBEDTLS_REMOVE_3DES_CIPHERSUITES", -#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - "MBEDTLS_ECP_DP_SECP192R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - "MBEDTLS_ECP_DP_SECP224R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - "MBEDTLS_ECP_DP_SECP256R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - "MBEDTLS_ECP_DP_SECP384R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - "MBEDTLS_ECP_DP_SECP521R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - "MBEDTLS_ECP_DP_SECP192K1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - "MBEDTLS_ECP_DP_SECP224K1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - "MBEDTLS_ECP_DP_SECP256K1_ENABLED", -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - "MBEDTLS_ECP_DP_BP256R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - "MBEDTLS_ECP_DP_BP384R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - "MBEDTLS_ECP_DP_BP512R1_ENABLED", -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - "MBEDTLS_ECP_DP_CURVE25519_ENABLED", -#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - "MBEDTLS_ECP_DP_CURVE448_ENABLED", -#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ -#if defined(MBEDTLS_ECP_NIST_OPTIM) - "MBEDTLS_ECP_NIST_OPTIM", -#endif /* MBEDTLS_ECP_NIST_OPTIM */ -#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - "MBEDTLS_ECP_NO_INTERNAL_RNG", -#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ -#if defined(MBEDTLS_ECP_RESTARTABLE) - "MBEDTLS_ECP_RESTARTABLE", -#endif /* MBEDTLS_ECP_RESTARTABLE */ -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - "MBEDTLS_ECDH_LEGACY_CONTEXT", -#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - "MBEDTLS_ECDSA_DETERMINISTIC", -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - "MBEDTLS_PK_PARSE_EC_EXTENDED", -#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ -#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) - "MBEDTLS_ERROR_STRERROR_DUMMY", -#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ -#if defined(MBEDTLS_GENPRIME) - "MBEDTLS_GENPRIME", -#endif /* MBEDTLS_GENPRIME */ -#if defined(MBEDTLS_FS_IO) - "MBEDTLS_FS_IO", -#endif /* MBEDTLS_FS_IO */ -#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) - "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", -#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ -#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) - "MBEDTLS_NO_PLATFORM_ENTROPY", -#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ -#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) - "MBEDTLS_ENTROPY_FORCE_SHA256", -#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ -#if defined(MBEDTLS_ENTROPY_NV_SEED) - "MBEDTLS_ENTROPY_NV_SEED", -#endif /* MBEDTLS_ENTROPY_NV_SEED */ -#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", -#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ -#if defined(MBEDTLS_MEMORY_DEBUG) - "MBEDTLS_MEMORY_DEBUG", -#endif /* MBEDTLS_MEMORY_DEBUG */ -#if defined(MBEDTLS_MEMORY_BACKTRACE) - "MBEDTLS_MEMORY_BACKTRACE", -#endif /* MBEDTLS_MEMORY_BACKTRACE */ -#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - "MBEDTLS_PK_RSA_ALT_SUPPORT", -#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ -#if defined(MBEDTLS_PKCS1_V15) - "MBEDTLS_PKCS1_V15", -#endif /* MBEDTLS_PKCS1_V15 */ -#if defined(MBEDTLS_PKCS1_V21) - "MBEDTLS_PKCS1_V21", -#endif /* MBEDTLS_PKCS1_V21 */ -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ -#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) - "MBEDTLS_PSA_CRYPTO_CLIENT", -#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) - "MBEDTLS_PSA_CRYPTO_DRIVERS", -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ -#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", -#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) - "MBEDTLS_PSA_CRYPTO_SPM", -#endif /* MBEDTLS_PSA_CRYPTO_SPM */ -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) - "MBEDTLS_PSA_INJECT_ENTROPY", -#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ -#if defined(MBEDTLS_RSA_NO_CRT) - "MBEDTLS_RSA_NO_CRT", -#endif /* MBEDTLS_RSA_NO_CRT */ -#if defined(MBEDTLS_SELF_TEST) - "MBEDTLS_SELF_TEST", -#endif /* MBEDTLS_SELF_TEST */ -#if defined(MBEDTLS_SHA256_SMALLER) - "MBEDTLS_SHA256_SMALLER", -#endif /* MBEDTLS_SHA256_SMALLER */ -#if defined(MBEDTLS_SHA512_SMALLER) - "MBEDTLS_SHA512_SMALLER", -#endif /* MBEDTLS_SHA512_SMALLER */ -#if defined(MBEDTLS_SHA512_NO_SHA384) - "MBEDTLS_SHA512_NO_SHA384", -#endif /* MBEDTLS_SHA512_NO_SHA384 */ -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - "MBEDTLS_SSL_ALL_ALERT_MESSAGES", -#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ -#if defined(MBEDTLS_SSL_RECORD_CHECKING) - "MBEDTLS_SSL_RECORD_CHECKING", -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - "MBEDTLS_SSL_DTLS_CONNECTION_ID", -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - "MBEDTLS_SSL_ASYNC_PRIVATE", -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - "MBEDTLS_SSL_CONTEXT_SERIALIZATION", -#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ -#if defined(MBEDTLS_SSL_DEBUG_ALL) - "MBEDTLS_SSL_DEBUG_ALL", -#endif /* MBEDTLS_SSL_DEBUG_ALL */ -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - "MBEDTLS_SSL_ENCRYPT_THEN_MAC", -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - "MBEDTLS_SSL_FALLBACK_SCSV", -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - "MBEDTLS_SSL_CBC_RECORD_SPLITTING", -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ -#if defined(MBEDTLS_SSL_RENEGOTIATION) - "MBEDTLS_SSL_RENEGOTIATION", -#endif /* MBEDTLS_SSL_RENEGOTIATION */ -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", -#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) - "MBEDTLS_SSL_PROTO_TLS1", -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) - "MBEDTLS_SSL_PROTO_TLS1_1", -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - "MBEDTLS_SSL_PROTO_TLS1_2", -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ -#if defined(MBEDTLS_SSL_PROTO_DTLS) - "MBEDTLS_SSL_PROTO_DTLS", -#endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_ALPN) - "MBEDTLS_SSL_ALPN", -#endif /* MBEDTLS_SSL_ALPN */ -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - "MBEDTLS_SSL_DTLS_ANTI_REPLAY", -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - "MBEDTLS_SSL_DTLS_HELLO_VERIFY", -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ -#if defined(MBEDTLS_SSL_DTLS_SRTP) - "MBEDTLS_SSL_DTLS_SRTP", -#endif /* MBEDTLS_SSL_DTLS_SRTP */ -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - "MBEDTLS_SSL_SESSION_TICKETS", -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - "MBEDTLS_SSL_EXPORT_KEYS", -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - "MBEDTLS_SSL_SERVER_NAME_INDICATION", -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - "MBEDTLS_SSL_TRUNCATED_HMAC", -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", -#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) - "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) - "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ -#if defined(MBEDTLS_TEST_HOOKS) - "MBEDTLS_TEST_HOOKS", -#endif /* MBEDTLS_TEST_HOOKS */ -#if defined(MBEDTLS_THREADING_ALT) - "MBEDTLS_THREADING_ALT", -#endif /* MBEDTLS_THREADING_ALT */ -#if defined(MBEDTLS_THREADING_PTHREAD) - "MBEDTLS_THREADING_PTHREAD", -#endif /* MBEDTLS_THREADING_PTHREAD */ -#if defined(MBEDTLS_USE_PSA_CRYPTO) - "MBEDTLS_USE_PSA_CRYPTO", -#endif /* MBEDTLS_USE_PSA_CRYPTO */ -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - "MBEDTLS_PSA_CRYPTO_CONFIG", -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ -#if defined(MBEDTLS_VERSION_FEATURES) - "MBEDTLS_VERSION_FEATURES", -#endif /* MBEDTLS_VERSION_FEATURES */ -#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", -#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ -#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", -#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - "MBEDTLS_X509_CHECK_KEY_USAGE", -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ -#if defined(MBEDTLS_X509_REMOVE_INFO) - "MBEDTLS_X509_REMOVE_INFO", -#endif /* MBEDTLS_X509_REMOVE_INFO */ -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - "MBEDTLS_X509_RSASSA_PSS_SUPPORT", -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ -#if defined(MBEDTLS_AESNI_C) - "MBEDTLS_AESNI_C", -#endif /* MBEDTLS_AESNI_C */ -#if defined(MBEDTLS_AES_C) - "MBEDTLS_AES_C", -#endif /* MBEDTLS_AES_C */ -#if defined(MBEDTLS_ARC4_C) - "MBEDTLS_ARC4_C", -#endif /* MBEDTLS_ARC4_C */ -#if defined(MBEDTLS_ASN1_PARSE_C) - "MBEDTLS_ASN1_PARSE_C", -#endif /* MBEDTLS_ASN1_PARSE_C */ -#if defined(MBEDTLS_ASN1_WRITE_C) - "MBEDTLS_ASN1_WRITE_C", -#endif /* MBEDTLS_ASN1_WRITE_C */ -#if defined(MBEDTLS_BASE64_C) - "MBEDTLS_BASE64_C", -#endif /* MBEDTLS_BASE64_C */ -#if defined(MBEDTLS_BIGNUM_C) - "MBEDTLS_BIGNUM_C", -#endif /* MBEDTLS_BIGNUM_C */ -#if defined(MBEDTLS_BLOWFISH_C) - "MBEDTLS_BLOWFISH_C", -#endif /* MBEDTLS_BLOWFISH_C */ -#if defined(MBEDTLS_CAMELLIA_C) - "MBEDTLS_CAMELLIA_C", -#endif /* MBEDTLS_CAMELLIA_C */ -#if defined(MBEDTLS_ARIA_C) - "MBEDTLS_ARIA_C", -#endif /* MBEDTLS_ARIA_C */ -#if defined(MBEDTLS_CCM_C) - "MBEDTLS_CCM_C", -#endif /* MBEDTLS_CCM_C */ -#if defined(MBEDTLS_CHACHA20_C) - "MBEDTLS_CHACHA20_C", -#endif /* MBEDTLS_CHACHA20_C */ -#if defined(MBEDTLS_CHACHAPOLY_C) - "MBEDTLS_CHACHAPOLY_C", -#endif /* MBEDTLS_CHACHAPOLY_C */ -#if defined(MBEDTLS_CIPHER_C) - "MBEDTLS_CIPHER_C", -#endif /* MBEDTLS_CIPHER_C */ -#if defined(MBEDTLS_CMAC_C) - "MBEDTLS_CMAC_C", -#endif /* MBEDTLS_CMAC_C */ -#if defined(MBEDTLS_CTR_DRBG_C) - "MBEDTLS_CTR_DRBG_C", -#endif /* MBEDTLS_CTR_DRBG_C */ -#if defined(MBEDTLS_DEBUG_C) - "MBEDTLS_DEBUG_C", -#endif /* MBEDTLS_DEBUG_C */ -#if defined(MBEDTLS_DES_C) - "MBEDTLS_DES_C", -#endif /* MBEDTLS_DES_C */ -#if defined(MBEDTLS_DHM_C) - "MBEDTLS_DHM_C", -#endif /* MBEDTLS_DHM_C */ -#if defined(MBEDTLS_ECDH_C) - "MBEDTLS_ECDH_C", -#endif /* MBEDTLS_ECDH_C */ -#if defined(MBEDTLS_ECDSA_C) - "MBEDTLS_ECDSA_C", -#endif /* MBEDTLS_ECDSA_C */ -#if defined(MBEDTLS_ECJPAKE_C) - "MBEDTLS_ECJPAKE_C", -#endif /* MBEDTLS_ECJPAKE_C */ -#if defined(MBEDTLS_ECP_C) - "MBEDTLS_ECP_C", -#endif /* MBEDTLS_ECP_C */ -#if defined(MBEDTLS_ENTROPY_C) - "MBEDTLS_ENTROPY_C", -#endif /* MBEDTLS_ENTROPY_C */ -#if defined(MBEDTLS_ERROR_C) - "MBEDTLS_ERROR_C", -#endif /* MBEDTLS_ERROR_C */ -#if defined(MBEDTLS_GCM_C) - "MBEDTLS_GCM_C", -#endif /* MBEDTLS_GCM_C */ -#if defined(MBEDTLS_HKDF_C) - "MBEDTLS_HKDF_C", -#endif /* MBEDTLS_HKDF_C */ -#if defined(MBEDTLS_HMAC_DRBG_C) - "MBEDTLS_HMAC_DRBG_C", -#endif /* MBEDTLS_HMAC_DRBG_C */ -#if defined(MBEDTLS_NIST_KW_C) - "MBEDTLS_NIST_KW_C", -#endif /* MBEDTLS_NIST_KW_C */ -#if defined(MBEDTLS_MD_C) - "MBEDTLS_MD_C", -#endif /* MBEDTLS_MD_C */ -#if defined(MBEDTLS_MD2_C) - "MBEDTLS_MD2_C", -#endif /* MBEDTLS_MD2_C */ -#if defined(MBEDTLS_MD4_C) - "MBEDTLS_MD4_C", -#endif /* MBEDTLS_MD4_C */ -#if defined(MBEDTLS_MD5_C) - "MBEDTLS_MD5_C", -#endif /* MBEDTLS_MD5_C */ -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - "MBEDTLS_MEMORY_BUFFER_ALLOC_C", -#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ -#if defined(MBEDTLS_NET_C) - "MBEDTLS_NET_C", -#endif /* MBEDTLS_NET_C */ -#if defined(MBEDTLS_OID_C) - "MBEDTLS_OID_C", -#endif /* MBEDTLS_OID_C */ -#if defined(MBEDTLS_PADLOCK_C) - "MBEDTLS_PADLOCK_C", -#endif /* MBEDTLS_PADLOCK_C */ -#if defined(MBEDTLS_PEM_PARSE_C) - "MBEDTLS_PEM_PARSE_C", -#endif /* MBEDTLS_PEM_PARSE_C */ -#if defined(MBEDTLS_PEM_WRITE_C) - "MBEDTLS_PEM_WRITE_C", -#endif /* MBEDTLS_PEM_WRITE_C */ -#if defined(MBEDTLS_PK_C) - "MBEDTLS_PK_C", -#endif /* MBEDTLS_PK_C */ -#if defined(MBEDTLS_PK_PARSE_C) - "MBEDTLS_PK_PARSE_C", -#endif /* MBEDTLS_PK_PARSE_C */ -#if defined(MBEDTLS_PK_WRITE_C) - "MBEDTLS_PK_WRITE_C", -#endif /* MBEDTLS_PK_WRITE_C */ -#if defined(MBEDTLS_PKCS5_C) - "MBEDTLS_PKCS5_C", -#endif /* MBEDTLS_PKCS5_C */ -#if defined(MBEDTLS_PKCS12_C) - "MBEDTLS_PKCS12_C", -#endif /* MBEDTLS_PKCS12_C */ -#if defined(MBEDTLS_PLATFORM_C) - "MBEDTLS_PLATFORM_C", -#endif /* MBEDTLS_PLATFORM_C */ -#if defined(MBEDTLS_POLY1305_C) - "MBEDTLS_POLY1305_C", -#endif /* MBEDTLS_POLY1305_C */ -#if defined(MBEDTLS_PSA_CRYPTO_C) - "MBEDTLS_PSA_CRYPTO_C", -#endif /* MBEDTLS_PSA_CRYPTO_C */ -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - "MBEDTLS_PSA_CRYPTO_SE_C", -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - "MBEDTLS_PSA_CRYPTO_STORAGE_C", -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ -#if defined(MBEDTLS_PSA_ITS_FILE_C) - "MBEDTLS_PSA_ITS_FILE_C", -#endif /* MBEDTLS_PSA_ITS_FILE_C */ -#if defined(MBEDTLS_RIPEMD160_C) - "MBEDTLS_RIPEMD160_C", -#endif /* MBEDTLS_RIPEMD160_C */ -#if defined(MBEDTLS_RSA_C) - "MBEDTLS_RSA_C", -#endif /* MBEDTLS_RSA_C */ -#if defined(MBEDTLS_SHA1_C) - "MBEDTLS_SHA1_C", -#endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) - "MBEDTLS_SHA256_C", -#endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) - "MBEDTLS_SHA512_C", -#endif /* MBEDTLS_SHA512_C */ -#if defined(MBEDTLS_SSL_CACHE_C) - "MBEDTLS_SSL_CACHE_C", -#endif /* MBEDTLS_SSL_CACHE_C */ -#if defined(MBEDTLS_SSL_COOKIE_C) - "MBEDTLS_SSL_COOKIE_C", -#endif /* MBEDTLS_SSL_COOKIE_C */ -#if defined(MBEDTLS_SSL_TICKET_C) - "MBEDTLS_SSL_TICKET_C", -#endif /* MBEDTLS_SSL_TICKET_C */ -#if defined(MBEDTLS_SSL_CLI_C) - "MBEDTLS_SSL_CLI_C", -#endif /* MBEDTLS_SSL_CLI_C */ -#if defined(MBEDTLS_SSL_SRV_C) - "MBEDTLS_SSL_SRV_C", -#endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_TLS_C) - "MBEDTLS_SSL_TLS_C", -#endif /* MBEDTLS_SSL_TLS_C */ -#if defined(MBEDTLS_THREADING_C) - "MBEDTLS_THREADING_C", -#endif /* MBEDTLS_THREADING_C */ -#if defined(MBEDTLS_TIMING_C) - "MBEDTLS_TIMING_C", -#endif /* MBEDTLS_TIMING_C */ -#if defined(MBEDTLS_VERSION_C) - "MBEDTLS_VERSION_C", -#endif /* MBEDTLS_VERSION_C */ -#if defined(MBEDTLS_X509_USE_C) - "MBEDTLS_X509_USE_C", -#endif /* MBEDTLS_X509_USE_C */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) - "MBEDTLS_X509_CRT_PARSE_C", -#endif /* MBEDTLS_X509_CRT_PARSE_C */ -#if defined(MBEDTLS_X509_CRL_PARSE_C) - "MBEDTLS_X509_CRL_PARSE_C", -#endif /* MBEDTLS_X509_CRL_PARSE_C */ -#if defined(MBEDTLS_X509_CSR_PARSE_C) - "MBEDTLS_X509_CSR_PARSE_C", -#endif /* MBEDTLS_X509_CSR_PARSE_C */ -#if defined(MBEDTLS_X509_CREATE_C) - "MBEDTLS_X509_CREATE_C", -#endif /* MBEDTLS_X509_CREATE_C */ -#if defined(MBEDTLS_X509_CRT_WRITE_C) - "MBEDTLS_X509_CRT_WRITE_C", -#endif /* MBEDTLS_X509_CRT_WRITE_C */ -#if defined(MBEDTLS_X509_CSR_WRITE_C) - "MBEDTLS_X509_CSR_WRITE_C", -#endif /* MBEDTLS_X509_CSR_WRITE_C */ -#if defined(MBEDTLS_XTEA_C) - "MBEDTLS_XTEA_C", -#endif /* MBEDTLS_XTEA_C */ -#endif /* MBEDTLS_VERSION_FEATURES */ - NULL -}; - -int mbedtls_version_check_feature( const char *feature ) -{ - const char * const *idx = features; - - if( *idx == NULL ) - return( -2 ); - - if( feature == NULL ) - return( -1 ); - - while( *idx != NULL ) - { - if( !strcmp( *idx, feature ) ) - return( 0 ); - idx++; - } - return( -1 ); -} - -#endif /* MBEDTLS_VERSION_C */ diff --git a/programs/psa/psa_constant_names_generated.c b/programs/psa/psa_constant_names_generated.c deleted file mode 100644 index 0b256a272d..0000000000 --- a/programs/psa/psa_constant_names_generated.c +++ /dev/null @@ -1,449 +0,0 @@ -/* Automatically generated by generate_psa_constant.py. DO NOT EDIT. */ - -static const char *psa_strerror(psa_status_t status) -{ - switch (status) { - case PSA_ERROR_ALREADY_EXISTS: return "PSA_ERROR_ALREADY_EXISTS"; - case PSA_ERROR_BAD_STATE: return "PSA_ERROR_BAD_STATE"; - case PSA_ERROR_BUFFER_TOO_SMALL: return "PSA_ERROR_BUFFER_TOO_SMALL"; - case PSA_ERROR_COMMUNICATION_FAILURE: return "PSA_ERROR_COMMUNICATION_FAILURE"; - case PSA_ERROR_CORRUPTION_DETECTED: return "PSA_ERROR_CORRUPTION_DETECTED"; - case PSA_ERROR_DATA_CORRUPT: return "PSA_ERROR_DATA_CORRUPT"; - case PSA_ERROR_DATA_INVALID: return "PSA_ERROR_DATA_INVALID"; - case PSA_ERROR_DOES_NOT_EXIST: return "PSA_ERROR_DOES_NOT_EXIST"; - case PSA_ERROR_GENERIC_ERROR: return "PSA_ERROR_GENERIC_ERROR"; - case PSA_ERROR_HARDWARE_FAILURE: return "PSA_ERROR_HARDWARE_FAILURE"; - case PSA_ERROR_INSUFFICIENT_DATA: return "PSA_ERROR_INSUFFICIENT_DATA"; - case PSA_ERROR_INSUFFICIENT_ENTROPY: return "PSA_ERROR_INSUFFICIENT_ENTROPY"; - case PSA_ERROR_INSUFFICIENT_MEMORY: return "PSA_ERROR_INSUFFICIENT_MEMORY"; - case PSA_ERROR_INSUFFICIENT_STORAGE: return "PSA_ERROR_INSUFFICIENT_STORAGE"; - case PSA_ERROR_INVALID_ARGUMENT: return "PSA_ERROR_INVALID_ARGUMENT"; - case PSA_ERROR_INVALID_HANDLE: return "PSA_ERROR_INVALID_HANDLE"; - case PSA_ERROR_INVALID_PADDING: return "PSA_ERROR_INVALID_PADDING"; - case PSA_ERROR_INVALID_SIGNATURE: return "PSA_ERROR_INVALID_SIGNATURE"; - case PSA_ERROR_NOT_PERMITTED: return "PSA_ERROR_NOT_PERMITTED"; - case PSA_ERROR_NOT_SUPPORTED: return "PSA_ERROR_NOT_SUPPORTED"; - case PSA_ERROR_STORAGE_FAILURE: return "PSA_ERROR_STORAGE_FAILURE"; - case PSA_SUCCESS: return "PSA_SUCCESS"; - default: return NULL; - } -} - -static const char *psa_ecc_family_name(psa_ecc_family_t curve) -{ - switch (curve) { - case PSA_ECC_FAMILY_BRAINPOOL_P_R1: return "PSA_ECC_FAMILY_BRAINPOOL_P_R1"; - case PSA_ECC_FAMILY_MONTGOMERY: return "PSA_ECC_FAMILY_MONTGOMERY"; - case PSA_ECC_FAMILY_SECP_K1: return "PSA_ECC_FAMILY_SECP_K1"; - case PSA_ECC_FAMILY_SECP_R1: return "PSA_ECC_FAMILY_SECP_R1"; - case PSA_ECC_FAMILY_SECP_R2: return "PSA_ECC_FAMILY_SECP_R2"; - case PSA_ECC_FAMILY_SECT_K1: return "PSA_ECC_FAMILY_SECT_K1"; - case PSA_ECC_FAMILY_SECT_R1: return "PSA_ECC_FAMILY_SECT_R1"; - case PSA_ECC_FAMILY_SECT_R2: return "PSA_ECC_FAMILY_SECT_R2"; - case PSA_ECC_FAMILY_TWISTED_EDWARDS: return "PSA_ECC_FAMILY_TWISTED_EDWARDS"; - default: return NULL; - } -} - -static const char *psa_dh_family_name(psa_dh_family_t group) -{ - switch (group) { - case PSA_DH_FAMILY_CUSTOM: return "PSA_DH_FAMILY_CUSTOM"; - case PSA_DH_FAMILY_RFC7919: return "PSA_DH_FAMILY_RFC7919"; - default: return NULL; - } -} - -static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg) -{ - switch (hash_alg) { - case PSA_ALG_ANY_HASH: return "PSA_ALG_ANY_HASH"; - case PSA_ALG_CATEGORY_HASH: return "PSA_ALG_CATEGORY_HASH"; - case PSA_ALG_MD2: return "PSA_ALG_MD2"; - case PSA_ALG_MD4: return "PSA_ALG_MD4"; - case PSA_ALG_MD5: return "PSA_ALG_MD5"; - case PSA_ALG_RIPEMD160: return "PSA_ALG_RIPEMD160"; - case PSA_ALG_SHA3_224: return "PSA_ALG_SHA3_224"; - case PSA_ALG_SHA3_256: return "PSA_ALG_SHA3_256"; - case PSA_ALG_SHA3_384: return "PSA_ALG_SHA3_384"; - case PSA_ALG_SHA3_512: return "PSA_ALG_SHA3_512"; - case PSA_ALG_SHAKE256_512: return "PSA_ALG_SHAKE256_512"; - case PSA_ALG_SHA_1: return "PSA_ALG_SHA_1"; - case PSA_ALG_SHA_224: return "PSA_ALG_SHA_224"; - case PSA_ALG_SHA_256: return "PSA_ALG_SHA_256"; - case PSA_ALG_SHA_384: return "PSA_ALG_SHA_384"; - case PSA_ALG_SHA_512: return "PSA_ALG_SHA_512"; - case PSA_ALG_SHA_512_224: return "PSA_ALG_SHA_512_224"; - case PSA_ALG_SHA_512_256: return "PSA_ALG_SHA_512_256"; - default: return NULL; - } -} - -static const char *psa_ka_algorithm_name(psa_algorithm_t ka_alg) -{ - switch (ka_alg) { - case PSA_ALG_CATEGORY_KEY_AGREEMENT: return "PSA_ALG_CATEGORY_KEY_AGREEMENT"; - case PSA_ALG_ECDH: return "PSA_ALG_ECDH"; - case PSA_ALG_FFDH: return "PSA_ALG_FFDH"; - default: return NULL; - } -} - -static int psa_snprint_key_type(char *buffer, size_t buffer_size, - psa_key_type_t type) -{ - size_t required_size = 0; - switch (type) { - case PSA_KEY_TYPE_AES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_AES", 16); break; - case PSA_KEY_TYPE_ARC4: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ARC4", 17); break; - case PSA_KEY_TYPE_CAMELLIA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CAMELLIA", 21); break; - case PSA_KEY_TYPE_CATEGORY_FLAG_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_FLAG_PAIR", 31); break; - case PSA_KEY_TYPE_CATEGORY_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_KEY_PAIR", 30); break; - case PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_PUBLIC_KEY", 32); break; - case PSA_KEY_TYPE_CATEGORY_RAW: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_RAW", 25); break; - case PSA_KEY_TYPE_CATEGORY_SYMMETRIC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CATEGORY_SYMMETRIC", 31); break; - case PSA_KEY_TYPE_CHACHA20: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_CHACHA20", 21); break; - case PSA_KEY_TYPE_DERIVE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DERIVE", 19); break; - case PSA_KEY_TYPE_DES: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DES", 16); break; - case PSA_KEY_TYPE_DH_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_KEY_PAIR_BASE", 29); break; - case PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE", 31); break; - case PSA_KEY_TYPE_DSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_KEY_PAIR", 25); break; - case PSA_KEY_TYPE_DSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_DSA_PUBLIC_KEY", 27); break; - case PSA_KEY_TYPE_ECC_KEY_PAIR_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_KEY_PAIR_BASE", 30); break; - case PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE", 32); break; - case PSA_KEY_TYPE_HMAC: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_HMAC", 17); break; - case PSA_KEY_TYPE_NONE: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_NONE", 17); break; - case PSA_KEY_TYPE_PASSWORD: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PASSWORD", 21); break; - case PSA_KEY_TYPE_PASSWORD_HASH: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PASSWORD_HASH", 26); break; - case PSA_KEY_TYPE_PEPPER: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_PEPPER", 19); break; - case PSA_KEY_TYPE_RAW_DATA: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RAW_DATA", 21); break; - case PSA_KEY_TYPE_RSA_KEY_PAIR: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_KEY_PAIR", 25); break; - case PSA_KEY_TYPE_RSA_PUBLIC_KEY: append(&buffer, buffer_size, &required_size, "PSA_KEY_TYPE_RSA_PUBLIC_KEY", 27); break; - default: - if (PSA_KEY_TYPE_IS_ECC_KEY_PAIR(type)) { - append_with_curve(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_ECC_KEY_PAIR", 25, - PSA_KEY_TYPE_ECC_GET_FAMILY(type)); - } else if (PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type)) { - append_with_curve(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_ECC_PUBLIC_KEY", 27, - PSA_KEY_TYPE_ECC_GET_FAMILY(type)); - } else if (PSA_KEY_TYPE_IS_DH_KEY_PAIR(type)) { - append_with_group(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_DH_KEY_PAIR", 24, - PSA_KEY_TYPE_DH_GET_FAMILY(type)); - } else if (PSA_KEY_TYPE_IS_DH_PUBLIC_KEY(type)) { - append_with_group(&buffer, buffer_size, &required_size, - "PSA_KEY_TYPE_DH_PUBLIC_KEY", 26, - PSA_KEY_TYPE_DH_GET_FAMILY(type)); - } else { - return snprintf(buffer, buffer_size, - "0x%04x", (unsigned) type); - } - break; - } - buffer[0] = 0; - return (int) required_size; -} - -#define NO_LENGTH_MODIFIER 0xfffffffflu -static int psa_snprint_algorithm(char *buffer, size_t buffer_size, - psa_algorithm_t alg) -{ - size_t required_size = 0; - psa_algorithm_t core_alg = alg; - unsigned long length_modifier = NO_LENGTH_MODIFIER; - if (PSA_ALG_IS_MAC(alg)) { - core_alg = PSA_ALG_TRUNCATED_MAC(alg, 0); - if (alg & PSA_ALG_MAC_AT_LEAST_THIS_LENGTH_FLAG) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(", 33); - length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); - } else if (core_alg != alg) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_TRUNCATED_MAC(", 22); - length_modifier = PSA_MAC_TRUNCATED_LENGTH(alg); - } - } else if (PSA_ALG_IS_AEAD(alg)) { - core_alg = PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG(alg); - if (core_alg == 0) { - /* For unknown AEAD algorithms, there is no "default tag length". */ - core_alg = alg; - } else if (alg & PSA_ALG_AEAD_AT_LEAST_THIS_LENGTH_FLAG) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG(", 43); - length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); - } else if (core_alg != alg) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_AEAD_WITH_SHORTENED_TAG(", 32); - length_modifier = PSA_ALG_AEAD_GET_TAG_LENGTH(alg); - } - } else if (PSA_ALG_IS_KEY_AGREEMENT(alg) && - !PSA_ALG_IS_RAW_KEY_AGREEMENT(alg)) { - core_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF(alg); - append(&buffer, buffer_size, &required_size, - "PSA_ALG_KEY_AGREEMENT(", 22); - append_with_alg(&buffer, buffer_size, &required_size, - psa_ka_algorithm_name, - PSA_ALG_KEY_AGREEMENT_GET_BASE(alg)); - append(&buffer, buffer_size, &required_size, ", ", 2); - } - switch (core_alg) { - case PSA_ALG_ANY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ANY_HASH", 16); break; - case PSA_ALG_CATEGORY_AEAD: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_AEAD", 21); break; - case PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION", 38); break; - case PSA_ALG_CATEGORY_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_CIPHER", 23); break; - case PSA_ALG_CATEGORY_HASH: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_HASH", 21); break; - case PSA_ALG_CATEGORY_KEY_AGREEMENT: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_AGREEMENT", 30); break; - case PSA_ALG_CATEGORY_KEY_DERIVATION: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_KEY_DERIVATION", 31); break; - case PSA_ALG_CATEGORY_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_MAC", 20); break; - case PSA_ALG_CATEGORY_SIGN: append(&buffer, buffer_size, &required_size, "PSA_ALG_CATEGORY_SIGN", 21); break; - case PSA_ALG_CBC_MAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_MAC", 15); break; - case PSA_ALG_CBC_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_NO_PADDING", 22); break; - case PSA_ALG_CBC_PKCS7: append(&buffer, buffer_size, &required_size, "PSA_ALG_CBC_PKCS7", 17); break; - case PSA_ALG_CCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_CCM", 11); break; - case PSA_ALG_CFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_CFB", 11); break; - case PSA_ALG_CHACHA20_POLY1305: append(&buffer, buffer_size, &required_size, "PSA_ALG_CHACHA20_POLY1305", 25); break; - case PSA_ALG_CIPHER_MAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_CIPHER_MAC_BASE", 23); break; - case PSA_ALG_CMAC: append(&buffer, buffer_size, &required_size, "PSA_ALG_CMAC", 12); break; - case PSA_ALG_CTR: append(&buffer, buffer_size, &required_size, "PSA_ALG_CTR", 11); break; - case PSA_ALG_DETERMINISTIC_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_DSA_BASE", 30); break; - case PSA_ALG_DETERMINISTIC_ECDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DETERMINISTIC_ECDSA_BASE", 32); break; - case PSA_ALG_DSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_DSA_BASE", 16); break; - case PSA_ALG_ECB_NO_PADDING: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECB_NO_PADDING", 22); break; - case PSA_ALG_ECDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDH", 12); break; - case PSA_ALG_ECDSA_ANY: append(&buffer, buffer_size, &required_size, "PSA_ALG_ECDSA_ANY", 17); break; - case PSA_ALG_ED25519PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED25519PH", 17); break; - case PSA_ALG_ED448PH: append(&buffer, buffer_size, &required_size, "PSA_ALG_ED448PH", 15); break; - case PSA_ALG_FFDH: append(&buffer, buffer_size, &required_size, "PSA_ALG_FFDH", 12); break; - case PSA_ALG_GCM: append(&buffer, buffer_size, &required_size, "PSA_ALG_GCM", 11); break; - case PSA_ALG_HASH_EDDSA_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HASH_EDDSA_BASE", 23); break; - case PSA_ALG_HKDF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HKDF_BASE", 17); break; - case PSA_ALG_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_HMAC_BASE", 17); break; - case PSA_ALG_MD2: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD2", 11); break; - case PSA_ALG_MD4: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD4", 11); break; - case PSA_ALG_MD5: append(&buffer, buffer_size, &required_size, "PSA_ALG_MD5", 11); break; - case PSA_ALG_OFB: append(&buffer, buffer_size, &required_size, "PSA_ALG_OFB", 11); break; - case PSA_ALG_PBKDF2_AES_CMAC_PRF_128: append(&buffer, buffer_size, &required_size, "PSA_ALG_PBKDF2_AES_CMAC_PRF_128", 31); break; - case PSA_ALG_PBKDF2_HMAC_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_PBKDF2_HMAC_BASE", 24); break; - case PSA_ALG_PURE_EDDSA: append(&buffer, buffer_size, &required_size, "PSA_ALG_PURE_EDDSA", 18); break; - case PSA_ALG_RIPEMD160: append(&buffer, buffer_size, &required_size, "PSA_ALG_RIPEMD160", 17); break; - case PSA_ALG_RSA_OAEP_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_OAEP_BASE", 21); break; - case PSA_ALG_RSA_PKCS1V15_CRYPT: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_CRYPT", 26); break; - case PSA_ALG_RSA_PKCS1V15_SIGN_RAW: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PKCS1V15_SIGN_RAW", 29); break; - case PSA_ALG_RSA_PSS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_RSA_PSS_BASE", 20); break; - case PSA_ALG_SHA3_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_224", 16); break; - case PSA_ALG_SHA3_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_256", 16); break; - case PSA_ALG_SHA3_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_384", 16); break; - case PSA_ALG_SHA3_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA3_512", 16); break; - case PSA_ALG_SHAKE256_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHAKE256_512", 20); break; - case PSA_ALG_SHA_1: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_1", 13); break; - case PSA_ALG_SHA_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_224", 15); break; - case PSA_ALG_SHA_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_256", 15); break; - case PSA_ALG_SHA_384: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_384", 15); break; - case PSA_ALG_SHA_512: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512", 15); break; - case PSA_ALG_SHA_512_224: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_224", 19); break; - case PSA_ALG_SHA_512_256: append(&buffer, buffer_size, &required_size, "PSA_ALG_SHA_512_256", 19); break; - case PSA_ALG_STREAM_CIPHER: append(&buffer, buffer_size, &required_size, "PSA_ALG_STREAM_CIPHER", 21); break; - case PSA_ALG_TLS12_PRF_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PRF_BASE", 22); break; - case PSA_ALG_TLS12_PSK_TO_MS_BASE: append(&buffer, buffer_size, &required_size, "PSA_ALG_TLS12_PSK_TO_MS_BASE", 28); break; - case PSA_ALG_XTS: append(&buffer, buffer_size, &required_size, "PSA_ALG_XTS", 11); break; - default: - if (PSA_ALG_IS_DETERMINISTIC_DSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_DETERMINISTIC_DSA(", 25 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_DETERMINISTIC_ECDSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_DETERMINISTIC_ECDSA(", 27 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RANDOMIZED_DSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_DSA(", 11 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RANDOMIZED_ECDSA(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_ECDSA(", 13 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_HKDF(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_HKDF(", 12 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_HMAC(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_HMAC(", 12 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_PBKDF2_HMAC(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_PBKDF2_HMAC(", 19 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RSA_OAEP(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_RSA_OAEP(", 16 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_RSA_PKCS1V15_SIGN(", 25 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_RSA_PSS(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_RSA_PSS(", 15 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_TLS12_PRF(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_TLS12_PRF(", 17 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else if (PSA_ALG_IS_TLS12_PSK_TO_MS(core_alg)) { - append(&buffer, buffer_size, &required_size, - "PSA_ALG_TLS12_PSK_TO_MS(", 23 + 1); - append_with_alg(&buffer, buffer_size, &required_size, - psa_hash_algorithm_name, - PSA_ALG_GET_HASH(core_alg)); - append(&buffer, buffer_size, &required_size, ")", 1); - } else { - append_integer(&buffer, buffer_size, &required_size, - "0x%08lx", (unsigned long) core_alg); - } - break; - } - if (core_alg != alg) { - if (length_modifier != NO_LENGTH_MODIFIER) { - append(&buffer, buffer_size, &required_size, ", ", 2); - append_integer(&buffer, buffer_size, &required_size, - "%lu", length_modifier); - } - append(&buffer, buffer_size, &required_size, ")", 1); - } - buffer[0] = 0; - return (int) required_size; -} - -static int psa_snprint_key_usage(char *buffer, size_t buffer_size, - psa_key_usage_t usage) -{ - size_t required_size = 0; - if (usage == 0) { - if (buffer_size > 1) { - buffer[0] = '0'; - buffer[1] = 0; - } else if (buffer_size == 1) { - buffer[0] = 0; - } - return 1; - } - if (usage & PSA_KEY_USAGE_COPY) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_COPY", 18); - usage ^= PSA_KEY_USAGE_COPY; - } - if (usage & PSA_KEY_USAGE_DECRYPT) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DECRYPT", 21); - usage ^= PSA_KEY_USAGE_DECRYPT; - } - if (usage & PSA_KEY_USAGE_DERIVE) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_DERIVE", 20); - usage ^= PSA_KEY_USAGE_DERIVE; - } - if (usage & PSA_KEY_USAGE_ENCRYPT) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_ENCRYPT", 21); - usage ^= PSA_KEY_USAGE_ENCRYPT; - } - if (usage & PSA_KEY_USAGE_EXPORT) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_EXPORT", 20); - usage ^= PSA_KEY_USAGE_EXPORT; - } - if (usage & PSA_KEY_USAGE_SIGN_HASH) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_HASH", 23); - usage ^= PSA_KEY_USAGE_SIGN_HASH; - } - if (usage & PSA_KEY_USAGE_SIGN_MESSAGE) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_SIGN_MESSAGE", 26); - usage ^= PSA_KEY_USAGE_SIGN_MESSAGE; - } - if (usage & PSA_KEY_USAGE_VERIFY_DERIVATION) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_DERIVATION", 31); - usage ^= PSA_KEY_USAGE_VERIFY_DERIVATION; - } - if (usage & PSA_KEY_USAGE_VERIFY_HASH) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_HASH", 25); - usage ^= PSA_KEY_USAGE_VERIFY_HASH; - } - if (usage & PSA_KEY_USAGE_VERIFY_MESSAGE) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append(&buffer, buffer_size, &required_size, "PSA_KEY_USAGE_VERIFY_MESSAGE", 28); - usage ^= PSA_KEY_USAGE_VERIFY_MESSAGE; - } - if (usage != 0) { - if (required_size != 0) { - append(&buffer, buffer_size, &required_size, " | ", 3); - } - append_integer(&buffer, buffer_size, &required_size, - "0x%08lx", (unsigned long) usage); - } else { - buffer[0] = 0; - } - return (int) required_size; -} - -/* End of automatically generated file. */ diff --git a/programs/test/query_config.c b/programs/test/query_config.c deleted file mode 100644 index c6c4d1f04f..0000000000 --- a/programs/test/query_config.c +++ /dev/null @@ -1,2724 +0,0 @@ -/* - * Query Mbed TLS compile time configurations from config.h - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#if !defined(MBEDTLS_CONFIG_FILE) -#include "mbedtls/config.h" -#else -#include MBEDTLS_CONFIG_FILE -#endif - -#include "query_config.h" - -#if defined(MBEDTLS_PLATFORM_C) -#include "mbedtls/platform.h" -#else -#include -#define mbedtls_printf printf -#endif /* MBEDTLS_PLATFORM_C */ - -/* - * Include all the headers with public APIs in case they define a macro to its - * default value when that configuration is not set in the config.h. - */ -#include "mbedtls/aes.h" -#include "mbedtls/arc4.h" -#include "mbedtls/aria.h" -#include "mbedtls/asn1.h" -#include "mbedtls/asn1write.h" -#include "mbedtls/base64.h" -#include "mbedtls/bignum.h" -#include "mbedtls/blowfish.h" -#include "mbedtls/camellia.h" -#include "mbedtls/ccm.h" -#include "mbedtls/chacha20.h" -#include "mbedtls/chachapoly.h" -#include "mbedtls/cipher.h" -#include "mbedtls/cmac.h" -#include "mbedtls/ctr_drbg.h" -#include "mbedtls/debug.h" -#include "mbedtls/des.h" -#include "mbedtls/dhm.h" -#include "mbedtls/ecdh.h" -#include "mbedtls/ecdsa.h" -#include "mbedtls/ecjpake.h" -#include "mbedtls/ecp.h" -#include "mbedtls/entropy.h" -#include "mbedtls/error.h" -#include "mbedtls/gcm.h" -#include "mbedtls/hkdf.h" -#include "mbedtls/hmac_drbg.h" -#include "mbedtls/md.h" -#include "mbedtls/md2.h" -#include "mbedtls/md4.h" -#include "mbedtls/md5.h" -#include "mbedtls/memory_buffer_alloc.h" -#include "mbedtls/net_sockets.h" -#include "mbedtls/nist_kw.h" -#include "mbedtls/oid.h" -#include "mbedtls/pem.h" -#include "mbedtls/pk.h" -#include "mbedtls/pkcs12.h" -#include "mbedtls/pkcs5.h" -#include "mbedtls/platform_time.h" -#include "mbedtls/platform_util.h" -#include "mbedtls/poly1305.h" -#include "mbedtls/ripemd160.h" -#include "mbedtls/rsa.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" -#include "mbedtls/ssl.h" -#include "mbedtls/ssl_cache.h" -#include "mbedtls/ssl_ciphersuites.h" -#include "mbedtls/ssl_cookie.h" -#include "mbedtls/ssl_ticket.h" -#include "mbedtls/threading.h" -#include "mbedtls/timing.h" -#include "mbedtls/version.h" -#include "mbedtls/x509.h" -#include "mbedtls/x509_crl.h" -#include "mbedtls/x509_crt.h" -#include "mbedtls/x509_csr.h" -#include "mbedtls/xtea.h" - -#include - -/* - * Helper macros to convert a macro or its expansion into a string - * WARNING: This does not work for expanding function-like macros. However, - * Mbed TLS does not currently have configuration options used in this fashion. - */ -#define MACRO_EXPANSION_TO_STR(macro) MACRO_NAME_TO_STR(macro) -#define MACRO_NAME_TO_STR(macro) \ - mbedtls_printf( "%s", strlen( #macro "" ) > 0 ? #macro "\n" : "" ) - -#if defined(_MSC_VER) -/* - * Visual Studio throws the warning 4003 because many Mbed TLS feature macros - * are defined empty. This means that from the preprocessor's point of view - * the macro MBEDTLS_EXPANSION_TO_STR is being invoked without arguments as - * some macros expand to nothing. We suppress that specific warning to get a - * clean build and to ensure that tests treating warnings as errors do not - * fail. - */ -#pragma warning(push) -#pragma warning(disable:4003) -#endif /* _MSC_VER */ - -int query_config( const char *config ) -{ -#if defined(MBEDTLS_HAVE_ASM) - if( strcmp( "MBEDTLS_HAVE_ASM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_ASM ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_ASM */ - -#if defined(MBEDTLS_NO_UDBL_DIVISION) - if( strcmp( "MBEDTLS_NO_UDBL_DIVISION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_UDBL_DIVISION ); - return( 0 ); - } -#endif /* MBEDTLS_NO_UDBL_DIVISION */ - -#if defined(MBEDTLS_NO_64BIT_MULTIPLICATION) - if( strcmp( "MBEDTLS_NO_64BIT_MULTIPLICATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_64BIT_MULTIPLICATION ); - return( 0 ); - } -#endif /* MBEDTLS_NO_64BIT_MULTIPLICATION */ - -#if defined(MBEDTLS_HAVE_SSE2) - if( strcmp( "MBEDTLS_HAVE_SSE2", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_SSE2 ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_SSE2 */ - -#if defined(MBEDTLS_HAVE_TIME) - if( strcmp( "MBEDTLS_HAVE_TIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_TIME */ - -#if defined(MBEDTLS_HAVE_TIME_DATE) - if( strcmp( "MBEDTLS_HAVE_TIME_DATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HAVE_TIME_DATE ); - return( 0 ); - } -#endif /* MBEDTLS_HAVE_TIME_DATE */ - -#if defined(MBEDTLS_PLATFORM_MEMORY) - if( strcmp( "MBEDTLS_PLATFORM_MEMORY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_MEMORY ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_MEMORY */ - -#if defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) - if( strcmp( "MBEDTLS_PLATFORM_NO_STD_FUNCTIONS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NO_STD_FUNCTIONS ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */ - -#if defined(MBEDTLS_PLATFORM_EXIT_ALT) - if( strcmp( "MBEDTLS_PLATFORM_EXIT_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_EXIT_ALT */ - -#if defined(MBEDTLS_PLATFORM_TIME_ALT) - if( strcmp( "MBEDTLS_PLATFORM_TIME_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_TIME_ALT */ - -#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_PRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) - if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_ALT */ - -#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) - if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NV_SEED_ALT */ - -#if defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT) - if( strcmp( "MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */ - -#if defined(MBEDTLS_DEPRECATED_WARNING) - if( strcmp( "MBEDTLS_DEPRECATED_WARNING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_WARNING ); - return( 0 ); - } -#endif /* MBEDTLS_DEPRECATED_WARNING */ - -#if defined(MBEDTLS_DEPRECATED_REMOVED) - if( strcmp( "MBEDTLS_DEPRECATED_REMOVED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEPRECATED_REMOVED ); - return( 0 ); - } -#endif /* MBEDTLS_DEPRECATED_REMOVED */ - -#if defined(MBEDTLS_CHECK_PARAMS) - if( strcmp( "MBEDTLS_CHECK_PARAMS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS ); - return( 0 ); - } -#endif /* MBEDTLS_CHECK_PARAMS */ - -#if defined(MBEDTLS_CHECK_PARAMS_ASSERT) - if( strcmp( "MBEDTLS_CHECK_PARAMS_ASSERT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHECK_PARAMS_ASSERT ); - return( 0 ); - } -#endif /* MBEDTLS_CHECK_PARAMS_ASSERT */ - -#if defined(MBEDTLS_TIMING_ALT) - if( strcmp( "MBEDTLS_TIMING_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_TIMING_ALT */ - -#if defined(MBEDTLS_AES_ALT) - if( strcmp( "MBEDTLS_AES_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_ALT */ - -#if defined(MBEDTLS_ARC4_ALT) - if( strcmp( "MBEDTLS_ARC4_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ARC4_ALT */ - -#if defined(MBEDTLS_ARIA_ALT) - if( strcmp( "MBEDTLS_ARIA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ARIA_ALT */ - -#if defined(MBEDTLS_BLOWFISH_ALT) - if( strcmp( "MBEDTLS_BLOWFISH_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_BLOWFISH_ALT */ - -#if defined(MBEDTLS_CAMELLIA_ALT) - if( strcmp( "MBEDTLS_CAMELLIA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CAMELLIA_ALT */ - -#if defined(MBEDTLS_CCM_ALT) - if( strcmp( "MBEDTLS_CCM_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CCM_ALT */ - -#if defined(MBEDTLS_CHACHA20_ALT) - if( strcmp( "MBEDTLS_CHACHA20_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHA20_ALT */ - -#if defined(MBEDTLS_CHACHAPOLY_ALT) - if( strcmp( "MBEDTLS_CHACHAPOLY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHAPOLY_ALT */ - -#if defined(MBEDTLS_CMAC_ALT) - if( strcmp( "MBEDTLS_CMAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_CMAC_ALT */ - -#if defined(MBEDTLS_DES_ALT) - if( strcmp( "MBEDTLS_DES_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES_ALT */ - -#if defined(MBEDTLS_DHM_ALT) - if( strcmp( "MBEDTLS_DHM_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DHM_ALT */ - -#if defined(MBEDTLS_ECJPAKE_ALT) - if( strcmp( "MBEDTLS_ECJPAKE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECJPAKE_ALT */ - -#if defined(MBEDTLS_GCM_ALT) - if( strcmp( "MBEDTLS_GCM_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_GCM_ALT */ - -#if defined(MBEDTLS_NIST_KW_ALT) - if( strcmp( "MBEDTLS_NIST_KW_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_NIST_KW_ALT */ - -#if defined(MBEDTLS_MD2_ALT) - if( strcmp( "MBEDTLS_MD2_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD2_ALT */ - -#if defined(MBEDTLS_MD4_ALT) - if( strcmp( "MBEDTLS_MD4_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD4_ALT */ - -#if defined(MBEDTLS_MD5_ALT) - if( strcmp( "MBEDTLS_MD5_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD5_ALT */ - -#if defined(MBEDTLS_POLY1305_ALT) - if( strcmp( "MBEDTLS_POLY1305_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_POLY1305_ALT */ - -#if defined(MBEDTLS_RIPEMD160_ALT) - if( strcmp( "MBEDTLS_RIPEMD160_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_RIPEMD160_ALT */ - -#if defined(MBEDTLS_RSA_ALT) - if( strcmp( "MBEDTLS_RSA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_RSA_ALT */ - -#if defined(MBEDTLS_SHA1_ALT) - if( strcmp( "MBEDTLS_SHA1_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA1_ALT */ - -#if defined(MBEDTLS_SHA256_ALT) - if( strcmp( "MBEDTLS_SHA256_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_ALT */ - -#if defined(MBEDTLS_SHA512_ALT) - if( strcmp( "MBEDTLS_SHA512_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_ALT */ - -#if defined(MBEDTLS_XTEA_ALT) - if( strcmp( "MBEDTLS_XTEA_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_XTEA_ALT */ - -#if defined(MBEDTLS_ECP_ALT) - if( strcmp( "MBEDTLS_ECP_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_ALT */ - -#if defined(MBEDTLS_MD2_PROCESS_ALT) - if( strcmp( "MBEDTLS_MD2_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD2_PROCESS_ALT */ - -#if defined(MBEDTLS_MD4_PROCESS_ALT) - if( strcmp( "MBEDTLS_MD4_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD4_PROCESS_ALT */ - -#if defined(MBEDTLS_MD5_PROCESS_ALT) - if( strcmp( "MBEDTLS_MD5_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_MD5_PROCESS_ALT */ - -#if defined(MBEDTLS_RIPEMD160_PROCESS_ALT) - if( strcmp( "MBEDTLS_RIPEMD160_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_RIPEMD160_PROCESS_ALT */ - -#if defined(MBEDTLS_SHA1_PROCESS_ALT) - if( strcmp( "MBEDTLS_SHA1_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA1_PROCESS_ALT */ - -#if defined(MBEDTLS_SHA256_PROCESS_ALT) - if( strcmp( "MBEDTLS_SHA256_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_PROCESS_ALT */ - -#if defined(MBEDTLS_SHA512_PROCESS_ALT) - if( strcmp( "MBEDTLS_SHA512_PROCESS_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_PROCESS_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_PROCESS_ALT */ - -#if defined(MBEDTLS_DES_SETKEY_ALT) - if( strcmp( "MBEDTLS_DES_SETKEY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_SETKEY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES_SETKEY_ALT */ - -#if defined(MBEDTLS_DES_CRYPT_ECB_ALT) - if( strcmp( "MBEDTLS_DES_CRYPT_ECB_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_CRYPT_ECB_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES_CRYPT_ECB_ALT */ - -#if defined(MBEDTLS_DES3_CRYPT_ECB_ALT) - if( strcmp( "MBEDTLS_DES3_CRYPT_ECB_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES3_CRYPT_ECB_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_DES3_CRYPT_ECB_ALT */ - -#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) - if( strcmp( "MBEDTLS_AES_SETKEY_ENC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_ENC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_SETKEY_ENC_ALT */ - -#if defined(MBEDTLS_AES_SETKEY_DEC_ALT) - if( strcmp( "MBEDTLS_AES_SETKEY_DEC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_SETKEY_DEC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_SETKEY_DEC_ALT */ - -#if defined(MBEDTLS_AES_ENCRYPT_ALT) - if( strcmp( "MBEDTLS_AES_ENCRYPT_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ENCRYPT_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_ENCRYPT_ALT */ - -#if defined(MBEDTLS_AES_DECRYPT_ALT) - if( strcmp( "MBEDTLS_AES_DECRYPT_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_DECRYPT_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_AES_DECRYPT_ALT */ - -#if defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) - if( strcmp( "MBEDTLS_ECDH_GEN_PUBLIC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_GEN_PUBLIC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_GEN_PUBLIC_ALT */ - -#if defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) - if( strcmp( "MBEDTLS_ECDH_COMPUTE_SHARED_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_COMPUTE_SHARED_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ - -#if defined(MBEDTLS_ECDSA_VERIFY_ALT) - if( strcmp( "MBEDTLS_ECDSA_VERIFY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_VERIFY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ - -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - if( strcmp( "MBEDTLS_ECDSA_SIGN_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_SIGN_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ - -#if defined(MBEDTLS_ECDSA_GENKEY_ALT) - if( strcmp( "MBEDTLS_ECDSA_GENKEY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_GENKEY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_GENKEY_ALT */ - -#if defined(MBEDTLS_ECP_INTERNAL_ALT) - if( strcmp( "MBEDTLS_ECP_INTERNAL_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_INTERNAL_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_INTERNAL_ALT */ - -#if defined(MBEDTLS_ECP_NO_FALLBACK) - if( strcmp( "MBEDTLS_ECP_NO_FALLBACK", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_FALLBACK ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NO_FALLBACK */ - -#if defined(MBEDTLS_ECP_RANDOMIZE_JAC_ALT) - if( strcmp( "MBEDTLS_ECP_RANDOMIZE_JAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_JAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_RANDOMIZE_JAC_ALT */ - -#if defined(MBEDTLS_ECP_ADD_MIXED_ALT) - if( strcmp( "MBEDTLS_ECP_ADD_MIXED_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_ADD_MIXED_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_ADD_MIXED_ALT */ - -#if defined(MBEDTLS_ECP_DOUBLE_JAC_ALT) - if( strcmp( "MBEDTLS_ECP_DOUBLE_JAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_JAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DOUBLE_JAC_ALT */ - -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT) - if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_MANY_ALT */ - -#if defined(MBEDTLS_ECP_NORMALIZE_JAC_ALT) - if( strcmp( "MBEDTLS_ECP_NORMALIZE_JAC_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_JAC_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NORMALIZE_JAC_ALT */ - -#if defined(MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT) - if( strcmp( "MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DOUBLE_ADD_MXZ_ALT */ - -#if defined(MBEDTLS_ECP_RANDOMIZE_MXZ_ALT) - if( strcmp( "MBEDTLS_ECP_RANDOMIZE_MXZ_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RANDOMIZE_MXZ_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_RANDOMIZE_MXZ_ALT */ - -#if defined(MBEDTLS_ECP_NORMALIZE_MXZ_ALT) - if( strcmp( "MBEDTLS_ECP_NORMALIZE_MXZ_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NORMALIZE_MXZ_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NORMALIZE_MXZ_ALT */ - -#if defined(MBEDTLS_TEST_NULL_ENTROPY) - if( strcmp( "MBEDTLS_TEST_NULL_ENTROPY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_NULL_ENTROPY ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_NULL_ENTROPY */ - -#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT) - if( strcmp( "MBEDTLS_ENTROPY_HARDWARE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_HARDWARE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_HARDWARE_ALT */ - -#if defined(MBEDTLS_AES_ROM_TABLES) - if( strcmp( "MBEDTLS_AES_ROM_TABLES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_ROM_TABLES ); - return( 0 ); - } -#endif /* MBEDTLS_AES_ROM_TABLES */ - -#if defined(MBEDTLS_AES_FEWER_TABLES) - if( strcmp( "MBEDTLS_AES_FEWER_TABLES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_FEWER_TABLES ); - return( 0 ); - } -#endif /* MBEDTLS_AES_FEWER_TABLES */ - -#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY) - if( strcmp( "MBEDTLS_CAMELLIA_SMALL_MEMORY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_SMALL_MEMORY ); - return( 0 ); - } -#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */ - -#if defined(MBEDTLS_CIPHER_MODE_CBC) - if( strcmp( "MBEDTLS_CIPHER_MODE_CBC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CBC ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CBC */ - -#if defined(MBEDTLS_CIPHER_MODE_CFB) - if( strcmp( "MBEDTLS_CIPHER_MODE_CFB", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CFB ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CFB */ - -#if defined(MBEDTLS_CIPHER_MODE_CTR) - if( strcmp( "MBEDTLS_CIPHER_MODE_CTR", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_CTR ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_CTR */ - -#if defined(MBEDTLS_CIPHER_MODE_OFB) - if( strcmp( "MBEDTLS_CIPHER_MODE_OFB", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_OFB ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_OFB */ - -#if defined(MBEDTLS_CIPHER_MODE_XTS) - if( strcmp( "MBEDTLS_CIPHER_MODE_XTS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_MODE_XTS ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_MODE_XTS */ - -#if defined(MBEDTLS_CIPHER_NULL_CIPHER) - if( strcmp( "MBEDTLS_CIPHER_NULL_CIPHER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_NULL_CIPHER ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_NULL_CIPHER */ - -#if defined(MBEDTLS_CIPHER_PADDING_PKCS7) - if( strcmp( "MBEDTLS_CIPHER_PADDING_PKCS7", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_PKCS7 ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */ - -#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS) - if( strcmp( "MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */ - -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN) - if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */ - -#if defined(MBEDTLS_CIPHER_PADDING_ZEROS) - if( strcmp( "MBEDTLS_CIPHER_PADDING_ZEROS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_PADDING_ZEROS ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */ - -#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) - if( strcmp( "MBEDTLS_CTR_DRBG_USE_128_BIT_KEY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_USE_128_BIT_KEY ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_USE_128_BIT_KEY */ - -#if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( strcmp( "MBEDTLS_REMOVE_3DES_CIPHERSUITES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_REMOVE_3DES_CIPHERSUITES ); - return( 0 ); - } -#endif /* MBEDTLS_REMOVE_3DES_CIPHERSUITES */ - -#if defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP192R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP192R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP224R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP224R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP256R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP384R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP384R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP521R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP521R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP521R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP192K1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP192K1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP192K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP224K1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP224K1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP224K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_SECP256K1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_SECP256K1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_SECP256K1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_BP256R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP256R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_BP256R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_BP384R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP384R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_BP384R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_BP512R1_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_BP512R1_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_BP512R1_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_CURVE25519_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE25519_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_CURVE25519_ENABLED */ - -#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) - if( strcmp( "MBEDTLS_ECP_DP_CURVE448_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_DP_CURVE448_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_DP_CURVE448_ENABLED */ - -#if defined(MBEDTLS_ECP_NIST_OPTIM) - if( strcmp( "MBEDTLS_ECP_NIST_OPTIM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NIST_OPTIM ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NIST_OPTIM */ - -#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG) - if( strcmp( "MBEDTLS_ECP_NO_INTERNAL_RNG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_NO_INTERNAL_RNG ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */ - -#if defined(MBEDTLS_ECP_RESTARTABLE) - if( strcmp( "MBEDTLS_ECP_RESTARTABLE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_RESTARTABLE ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_RESTARTABLE */ - -#if defined(MBEDTLS_ECDH_LEGACY_CONTEXT) - if( strcmp( "MBEDTLS_ECDH_LEGACY_CONTEXT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_LEGACY_CONTEXT ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_LEGACY_CONTEXT */ - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - if( strcmp( "MBEDTLS_ECDSA_DETERMINISTIC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_DETERMINISTIC ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_DETERMINISTIC */ - -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED */ - -#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( strcmp( "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ - -#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) - if( strcmp( "MBEDTLS_PK_PARSE_EC_EXTENDED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_EC_EXTENDED ); - return( 0 ); - } -#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ - -#if defined(MBEDTLS_ERROR_STRERROR_DUMMY) - if( strcmp( "MBEDTLS_ERROR_STRERROR_DUMMY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_STRERROR_DUMMY ); - return( 0 ); - } -#endif /* MBEDTLS_ERROR_STRERROR_DUMMY */ - -#if defined(MBEDTLS_GENPRIME) - if( strcmp( "MBEDTLS_GENPRIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_GENPRIME ); - return( 0 ); - } -#endif /* MBEDTLS_GENPRIME */ - -#if defined(MBEDTLS_FS_IO) - if( strcmp( "MBEDTLS_FS_IO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_FS_IO ); - return( 0 ); - } -#endif /* MBEDTLS_FS_IO */ - -#if defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) - if( strcmp( "MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES ); - return( 0 ); - } -#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */ - -#if defined(MBEDTLS_NO_PLATFORM_ENTROPY) - if( strcmp( "MBEDTLS_NO_PLATFORM_ENTROPY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NO_PLATFORM_ENTROPY ); - return( 0 ); - } -#endif /* MBEDTLS_NO_PLATFORM_ENTROPY */ - -#if defined(MBEDTLS_ENTROPY_FORCE_SHA256) - if( strcmp( "MBEDTLS_ENTROPY_FORCE_SHA256", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_FORCE_SHA256 ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_FORCE_SHA256 */ - -#if defined(MBEDTLS_ENTROPY_NV_SEED) - if( strcmp( "MBEDTLS_ENTROPY_NV_SEED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_NV_SEED ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_NV_SEED */ - -#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER) - if( strcmp( "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ - -#if defined(MBEDTLS_MEMORY_DEBUG) - if( strcmp( "MBEDTLS_MEMORY_DEBUG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_DEBUG ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_DEBUG */ - -#if defined(MBEDTLS_MEMORY_BACKTRACE) - if( strcmp( "MBEDTLS_MEMORY_BACKTRACE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BACKTRACE ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_BACKTRACE */ - -#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) - if( strcmp( "MBEDTLS_PK_RSA_ALT_SUPPORT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_RSA_ALT_SUPPORT ); - return( 0 ); - } -#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ - -#if defined(MBEDTLS_PKCS1_V15) - if( strcmp( "MBEDTLS_PKCS1_V15", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V15 ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS1_V15 */ - -#if defined(MBEDTLS_PKCS1_V21) - if( strcmp( "MBEDTLS_PKCS1_V21", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS1_V21 ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS1_V21 */ - -#if defined(MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS) - if( strcmp( "MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */ - -#if defined(MBEDTLS_PSA_CRYPTO_CLIENT) - if( strcmp( "MBEDTLS_PSA_CRYPTO_CLIENT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CLIENT ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_CLIENT */ - -#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) - if( strcmp( "MBEDTLS_PSA_CRYPTO_DRIVERS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_DRIVERS ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */ - -#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) - if( strcmp( "MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */ - -#if defined(MBEDTLS_PSA_CRYPTO_SPM) - if( strcmp( "MBEDTLS_PSA_CRYPTO_SPM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SPM ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SPM */ - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) - if( strcmp( "MBEDTLS_PSA_INJECT_ENTROPY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_INJECT_ENTROPY ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ - -#if defined(MBEDTLS_RSA_NO_CRT) - if( strcmp( "MBEDTLS_RSA_NO_CRT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_NO_CRT ); - return( 0 ); - } -#endif /* MBEDTLS_RSA_NO_CRT */ - -#if defined(MBEDTLS_SELF_TEST) - if( strcmp( "MBEDTLS_SELF_TEST", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SELF_TEST ); - return( 0 ); - } -#endif /* MBEDTLS_SELF_TEST */ - -#if defined(MBEDTLS_SHA256_SMALLER) - if( strcmp( "MBEDTLS_SHA256_SMALLER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_SMALLER ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_SMALLER */ - -#if defined(MBEDTLS_SHA512_SMALLER) - if( strcmp( "MBEDTLS_SHA512_SMALLER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_SMALLER ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_SMALLER */ - -#if defined(MBEDTLS_SHA512_NO_SHA384) - if( strcmp( "MBEDTLS_SHA512_NO_SHA384", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_NO_SHA384 ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_NO_SHA384 */ - -#if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) - if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALL_ALERT_MESSAGES ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ - -#if defined(MBEDTLS_SSL_RECORD_CHECKING) - if( strcmp( "MBEDTLS_SSL_RECORD_CHECKING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RECORD_CHECKING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RECORD_CHECKING */ - -#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) - if( strcmp( "MBEDTLS_SSL_DTLS_CONNECTION_ID", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CONNECTION_ID ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ - -#if defined(MBEDTLS_SSL_ASYNC_PRIVATE) - if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ASYNC_PRIVATE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - -#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION) - if( strcmp( "MBEDTLS_SSL_CONTEXT_SERIALIZATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONTEXT_SERIALIZATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */ - -#if defined(MBEDTLS_SSL_DEBUG_ALL) - if( strcmp( "MBEDTLS_SSL_DEBUG_ALL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DEBUG_ALL ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DEBUG_ALL */ - -#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - if( strcmp( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ENCRYPT_THEN_MAC ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */ - -#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) - if( strcmp( "MBEDTLS_SSL_EXTENDED_MASTER_SECRET", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXTENDED_MASTER_SECRET ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ - -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( strcmp( "MBEDTLS_SSL_FALLBACK_SCSV", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_FALLBACK_SCSV ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ - -#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) - if( strcmp( "MBEDTLS_SSL_KEEP_PEER_CERTIFICATE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_KEEP_PEER_CERTIFICATE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( strcmp( "MBEDTLS_SSL_CBC_RECORD_SPLITTING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CBC_RECORD_SPLITTING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - -#if defined(MBEDTLS_SSL_RENEGOTIATION) - if( strcmp( "MBEDTLS_SSL_RENEGOTIATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_RENEGOTIATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_RENEGOTIATION */ - -#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) - if( strcmp( "MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE */ - -#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) - if( strcmp( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_MAX_FRAGMENT_LENGTH ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_1", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_1 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_2", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_2 ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) - if( strcmp( "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ - -#if defined(MBEDTLS_SSL_PROTO_DTLS) - if( strcmp( "MBEDTLS_SSL_PROTO_DTLS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_PROTO_DTLS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -#if defined(MBEDTLS_SSL_ALPN) - if( strcmp( "MBEDTLS_SSL_ALPN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_ALPN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_ALPN */ - -#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) - if( strcmp( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_ANTI_REPLAY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ - -#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) - if( strcmp( "MBEDTLS_SSL_DTLS_HELLO_VERIFY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_HELLO_VERIFY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */ - -#if defined(MBEDTLS_SSL_DTLS_SRTP) - if( strcmp( "MBEDTLS_SSL_DTLS_SRTP", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_SRTP ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_SRTP */ - -#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) - if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */ - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) - if( strcmp( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_BADMAC_LIMIT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ - -#if defined(MBEDTLS_SSL_SESSION_TICKETS) - if( strcmp( "MBEDTLS_SSL_SESSION_TICKETS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SESSION_TICKETS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SESSION_TICKETS */ - -#if defined(MBEDTLS_SSL_EXPORT_KEYS) - if( strcmp( "MBEDTLS_SSL_EXPORT_KEYS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_EXPORT_KEYS ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_EXPORT_KEYS */ - -#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) - if( strcmp( "MBEDTLS_SSL_SERVER_NAME_INDICATION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SERVER_NAME_INDICATION ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ - -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - if( strcmp( "MBEDTLS_SSL_TRUNCATED_HMAC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TRUNCATED_HMAC ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ - -#if defined(MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH) - if( strcmp( "MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ - -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) - if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN */ - -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) - if( strcmp( "MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ - -#if defined(MBEDTLS_TEST_HOOKS) - if( strcmp( "MBEDTLS_TEST_HOOKS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TEST_HOOKS ); - return( 0 ); - } -#endif /* MBEDTLS_TEST_HOOKS */ - -#if defined(MBEDTLS_THREADING_ALT) - if( strcmp( "MBEDTLS_THREADING_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_THREADING_ALT */ - -#if defined(MBEDTLS_THREADING_PTHREAD) - if( strcmp( "MBEDTLS_THREADING_PTHREAD", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_PTHREAD ); - return( 0 ); - } -#endif /* MBEDTLS_THREADING_PTHREAD */ - -#if defined(MBEDTLS_USE_PSA_CRYPTO) - if( strcmp( "MBEDTLS_USE_PSA_CRYPTO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_USE_PSA_CRYPTO ); - return( 0 ); - } -#endif /* MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG) - if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */ - -#if defined(MBEDTLS_VERSION_FEATURES) - if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_FEATURES ); - return( 0 ); - } -#endif /* MBEDTLS_VERSION_FEATURES */ - -#if defined(MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3) - if( strcmp( "MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 ); - return( 0 ); - } -#endif /* MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 */ - -#if defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) - if( strcmp( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION ); - return( 0 ); - } -#endif /* MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION */ - -#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) - if( strcmp( "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK ); - return( 0 ); - } -#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ - -#if defined(MBEDTLS_X509_CHECK_KEY_USAGE) - if( strcmp( "MBEDTLS_X509_CHECK_KEY_USAGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_KEY_USAGE ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CHECK_KEY_USAGE */ - -#if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) - if( strcmp( "MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ - -#if defined(MBEDTLS_X509_REMOVE_INFO) - if( strcmp( "MBEDTLS_X509_REMOVE_INFO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_REMOVE_INFO ); - return( 0 ); - } -#endif /* MBEDTLS_X509_REMOVE_INFO */ - -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) - if( strcmp( "MBEDTLS_X509_RSASSA_PSS_SUPPORT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_RSASSA_PSS_SUPPORT ); - return( 0 ); - } -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ - -#if defined(MBEDTLS_AESNI_C) - if( strcmp( "MBEDTLS_AESNI_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AESNI_C ); - return( 0 ); - } -#endif /* MBEDTLS_AESNI_C */ - -#if defined(MBEDTLS_AES_C) - if( strcmp( "MBEDTLS_AES_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_AES_C ); - return( 0 ); - } -#endif /* MBEDTLS_AES_C */ - -#if defined(MBEDTLS_ARC4_C) - if( strcmp( "MBEDTLS_ARC4_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ARC4_C ); - return( 0 ); - } -#endif /* MBEDTLS_ARC4_C */ - -#if defined(MBEDTLS_ASN1_PARSE_C) - if( strcmp( "MBEDTLS_ASN1_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_ASN1_PARSE_C */ - -#if defined(MBEDTLS_ASN1_WRITE_C) - if( strcmp( "MBEDTLS_ASN1_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ASN1_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_ASN1_WRITE_C */ - -#if defined(MBEDTLS_BASE64_C) - if( strcmp( "MBEDTLS_BASE64_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_BASE64_C ); - return( 0 ); - } -#endif /* MBEDTLS_BASE64_C */ - -#if defined(MBEDTLS_BIGNUM_C) - if( strcmp( "MBEDTLS_BIGNUM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_BIGNUM_C ); - return( 0 ); - } -#endif /* MBEDTLS_BIGNUM_C */ - -#if defined(MBEDTLS_BLOWFISH_C) - if( strcmp( "MBEDTLS_BLOWFISH_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_BLOWFISH_C ); - return( 0 ); - } -#endif /* MBEDTLS_BLOWFISH_C */ - -#if defined(MBEDTLS_CAMELLIA_C) - if( strcmp( "MBEDTLS_CAMELLIA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CAMELLIA_C ); - return( 0 ); - } -#endif /* MBEDTLS_CAMELLIA_C */ - -#if defined(MBEDTLS_ARIA_C) - if( strcmp( "MBEDTLS_ARIA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ARIA_C ); - return( 0 ); - } -#endif /* MBEDTLS_ARIA_C */ - -#if defined(MBEDTLS_CCM_C) - if( strcmp( "MBEDTLS_CCM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CCM_C ); - return( 0 ); - } -#endif /* MBEDTLS_CCM_C */ - -#if defined(MBEDTLS_CHACHA20_C) - if( strcmp( "MBEDTLS_CHACHA20_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHA20_C ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHA20_C */ - -#if defined(MBEDTLS_CHACHAPOLY_C) - if( strcmp( "MBEDTLS_CHACHAPOLY_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CHACHAPOLY_C ); - return( 0 ); - } -#endif /* MBEDTLS_CHACHAPOLY_C */ - -#if defined(MBEDTLS_CIPHER_C) - if( strcmp( "MBEDTLS_CIPHER_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CIPHER_C ); - return( 0 ); - } -#endif /* MBEDTLS_CIPHER_C */ - -#if defined(MBEDTLS_CMAC_C) - if( strcmp( "MBEDTLS_CMAC_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CMAC_C ); - return( 0 ); - } -#endif /* MBEDTLS_CMAC_C */ - -#if defined(MBEDTLS_CTR_DRBG_C) - if( strcmp( "MBEDTLS_CTR_DRBG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_C ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_C */ - -#if defined(MBEDTLS_DEBUG_C) - if( strcmp( "MBEDTLS_DEBUG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DEBUG_C ); - return( 0 ); - } -#endif /* MBEDTLS_DEBUG_C */ - -#if defined(MBEDTLS_DES_C) - if( strcmp( "MBEDTLS_DES_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DES_C ); - return( 0 ); - } -#endif /* MBEDTLS_DES_C */ - -#if defined(MBEDTLS_DHM_C) - if( strcmp( "MBEDTLS_DHM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_DHM_C ); - return( 0 ); - } -#endif /* MBEDTLS_DHM_C */ - -#if defined(MBEDTLS_ECDH_C) - if( strcmp( "MBEDTLS_ECDH_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_C */ - -#if defined(MBEDTLS_ECDSA_C) - if( strcmp( "MBEDTLS_ECDSA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDSA_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECDSA_C */ - -#if defined(MBEDTLS_ECJPAKE_C) - if( strcmp( "MBEDTLS_ECJPAKE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECJPAKE_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECJPAKE_C */ - -#if defined(MBEDTLS_ECP_C) - if( strcmp( "MBEDTLS_ECP_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_C ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_C */ - -#if defined(MBEDTLS_ENTROPY_C) - if( strcmp( "MBEDTLS_ENTROPY_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_C ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_C */ - -#if defined(MBEDTLS_ERROR_C) - if( strcmp( "MBEDTLS_ERROR_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ERROR_C ); - return( 0 ); - } -#endif /* MBEDTLS_ERROR_C */ - -#if defined(MBEDTLS_GCM_C) - if( strcmp( "MBEDTLS_GCM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_GCM_C ); - return( 0 ); - } -#endif /* MBEDTLS_GCM_C */ - -#if defined(MBEDTLS_HKDF_C) - if( strcmp( "MBEDTLS_HKDF_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HKDF_C ); - return( 0 ); - } -#endif /* MBEDTLS_HKDF_C */ - -#if defined(MBEDTLS_HMAC_DRBG_C) - if( strcmp( "MBEDTLS_HMAC_DRBG_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_C ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_C */ - -#if defined(MBEDTLS_NIST_KW_C) - if( strcmp( "MBEDTLS_NIST_KW_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NIST_KW_C ); - return( 0 ); - } -#endif /* MBEDTLS_NIST_KW_C */ - -#if defined(MBEDTLS_MD_C) - if( strcmp( "MBEDTLS_MD_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD_C ); - return( 0 ); - } -#endif /* MBEDTLS_MD_C */ - -#if defined(MBEDTLS_MD2_C) - if( strcmp( "MBEDTLS_MD2_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD2_C ); - return( 0 ); - } -#endif /* MBEDTLS_MD2_C */ - -#if defined(MBEDTLS_MD4_C) - if( strcmp( "MBEDTLS_MD4_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD4_C ); - return( 0 ); - } -#endif /* MBEDTLS_MD4_C */ - -#if defined(MBEDTLS_MD5_C) - if( strcmp( "MBEDTLS_MD5_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MD5_C ); - return( 0 ); - } -#endif /* MBEDTLS_MD5_C */ - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) - if( strcmp( "MBEDTLS_MEMORY_BUFFER_ALLOC_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_BUFFER_ALLOC_C ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */ - -#if defined(MBEDTLS_NET_C) - if( strcmp( "MBEDTLS_NET_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_NET_C ); - return( 0 ); - } -#endif /* MBEDTLS_NET_C */ - -#if defined(MBEDTLS_OID_C) - if( strcmp( "MBEDTLS_OID_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_OID_C ); - return( 0 ); - } -#endif /* MBEDTLS_OID_C */ - -#if defined(MBEDTLS_PADLOCK_C) - if( strcmp( "MBEDTLS_PADLOCK_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PADLOCK_C ); - return( 0 ); - } -#endif /* MBEDTLS_PADLOCK_C */ - -#if defined(MBEDTLS_PEM_PARSE_C) - if( strcmp( "MBEDTLS_PEM_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PEM_PARSE_C */ - -#if defined(MBEDTLS_PEM_WRITE_C) - if( strcmp( "MBEDTLS_PEM_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PEM_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PEM_WRITE_C */ - -#if defined(MBEDTLS_PK_C) - if( strcmp( "MBEDTLS_PK_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_C ); - return( 0 ); - } -#endif /* MBEDTLS_PK_C */ - -#if defined(MBEDTLS_PK_PARSE_C) - if( strcmp( "MBEDTLS_PK_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PK_PARSE_C */ - -#if defined(MBEDTLS_PK_WRITE_C) - if( strcmp( "MBEDTLS_PK_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PK_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PK_WRITE_C */ - -#if defined(MBEDTLS_PKCS5_C) - if( strcmp( "MBEDTLS_PKCS5_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS5_C ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS5_C */ - -#if defined(MBEDTLS_PKCS12_C) - if( strcmp( "MBEDTLS_PKCS12_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PKCS12_C ); - return( 0 ); - } -#endif /* MBEDTLS_PKCS12_C */ - -#if defined(MBEDTLS_PLATFORM_C) - if( strcmp( "MBEDTLS_PLATFORM_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_C ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_C */ - -#if defined(MBEDTLS_POLY1305_C) - if( strcmp( "MBEDTLS_POLY1305_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_POLY1305_C ); - return( 0 ); - } -#endif /* MBEDTLS_POLY1305_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_SE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_SE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) - if( strcmp( "MBEDTLS_PSA_CRYPTO_STORAGE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_STORAGE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_CRYPTO_STORAGE_C */ - -#if defined(MBEDTLS_PSA_ITS_FILE_C) - if( strcmp( "MBEDTLS_PSA_ITS_FILE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_ITS_FILE_C ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_ITS_FILE_C */ - -#if defined(MBEDTLS_RIPEMD160_C) - if( strcmp( "MBEDTLS_RIPEMD160_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RIPEMD160_C ); - return( 0 ); - } -#endif /* MBEDTLS_RIPEMD160_C */ - -#if defined(MBEDTLS_RSA_C) - if( strcmp( "MBEDTLS_RSA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_RSA_C ); - return( 0 ); - } -#endif /* MBEDTLS_RSA_C */ - -#if defined(MBEDTLS_SHA1_C) - if( strcmp( "MBEDTLS_SHA1_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA1_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA1_C */ - -#if defined(MBEDTLS_SHA256_C) - if( strcmp( "MBEDTLS_SHA256_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA256_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA256_C */ - -#if defined(MBEDTLS_SHA512_C) - if( strcmp( "MBEDTLS_SHA512_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA512_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA512_C */ - -#if defined(MBEDTLS_SSL_CACHE_C) - if( strcmp( "MBEDTLS_SSL_CACHE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_C */ - -#if defined(MBEDTLS_SSL_COOKIE_C) - if( strcmp( "MBEDTLS_SSL_COOKIE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_COOKIE_C */ - -#if defined(MBEDTLS_SSL_TICKET_C) - if( strcmp( "MBEDTLS_SSL_TICKET_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TICKET_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TICKET_C */ - -#if defined(MBEDTLS_SSL_CLI_C) - if( strcmp( "MBEDTLS_SSL_CLI_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CLI_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CLI_C */ - -#if defined(MBEDTLS_SSL_SRV_C) - if( strcmp( "MBEDTLS_SSL_SRV_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_SRV_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_SRV_C */ - -#if defined(MBEDTLS_SSL_TLS_C) - if( strcmp( "MBEDTLS_SSL_TLS_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS_C ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TLS_C */ - -#if defined(MBEDTLS_THREADING_C) - if( strcmp( "MBEDTLS_THREADING_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_THREADING_C ); - return( 0 ); - } -#endif /* MBEDTLS_THREADING_C */ - -#if defined(MBEDTLS_TIMING_C) - if( strcmp( "MBEDTLS_TIMING_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TIMING_C ); - return( 0 ); - } -#endif /* MBEDTLS_TIMING_C */ - -#if defined(MBEDTLS_VERSION_C) - if( strcmp( "MBEDTLS_VERSION_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_VERSION_C ); - return( 0 ); - } -#endif /* MBEDTLS_VERSION_C */ - -#if defined(MBEDTLS_X509_USE_C) - if( strcmp( "MBEDTLS_X509_USE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_USE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_USE_C */ - -#if defined(MBEDTLS_X509_CRT_PARSE_C) - if( strcmp( "MBEDTLS_X509_CRT_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ - -#if defined(MBEDTLS_X509_CRL_PARSE_C) - if( strcmp( "MBEDTLS_X509_CRL_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRL_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRL_PARSE_C */ - -#if defined(MBEDTLS_X509_CSR_PARSE_C) - if( strcmp( "MBEDTLS_X509_CSR_PARSE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_PARSE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CSR_PARSE_C */ - -#if defined(MBEDTLS_X509_CREATE_C) - if( strcmp( "MBEDTLS_X509_CREATE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CREATE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CREATE_C */ - -#if defined(MBEDTLS_X509_CRT_WRITE_C) - if( strcmp( "MBEDTLS_X509_CRT_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CRT_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CRT_WRITE_C */ - -#if defined(MBEDTLS_X509_CSR_WRITE_C) - if( strcmp( "MBEDTLS_X509_CSR_WRITE_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_CSR_WRITE_C ); - return( 0 ); - } -#endif /* MBEDTLS_X509_CSR_WRITE_C */ - -#if defined(MBEDTLS_XTEA_C) - if( strcmp( "MBEDTLS_XTEA_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_XTEA_C ); - return( 0 ); - } -#endif /* MBEDTLS_XTEA_C */ - -#if defined(MBEDTLS_MPI_WINDOW_SIZE) - if( strcmp( "MBEDTLS_MPI_WINDOW_SIZE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_WINDOW_SIZE ); - return( 0 ); - } -#endif /* MBEDTLS_MPI_WINDOW_SIZE */ - -#if defined(MBEDTLS_MPI_MAX_SIZE) - if( strcmp( "MBEDTLS_MPI_MAX_SIZE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MPI_MAX_SIZE ); - return( 0 ); - } -#endif /* MBEDTLS_MPI_MAX_SIZE */ - -#if defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) - if( strcmp( "MBEDTLS_CTR_DRBG_ENTROPY_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_ENTROPY_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_ENTROPY_LEN */ - -#if defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL) - if( strcmp( "MBEDTLS_CTR_DRBG_RESEED_INTERVAL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_RESEED_INTERVAL ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_RESEED_INTERVAL */ - -#if defined(MBEDTLS_CTR_DRBG_MAX_INPUT) - if( strcmp( "MBEDTLS_CTR_DRBG_MAX_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_MAX_INPUT */ - -#if defined(MBEDTLS_CTR_DRBG_MAX_REQUEST) - if( strcmp( "MBEDTLS_CTR_DRBG_MAX_REQUEST", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_REQUEST ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_MAX_REQUEST */ - -#if defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT) - if( strcmp( "MBEDTLS_CTR_DRBG_MAX_SEED_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_CTR_DRBG_MAX_SEED_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_CTR_DRBG_MAX_SEED_INPUT */ - -#if defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL) - if( strcmp( "MBEDTLS_HMAC_DRBG_RESEED_INTERVAL", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_RESEED_INTERVAL ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_RESEED_INTERVAL */ - -#if defined(MBEDTLS_HMAC_DRBG_MAX_INPUT) - if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_MAX_INPUT */ - -#if defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST) - if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_REQUEST", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_REQUEST ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_MAX_REQUEST */ - -#if defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT) - if( strcmp( "MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT ); - return( 0 ); - } -#endif /* MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT */ - -#if defined(MBEDTLS_ECP_MAX_BITS) - if( strcmp( "MBEDTLS_ECP_MAX_BITS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_MAX_BITS ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_MAX_BITS */ - -#if defined(MBEDTLS_ECP_WINDOW_SIZE) - if( strcmp( "MBEDTLS_ECP_WINDOW_SIZE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_WINDOW_SIZE ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_WINDOW_SIZE */ - -#if defined(MBEDTLS_ECP_FIXED_POINT_OPTIM) - if( strcmp( "MBEDTLS_ECP_FIXED_POINT_OPTIM", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECP_FIXED_POINT_OPTIM ); - return( 0 ); - } -#endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */ - -#if defined(MBEDTLS_ENTROPY_MAX_SOURCES) - if( strcmp( "MBEDTLS_ENTROPY_MAX_SOURCES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_SOURCES ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_MAX_SOURCES */ - -#if defined(MBEDTLS_ENTROPY_MAX_GATHER) - if( strcmp( "MBEDTLS_ENTROPY_MAX_GATHER", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MAX_GATHER ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_MAX_GATHER */ - -#if defined(MBEDTLS_ENTROPY_MIN_HARDWARE) - if( strcmp( "MBEDTLS_ENTROPY_MIN_HARDWARE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ENTROPY_MIN_HARDWARE ); - return( 0 ); - } -#endif /* MBEDTLS_ENTROPY_MIN_HARDWARE */ - -#if defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE) - if( strcmp( "MBEDTLS_MEMORY_ALIGN_MULTIPLE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_MEMORY_ALIGN_MULTIPLE ); - return( 0 ); - } -#endif /* MBEDTLS_MEMORY_ALIGN_MULTIPLE */ - -#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) - if( strcmp( "MBEDTLS_PLATFORM_STD_MEM_HDR", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_MEM_HDR ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_MEM_HDR */ - -#if defined(MBEDTLS_PLATFORM_STD_CALLOC) - if( strcmp( "MBEDTLS_PLATFORM_STD_CALLOC", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_CALLOC ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_CALLOC */ - -#if defined(MBEDTLS_PLATFORM_STD_FREE) - if( strcmp( "MBEDTLS_PLATFORM_STD_FREE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FREE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_FREE */ - -#if defined(MBEDTLS_PLATFORM_STD_EXIT) - if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_EXIT */ - -#if defined(MBEDTLS_PLATFORM_STD_TIME) - if( strcmp( "MBEDTLS_PLATFORM_STD_TIME", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_TIME ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_TIME */ - -#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) - if( strcmp( "MBEDTLS_PLATFORM_STD_FPRINTF", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_FPRINTF ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_FPRINTF */ - -#if defined(MBEDTLS_PLATFORM_STD_PRINTF) - if( strcmp( "MBEDTLS_PLATFORM_STD_PRINTF", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_PRINTF ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_PRINTF */ - -#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) - if( strcmp( "MBEDTLS_PLATFORM_STD_SNPRINTF", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_SNPRINTF ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_SNPRINTF */ - -#if defined(MBEDTLS_PLATFORM_STD_EXIT_SUCCESS) - if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_SUCCESS", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_SUCCESS ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_EXIT_SUCCESS */ - -#if defined(MBEDTLS_PLATFORM_STD_EXIT_FAILURE) - if( strcmp( "MBEDTLS_PLATFORM_STD_EXIT_FAILURE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_EXIT_FAILURE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_EXIT_FAILURE */ - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) - if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_READ", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_READ ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_READ */ - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) - if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_WRITE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_WRITE */ - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_FILE) - if( strcmp( "MBEDTLS_PLATFORM_STD_NV_SEED_FILE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_STD_NV_SEED_FILE ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_STD_NV_SEED_FILE */ - -#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_CALLOC_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_CALLOC_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_CALLOC_MACRO */ - -#if defined(MBEDTLS_PLATFORM_FREE_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_FREE_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FREE_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_FREE_MACRO */ - -#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_EXIT_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_EXIT_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_EXIT_MACRO */ - -#if defined(MBEDTLS_PLATFORM_TIME_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_TIME_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_TIME_MACRO */ - -#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_TIME_TYPE_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_TIME_TYPE_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */ - -#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_FPRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_FPRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_PRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_PRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_SNPRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_SNPRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_VSNPRINTF_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_VSNPRINTF_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_VSNPRINTF_MACRO */ - -#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_READ_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NV_SEED_READ_MACRO */ - -#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) - if( strcmp( "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO */ - -#if defined(MBEDTLS_PSA_HMAC_DRBG_MD_TYPE) - if( strcmp( "MBEDTLS_PSA_HMAC_DRBG_MD_TYPE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_HMAC_DRBG_MD_TYPE ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_HMAC_DRBG_MD_TYPE */ - -#if defined(MBEDTLS_PSA_KEY_SLOT_COUNT) - if( strcmp( "MBEDTLS_PSA_KEY_SLOT_COUNT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_KEY_SLOT_COUNT ); - return( 0 ); - } -#endif /* MBEDTLS_PSA_KEY_SLOT_COUNT */ - -#if defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT) - if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT */ - -#if defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES) - if( strcmp( "MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES */ - -#if defined(MBEDTLS_SSL_IN_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_IN_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_IN_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX) - if( strcmp( "MBEDTLS_SSL_CID_IN_LEN_MAX", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_IN_LEN_MAX ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */ - -#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) - if( strcmp( "MBEDTLS_SSL_CID_OUT_LEN_MAX", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_OUT_LEN_MAX ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */ - -#if defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY) - if( strcmp( "MBEDTLS_SSL_CID_PADDING_GRANULARITY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_PADDING_GRANULARITY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_CID_PADDING_GRANULARITY */ - -#if defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY) - if( strcmp( "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY */ - -#if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) - if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_OUT_CONTENT_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_OUT_CONTENT_LEN */ - -#if defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) - if( strcmp( "MBEDTLS_SSL_DTLS_MAX_BUFFERING", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_MAX_BUFFERING ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_DTLS_MAX_BUFFERING */ - -#if defined(MBEDTLS_PSK_MAX_LEN) - if( strcmp( "MBEDTLS_PSK_MAX_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PSK_MAX_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_PSK_MAX_LEN */ - -#if defined(MBEDTLS_SSL_COOKIE_TIMEOUT) - if( strcmp( "MBEDTLS_SSL_COOKIE_TIMEOUT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_COOKIE_TIMEOUT ); - return( 0 ); - } -#endif /* MBEDTLS_SSL_COOKIE_TIMEOUT */ - -#if defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA) - if( strcmp( "MBEDTLS_X509_MAX_INTERMEDIATE_CA", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_INTERMEDIATE_CA ); - return( 0 ); - } -#endif /* MBEDTLS_X509_MAX_INTERMEDIATE_CA */ - -#if defined(MBEDTLS_X509_MAX_FILE_PATH_LEN) - if( strcmp( "MBEDTLS_X509_MAX_FILE_PATH_LEN", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_X509_MAX_FILE_PATH_LEN ); - return( 0 ); - } -#endif /* MBEDTLS_X509_MAX_FILE_PATH_LEN */ - -#if defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE) - if( strcmp( "MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE ); - return( 0 ); - } -#endif /* MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE */ - -#if defined(MBEDTLS_PLATFORM_ZEROIZE_ALT) - if( strcmp( "MBEDTLS_PLATFORM_ZEROIZE_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_ZEROIZE_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_ZEROIZE_ALT */ - -#if defined(MBEDTLS_PLATFORM_GMTIME_R_ALT) - if( strcmp( "MBEDTLS_PLATFORM_GMTIME_R_ALT", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_PLATFORM_GMTIME_R_ALT ); - return( 0 ); - } -#endif /* MBEDTLS_PLATFORM_GMTIME_R_ALT */ - -#if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - if( strcmp( "MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED ); - return( 0 ); - } -#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */ - - /* If the symbol is not found, return an error */ - return( 1 ); -} - -#if defined(_MSC_VER) -#pragma warning(pop) -#endif /* _MSC_VER */ diff --git a/tests/suites/test_suite_psa_crypto_not_supported.generated.data b/tests/suites/test_suite_psa_crypto_not_supported.generated.data deleted file mode 100644 index 23ce19ff14..0000000000 --- a/tests/suites/test_suite_psa_crypto_not_supported.generated.data +++ /dev/null @@ -1,1078 +0,0 @@ -# Automatically generated by generate_psa_tests.py. Do not edit! - -PSA import AES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a064617461" - -PSA generate AES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -generate_not_supported:PSA_KEY_TYPE_AES:128 - -PSA import AES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a0646174614865726500697320" - -PSA generate AES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -generate_not_supported:PSA_KEY_TYPE_AES:192 - -PSA import AES 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -import_not_supported:PSA_KEY_TYPE_AES:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate AES 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_AES -generate_not_supported:PSA_KEY_TYPE_AES:256 - -PSA import ARC4 8-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_ARC4 -import_not_supported:PSA_KEY_TYPE_ARC4:"48" - -PSA generate ARC4 8-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_ARC4 -generate_not_supported:PSA_KEY_TYPE_ARC4:8 - -PSA import ARC4 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_ARC4 -import_not_supported:PSA_KEY_TYPE_ARC4:"48657265006973206b6579a064617461" - -PSA generate ARC4 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_ARC4 -generate_not_supported:PSA_KEY_TYPE_ARC4:128 - -PSA import ARC4 2048-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_ARC4 -import_not_supported:PSA_KEY_TYPE_ARC4:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate ARC4 2048-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_ARC4 -generate_not_supported:PSA_KEY_TYPE_ARC4:2048 - -PSA import CAMELLIA 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a064617461" - -PSA generate CAMELLIA 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -generate_not_supported:PSA_KEY_TYPE_CAMELLIA:128 - -PSA import CAMELLIA 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a0646174614865726500697320" - -PSA generate CAMELLIA 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -generate_not_supported:PSA_KEY_TYPE_CAMELLIA:192 - -PSA import CAMELLIA 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -import_not_supported:PSA_KEY_TYPE_CAMELLIA:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate CAMELLIA 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CAMELLIA -generate_not_supported:PSA_KEY_TYPE_CAMELLIA:256 - -PSA import CHACHA20 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CHACHA20 -import_not_supported:PSA_KEY_TYPE_CHACHA20:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate CHACHA20 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_CHACHA20 -generate_not_supported:PSA_KEY_TYPE_CHACHA20:256 - -PSA import DES 64-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901" - -PSA generate DES 64-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -generate_not_supported:PSA_KEY_TYPE_DES:64 - -PSA import DES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902" - -PSA generate DES 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -generate_not_supported:PSA_KEY_TYPE_DES:128 - -PSA import DES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -import_not_supported:PSA_KEY_TYPE_DES:"644573206b457901644573206b457902644573206b457904" - -PSA generate DES 192-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_DES -generate_not_supported:PSA_KEY_TYPE_DES:192 - -PSA import HMAC 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a064617461" - -PSA generate HMAC 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:128 - -PSA import HMAC 160-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265" - -PSA generate HMAC 160-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:160 - -PSA import HMAC 224-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a0" - -PSA generate HMAC 224-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:224 - -PSA import HMAC 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate HMAC 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:256 - -PSA import HMAC 384-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate HMAC 384-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:384 - -PSA import HMAC 512-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -import_not_supported:PSA_KEY_TYPE_HMAC:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate HMAC 512-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_HMAC -generate_not_supported:PSA_KEY_TYPE_HMAC:512 - -PSA import PASSWORD 48-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD:"486572650069" - -PSA generate PASSWORD 48-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD:48 - -PSA import PASSWORD 168-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD:"48657265006973206b6579a0646174614865726500" - -PSA generate PASSWORD 168-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD:168 - -PSA import PASSWORD 336-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65" - -PSA generate PASSWORD 336-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD:336 - -PSA import PASSWORD_HASH 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:"48657265006973206b6579a064617461" - -PSA generate PASSWORD_HASH 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:128 - -PSA import PASSWORD_HASH 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate PASSWORD_HASH 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PASSWORD_HASH:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PASSWORD_HASH:256 - -PSA import PEPPER 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PEPPER:"48657265006973206b6579a064617461" - -PSA generate PEPPER 128-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PEPPER:128 - -PSA import PEPPER 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_PEPPER:"48657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA generate PEPPER 256-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_PEPPER:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_PEPPER:256 - -PSA import RSA_KEY_PAIR 1024-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - -PSA generate RSA_KEY_PAIR 1024-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1024 - -PSA import RSA_KEY_PAIR 1536-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -import_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" - -PSA generate RSA_KEY_PAIR 1536-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -generate_not_supported:PSA_KEY_TYPE_RSA_KEY_PAIR:1536 - -PSA import RSA_PUBLIC_KEY 1024-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" - -PSA generate RSA_PUBLIC_KEY 1024-bit never supported -generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024 - -PSA import RSA_PUBLIC_KEY 1536-bit not supported -depends_on:!PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -import_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" - -PSA generate RSA_PUBLIC_KEY 1536-bit never supported -generate_not_supported:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"69502c4fdaf48d4fa617bdd24498b0406d0eeaac" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 - -PSA import ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" - -PSA generate ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" - -PSA generate ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512 - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_192:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_224:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_320:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" - -PSA import ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_BRAINPOOL_P_R1_512 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" - -PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_255 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255 - -PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_MONTGOMERY_448 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448 - -PSA import ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_255 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255 - -PSA import ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" - -PSA generate ECC_KEY_PAIR(MONTGOMERY) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_MONTGOMERY_448 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448 - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" - -PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 255-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255 - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" - -PSA generate ECC_PUBLIC_KEY(MONTGOMERY) 448-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448 - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_255 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" - -PSA import ECC_PUBLIC_KEY(MONTGOMERY) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_MONTGOMERY_448 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" - -PSA import ECC_KEY_PAIR(SECP_K1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228" - -PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_192 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 - -PSA import ECC_KEY_PAIR(SECP_K1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" - -PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_224 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 - -PSA import ECC_KEY_PAIR(SECP_K1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" - -PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_K1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 - -PSA import ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"297ac1722ccac7589ecb240dc719842538ca974beb79f228" - -PSA generate ECC_KEY_PAIR(SECP_K1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_192 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192 - -PSA import ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" - -PSA generate ECC_KEY_PAIR(SECP_K1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_224 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224 - -PSA import ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" - -PSA generate ECC_KEY_PAIR(SECP_K1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_K1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" - -PSA generate ECC_PUBLIC_KEY(SECP_K1) 192-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" - -PSA generate ECC_PUBLIC_KEY(SECP_K1) 224-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" - -PSA generate ECC_PUBLIC_KEY(SECP_K1) 256-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256 - -PSA import ECC_PUBLIC_KEY(SECP_K1) 192-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_192 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" - -PSA import ECC_PUBLIC_KEY(SECP_K1) 224-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_224 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" - -PSA import ECC_PUBLIC_KEY(SECP_K1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_K1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" - -PSA import ECC_KEY_PAIR(SECP_R1) 225-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" - -PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225 - -PSA import ECC_KEY_PAIR(SECP_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" - -PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 - -PSA import ECC_KEY_PAIR(SECP_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" - -PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 - -PSA import ECC_KEY_PAIR(SECP_R1) 521-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" - -PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 - -PSA import ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" - -PSA generate ECC_KEY_PAIR(SECP_R1) 225-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225 - -PSA import ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" - -PSA generate ECC_KEY_PAIR(SECP_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_256 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256 - -PSA import ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" - -PSA generate ECC_KEY_PAIR(SECP_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_384 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384 - -PSA import ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" - -PSA generate ECC_KEY_PAIR(SECP_R1) 521-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R1_521 -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 225-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 256-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 384-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" - -PSA generate ECC_PUBLIC_KEY(SECP_R1) 521-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521 - -PSA import ECC_PUBLIC_KEY(SECP_R1) 225-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_225:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" - -PSA import ECC_PUBLIC_KEY(SECP_R1) 256-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_256 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" - -PSA import ECC_PUBLIC_KEY(SECP_R1) 384-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_384 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" - -PSA import ECC_PUBLIC_KEY(SECP_R1) 521-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R1_521 -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" - -PSA import ECC_KEY_PAIR(SECP_R2) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" - -PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160 - -PSA import ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" - -PSA generate ECC_KEY_PAIR(SECP_R2) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160 - -PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" - -PSA generate ECC_PUBLIC_KEY(SECP_R2) 160-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160 - -PSA import ECC_PUBLIC_KEY(SECP_R2) 160-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECP_R2_160:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" - -PSA import ECC_KEY_PAIR(SECT_K1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" - -PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163 - -PSA import ECC_KEY_PAIR(SECT_K1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233 - -PSA import ECC_KEY_PAIR(SECT_K1) 239-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" - -PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239 - -PSA import ECC_KEY_PAIR(SECT_K1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" - -PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283 - -PSA import ECC_KEY_PAIR(SECT_K1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409 - -PSA import ECC_KEY_PAIR(SECT_K1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" - -PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571 - -PSA import ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" - -PSA generate ECC_KEY_PAIR(SECT_K1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163 - -PSA import ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233 - -PSA import ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" - -PSA generate ECC_KEY_PAIR(SECT_K1) 239-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239 - -PSA import ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" - -PSA generate ECC_KEY_PAIR(SECT_K1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283 - -PSA import ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" - -PSA generate ECC_KEY_PAIR(SECT_K1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409 - -PSA import ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" - -PSA generate ECC_KEY_PAIR(SECT_K1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 163-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 233-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 239-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 283-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 409-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" - -PSA generate ECC_PUBLIC_KEY(SECT_K1) 571-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571 - -PSA import ECC_PUBLIC_KEY(SECT_K1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 239-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_239:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" - -PSA import ECC_PUBLIC_KEY(SECT_K1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_K1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" - -PSA import ECC_KEY_PAIR(SECT_R1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" - -PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163 - -PSA import ECC_KEY_PAIR(SECT_R1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" - -PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233 - -PSA import ECC_KEY_PAIR(SECT_R1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" - -PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283 - -PSA import ECC_KEY_PAIR(SECT_R1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" - -PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409 - -PSA import ECC_KEY_PAIR(SECT_R1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" - -PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571 - -PSA import ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" - -PSA generate ECC_KEY_PAIR(SECT_R1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163 - -PSA import ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" - -PSA generate ECC_KEY_PAIR(SECT_R1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233 - -PSA import ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" - -PSA generate ECC_KEY_PAIR(SECT_R1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283 - -PSA import ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" - -PSA generate ECC_KEY_PAIR(SECT_R1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409 - -PSA import ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" - -PSA generate ECC_KEY_PAIR(SECT_R1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 163-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 233-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 283-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 409-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" - -PSA generate ECC_PUBLIC_KEY(SECT_R1) 571-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571 - -PSA import ECC_PUBLIC_KEY(SECT_R1) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 233-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_233:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 283-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_283:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 409-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_409:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" - -PSA import ECC_PUBLIC_KEY(SECT_R1) 571-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R1_571:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" - -PSA import ECC_KEY_PAIR(SECT_R2) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34" - -PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163 - -PSA import ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):"0210b482a458b4822d0cb21daa96819a67c8062d34" - -PSA generate ECC_KEY_PAIR(SECT_R2) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163 - -PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" - -PSA generate ECC_PUBLIC_KEY(SECT_R2) 163-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163 - -PSA import ECC_PUBLIC_KEY(SECT_R2) 163-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_SECT_R2_163:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 - -PSA import ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" - -PSA generate ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -generate_not_supported:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" - -PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255 - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type not supported -depends_on:!PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" - -PSA generate ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit type never supported -generate_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448 - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_255:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" - -PSA import ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit curve not supported -depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:!PSA_WANT_ECC_TWISTED_EDWARDS_448:DEPENDENCY_NOT_IMPLEMENTED_YET -import_not_supported:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" - -# End of automatically generated file. diff --git a/tests/suites/test_suite_psa_crypto_storage_format.current.data b/tests/suites/test_suite_psa_crypto_storage_format.current.data deleted file mode 100644 index 732b80b6b9..0000000000 --- a/tests/suites/test_suite_psa_crypto_storage_format.current.data +++ /dev/null @@ -1,775 +0,0 @@ -# Automatically generated by generate_psa_tests.py. Do not edit! - -PSA storage save: usage: 0 -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b" - -PSA storage save: usage: COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b" - -PSA storage save: usage: DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b" - -PSA storage save: usage: DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b" - -PSA storage save: usage: ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b" - -PSA storage save: usage: EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b" - -PSA storage save: usage: SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b" - -PSA storage save: usage: VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b" - -PSA storage save: usage: VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b" - -PSA storage save: usage: COPY | DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b" - -PSA storage save: usage: DECRYPT | DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b" - -PSA storage save: usage: DERIVE | ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b" - -PSA storage save: usage: ENCRYPT | EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b" - -PSA storage save: usage: EXPORT | SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b" - -PSA storage save: usage: SIGN_HASH | VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800009000000000000000000000010000004b" - -PSA storage save: usage: VERIFY_DERIVATION | VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a000000000000000000000010000004b" - -PSA storage save: usage: VERIFY_HASH | COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800022000000000000000000000010000004b" - -PSA storage save: usage: all known -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080003f300000000000000000000010000004b" - -PSA storage save: type: AES 128-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: AES 192-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" - -PSA storage save: type: AES 256-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_save:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: ARC4 8-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048" - -PSA storage save: type: ARC4 128-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: ARC4 2048-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_save:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: CAMELLIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: CAMELLIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320" - -PSA storage save: type: CAMELLIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_save:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: CHACHA20 256-bit -depends_on:PSA_WANT_KEY_TYPE_CHACHA20 -key_storage_save:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: DERIVE 120-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174" - -PSA storage save: type: DERIVE 128-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_save:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: DES 64-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901" - -PSA storage save: type: DES 128-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902" - -PSA storage save: type: DES 192-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_save:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904" - -PSA storage save: type: HMAC 128-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: HMAC 160-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265" - -PSA storage save: type: HMAC 224-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0" - -PSA storage save: type: HMAC 256-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: HMAC 384-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: HMAC 512-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_save:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: PASSWORD 48-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:48:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"486572650069":"505341004b45590000000000010000000312300001000000000000000000000006000000486572650069" - -PSA storage save: type: PASSWORD 168-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:168:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500":"505341004b45590000000000010000000312a8000100000000000000000000001500000048657265006973206b6579a0646174614865726500" - -PSA storage save: type: PASSWORD 336-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD:336:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":"505341004b4559000000000001000000031250010100000000000000000000002a00000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65" - -PSA storage save: type: PASSWORD_HASH 128-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000051280000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: PASSWORD_HASH 256-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_save:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000051200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: PEPPER 128-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_save:0x0001:PSA_KEY_TYPE_PEPPER:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000061280000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: PEPPER 256-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_save:0x0001:PSA_KEY_TYPE_PEPPER:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000061200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461" - -PSA storage save: type: RAW_DATA 8-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048" - -PSA storage save: type: RAW_DATA 40-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500" - -PSA storage save: type: RAW_DATA 128-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461" - -PSA storage save: type: RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24" - -PSA storage save: type: RSA_KEY_PAIR 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf" - -PSA storage save: type: RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001" - -PSA storage save: type: RSA_PUBLIC_KEY 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb" - -PSA storage save: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2" - -PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a" - -PSA storage save: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1" - -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228" - -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8" - -PSA storage save: type: ECC_KEY_PAIR(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae" - -PSA storage save: type: ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8" - -PSA storage save: type: ECC_KEY_PAIR(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1" - -PSA storage save: type: ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34" - -PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60" - -PSA storage save: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a" - -PSA storage save: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a" - -PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a" - -PSA storage save: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1" - -PSA storage save: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74" - -PSA storage save: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f" - -PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a" - -PSA storage save: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_save:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180" - -PSA storage save: alg: PSA_ALG_ANY_HASH -depends_on:PSA_WANT_ALG_ANY_HASH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_ANY_HASH -depends_on:PSA_WANT_ALG_ANY_HASH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c" - -PSA storage save: alg: PSA_ALG_CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b" - -PSA storage save: alg2: PSA_ALG_CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c" - -PSA storage save: alg: PSA_ALG_CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b" - -PSA storage save: alg2: PSA_ALG_CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c" - -PSA storage save: alg: PSA_ALG_CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b" - -PSA storage save: alg2: PSA_ALG_CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c" - -PSA storage save: alg: PSA_ALG_CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b" - -PSA storage save: alg2: PSA_ALG_CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c" - -PSA storage save: alg: PSA_ALG_CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b" - -PSA storage save: alg2: PSA_ALG_CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c" - -PSA storage save: alg: PSA_ALG_CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b" - -PSA storage save: alg2: PSA_ALG_CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c" - -PSA storage save: alg: PSA_ALG_CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b" - -PSA storage save: alg2: PSA_ALG_CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c" - -PSA storage save: alg: PSA_ALG_CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b" - -PSA storage save: alg2: PSA_ALG_CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c" - -PSA storage save: alg: PSA_ALG_ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b" - -PSA storage save: alg2: PSA_ALG_ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c" - -PSA storage save: alg: PSA_ALG_ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b" - -PSA storage save: alg2: PSA_ALG_ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c" - -PSA storage save: alg: PSA_ALG_ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b" - -PSA storage save: alg2: PSA_ALG_ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c" - -PSA storage save: alg: PSA_ALG_ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b" - -PSA storage save: alg2: PSA_ALG_ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c" - -PSA storage save: alg: PSA_ALG_ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b" - -PSA storage save: alg2: PSA_ALG_ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c" - -PSA storage save: alg: PSA_ALG_FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b" - -PSA storage save: alg2: PSA_ALG_FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c" - -PSA storage save: alg: PSA_ALG_GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b" - -PSA storage save: alg2: PSA_ALG_GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c" - -PSA storage save: alg: PSA_ALG_MD2 -depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_MD2 -depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c" - -PSA storage save: alg: PSA_ALG_MD4 -depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_MD4 -depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c" - -PSA storage save: alg: PSA_ALG_MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c" - -PSA storage save: alg: PSA_ALG_OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b" - -PSA storage save: alg2: PSA_ALG_OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c" - -PSA storage save: alg: PSA_ALG_PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b" - -PSA storage save: alg2: PSA_ALG_PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c" - -PSA storage save: alg: PSA_ALG_PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b" - -PSA storage save: alg2: PSA_ALG_PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c" - -PSA storage save: alg: PSA_ALG_RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c" - -PSA storage save: alg: PSA_ALG_RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b" - -PSA storage save: alg2: PSA_ALG_RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c" - -PSA storage save: alg: PSA_ALG_RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b" - -PSA storage save: alg2: PSA_ALG_RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c" - -PSA storage save: alg: PSA_ALG_SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c" - -PSA storage save: alg: PSA_ALG_SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c" - -PSA storage save: alg: PSA_ALG_SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b" - -PSA storage save: alg2: PSA_ALG_SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c" - -PSA storage save: alg: PSA_ALG_STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b" - -PSA storage save: alg2: PSA_ALG_STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c" - -PSA storage save: alg: PSA_ALG_XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b" - -PSA storage save: alg2: PSA_ALG_XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_save:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c" - -# End of automatically generated file. diff --git a/tests/suites/test_suite_psa_crypto_storage_format.v0.data b/tests/suites/test_suite_psa_crypto_storage_format.v0.data deleted file mode 100644 index 82f55dd5da..0000000000 --- a/tests/suites/test_suite_psa_crypto_storage_format.v0.data +++ /dev/null @@ -1,775 +0,0 @@ -# Automatically generated by generate_psa_tests.py. Do not edit! - -PSA storage read: usage: 0 -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:0:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000000000000000000000000010000004b":0 - -PSA storage read: usage: COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020000000000000000000000010000004b":0 - -PSA storage read: usage: DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000200000000000000000000010000004b":0 - -PSA storage read: usage: DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004000000000000000000000010000004b":0 - -PSA storage read: usage: ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800000100000000000000000000010000004b":0 - -PSA storage read: usage: EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010000000000000000000000010000004b":0 - -PSA storage read: usage: SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800001000000000000000000000010000004b":0 - -PSA storage read: usage: VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800008000000000000000000000010000004b":0 - -PSA storage read: usage: VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800002000000000000000000000010000004b":0 - -PSA storage read: usage: COPY | DECRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800020200000000000000000000010000004b":0 - -PSA storage read: usage: DECRYPT | DERIVE -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004200000000000000000000010000004b":0 - -PSA storage read: usage: DERIVE | ENCRYPT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800004100000000000000000000010000004b":0 - -PSA storage read: usage: ENCRYPT | EXPORT -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800010100000000000000000000010000004b":0 - -PSA storage read: usage: EXPORT | SIGN_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800011000000000000000000000010000004b":0 - -PSA storage read: usage: SIGN_HASH | VERIFY_DERIVATION -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_DERIVATION:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800009000000000000000000000010000004b":0 - -PSA storage read: usage: VERIFY_DERIVATION | VERIFY_HASH -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080000a000000000000000000000010000004b":0 - -PSA storage read: usage: VERIFY_HASH | COPY -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_VERIFY_HASH | PSA_KEY_USAGE_COPY:0x0000:0x0000:"4b":"505341004b455900000000000100000001100800022000000000000000000000010000004b":0 - -PSA storage read: usage: all known -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_DERIVATION | PSA_KEY_USAGE_VERIFY_HASH:0x0000:0x0000:"4b":"505341004b45590000000000010000000110080003f300000000000000000000010000004b":0 - -PSA storage read: type: AES 128-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_read:0x0001:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000002480000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: AES 192-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_read:0x0001:PSA_KEY_TYPE_AES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000024c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":1 - -PSA storage read: type: AES 256-bit -depends_on:PSA_WANT_KEY_TYPE_AES -key_storage_read:0x0001:PSA_KEY_TYPE_AES:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000002400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: ARC4 8-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000022008000100000000000000000000000100000048":1 - -PSA storage read: type: ARC4 128-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000022080000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: ARC4 2048-bit -depends_on:PSA_WANT_KEY_TYPE_ARC4 -key_storage_read:0x0001:PSA_KEY_TYPE_ARC4:2048:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000022000080100000000000000000000000001000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: CAMELLIA 128-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000032480000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: CAMELLIA 192-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500697320":"505341004b45590000000000010000000324c0000100000000000000000000001800000048657265006973206b6579a0646174614865726500697320":1 - -PSA storage read: type: CAMELLIA 256-bit -depends_on:PSA_WANT_KEY_TYPE_CAMELLIA -key_storage_read:0x0001:PSA_KEY_TYPE_CAMELLIA:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000032400010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: CHACHA20 256-bit -depends_on:PSA_WANT_KEY_TYPE_CHACHA20 -key_storage_read:0x0001:PSA_KEY_TYPE_CHACHA20:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000042000010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: DERIVE 120-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:120:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174":"505341004b4559000000000001000000001278000100000000000000000000000f00000048657265006973206b6579a0646174":1 - -PSA storage read: type: DERIVE 128-bit -depends_on:PSA_WANT_KEY_TYPE_DERIVE -key_storage_read:0x0001:PSA_KEY_TYPE_DERIVE:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001280000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: DES 64-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:64:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901":"505341004b45590000000000010000000123400001000000000000000000000008000000644573206b457901":1 - -PSA storage read: type: DES 128-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902":"505341004b45590000000000010000000123800001000000000000000000000010000000644573206b457901644573206b457902":1 - -PSA storage read: type: DES 192-bit -depends_on:PSA_WANT_KEY_TYPE_DES -key_storage_read:0x0001:PSA_KEY_TYPE_DES:192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"644573206b457901644573206b457902644573206b457904":"505341004b45590000000000010000000123c00001000000000000000000000018000000644573206b457901644573206b457902644573206b457904":1 - -PSA storage read: type: HMAC 128-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000001180000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: HMAC 160-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265":"505341004b45590000000000010000000011a0000100000000000000000000001400000048657265006973206b6579a06461746148657265":1 - -PSA storage read: type: HMAC 224-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a0":"505341004b45590000000000010000000011e0000100000000000000000000001c00000048657265006973206b6579a06461746148657265006973206b6579a0":1 - -PSA storage read: type: HMAC 256-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: HMAC 384-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001180010100000000000000000000003000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: HMAC 512-bit -depends_on:PSA_WANT_KEY_TYPE_HMAC -key_storage_read:0x0001:PSA_KEY_TYPE_HMAC:512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000001100020100000000000000000000004000000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: PASSWORD 48-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:48:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"486572650069":"505341004b45590000000000010000000312300001000000000000000000000006000000486572650069":1 - -PSA storage read: type: PASSWORD 168-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:168:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a0646174614865726500":"505341004b45590000000000010000000312a8000100000000000000000000001500000048657265006973206b6579a0646174614865726500":1 - -PSA storage read: type: PASSWORD 336-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD:336:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":"505341004b4559000000000001000000031250010100000000000000000000002a00000048657265006973206b6579a06461746148657265006973206b6579a06461746148657265006973206b65":1 - -PSA storage read: type: PASSWORD_HASH 128-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000051280000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: PASSWORD_HASH 256-bit -depends_on:PSA_WANT_KEY_TYPE_PASSWORD_HASH -key_storage_read:0x0001:PSA_KEY_TYPE_PASSWORD_HASH:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000051200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: PEPPER 128-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_read:0x0001:PSA_KEY_TYPE_PEPPER:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000061280000100000000000000000000001000000048657265006973206b6579a064617461":1 - -PSA storage read: type: PEPPER 256-bit -depends_on:PSA_WANT_KEY_TYPE_PEPPER -key_storage_read:0x0001:PSA_KEY_TYPE_PEPPER:256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a06461746148657265006973206b6579a064617461":"505341004b4559000000000001000000061200010100000000000000000000002000000048657265006973206b6579a06461746148657265006973206b6579a064617461":1 - -PSA storage read: type: RAW_DATA 8-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48":"505341004b4559000000000001000000011008000100000000000000000000000100000048":0 - -PSA storage read: type: RAW_DATA 40-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:40:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"4865726500":"505341004b455900000000000100000001102800010000000000000000000000050000004865726500":0 - -PSA storage read: type: RAW_DATA 128-bit -depends_on:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:128:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"48657265006973206b6579a064617461":"505341004b4559000000000001000000011080000100000000000000000000001000000048657265006973206b6579a064617461":0 - -PSA storage read: type: RSA_KEY_PAIR 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000000000000000620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":1 - -PSA storage read: type: RSA_KEY_PAIR 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_KEY_PAIR:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":"505341004b4559000000000001000000017000060100000000000000000000007f0300003082037b0201000281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc3502030100010281c06d2d670047973a87752a9d5bc14f3dae00acb01f593aa0e24cf4a49f932931de4bbfb332e2d38083da80bc0b6d538edba479f7f77d0deffb4a28e6e67ff6273585bb4cd862535c946605ab0809d65f0e38f76e4ec2c3d9b8cd6e14bcf667943892cd4b34cc6420a439abbf3d7d35ef73976dd6f9cbde35a51fa5213f0107f83e3425835d16d3c9146fc9e36ce75a09bb66cdff21dd5a776899f1cb07e282cca27be46510e9c799f0d8db275a6be085d9f3f803218ee3384265bfb1a3640e8ca1026100e6848c31d466fffefc547e3a3b0d3785de6f78b0dd12610843512e495611a0675509b1650b27415009838dd8e68eec6e7530553b637d602424643b33e8bc5b762e1799bc79d56b13251d36d4f201da2182416ce13574e88278ff04467ad602d9026100de994fdf181f02be2bf9e5f5e4e517a94993b827d1eaf609033e3a6a6f2396ae7c44e9eb594cf1044cb3ad32ea258f0c82963b27bb650ed200cde82cb993374be34be5b1c7ead5446a2b82a4486e8c1810a0b01551609fb0841d474bada802bd026076ddae751b73a959d0bfb8ff49e7fcd378e9be30652ecefe35c82cb8003bc29cc60ae3809909baf20c95db9516fe680865417111d8b193dbcf30281f1249de57c858bf1ba32f5bb1599800e8398a9ef25c7a642c95261da6f9c17670e97265b10260732482b837d5f2a9443e23c1aa0106d83e82f6c3424673b5fdc3769c0f992d1c5c93991c7038e882fcda04414df4d7a5f4f698ead87851ce37344b60b72d7b70f9c60cae8566e7a257f8e1bef0e89df6e4c2f9d24d21d9f8889e4c7eccf91751026009050d94493da8f00a4ddbe9c800afe3d44b43f78a48941a79b2814a1f0b81a18a8b2347642a03b27998f5a18de9abc9ae0e54ab8294feac66dc87e854cce6f7278ac2710cb5878b592ffeb1f4f0a1853e4e8d1d0561b6efcc831a296cf7eeaf":1 - -PSA storage read: type: RSA_PUBLIC_KEY 1024-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1024:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"505341004b4559000000000001000000014000040100000000000000000000008c00000030818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":1 - -PSA storage read: type: RSA_PUBLIC_KEY 1536-bit -depends_on:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_RSA_PUBLIC_KEY:1536:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":"505341004b455900000000000100000001400006010000000000000000000000cc0000003081c90281c100c870feb6ca6b1d2bd9f2dd99e20f1fe2d7e5192de662229dbe162bd1ba66336a7182903ca0b72796cd441c83d24bcdc3e9a2f5e4399c8a043f1c3ddf04754a66d4cfe7b3671a37dd31a9b4c13bfe06ee90f9d94ddaa06de67a52ac863e68f756736ceb014405a6160579640f831dddccc34ad0b05070e3f9954a58d1815813e1b83bcadba814789c87f1ef2ba5d738b793ec456a67360eea1b5faf1c7cc7bf24f3b2a9d0f8958b1096e0f0c335f8888d0c63a51c3c0337214fa3f5efdf6dcc350203010001":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"69502c4fdaf48d4fa617bdd24498b0406d0eeaac":"505341004b45590000000000010000003071a0000100000000000000000000001400000069502c4fdaf48d4fa617bdd24498b0406d0eeaac":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":"505341004b45590000000000010000003071c000010000000000000000000000180000001688a2c5fbf4a3c851d76a98c3ec88f445a97996283db59f":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":"505341004b45590000000000010000003071e0000100000000000000000000001c000000a69835dafeb5da5ab89c59860dddebcfd80b529a99f59b880882923c":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"2161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":"505341004b455900000000000100000030710001010000000000000000000000200000002161d6f2db76526fa62c16f356a80f01f32f776784b36aa99799a8b7662080ff":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"61b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":"505341004b4559000000000001000000307140010100000000000000000000002800000061b8daa7a6e5aa9fccf1ef504220b2e5a5b8c6dc7475d16d3172d7db0b2778414e4f6e8fa2032ead":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":"505341004b455900000000000100000030718001010000000000000000000000300000003dd92e750d90d7d39fc1885cd8ad12ea9441f22b9334b4d965202adb1448ce24c5808a85dd9afc229af0a3124f755bcb":1 - -PSA storage read: type: ECC_KEY_PAIR(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":"505341004b45590000000000010000003071000201000000000000000000000040000000372c9778f69f726cbca3f4a268f16b4d617d10280d79a6a029cd51879fe1012934dfe5395455337df6906dc7d6d2eea4dbb2065c0228f73b3ed716480e7d71d2":1 - -PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"70076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":"505341004b45590000000000010000004171ff000100000000000000000000002000000070076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c6a":1 - -PSA storage read: type: ECC_KEY_PAIR(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":"505341004b45590000000000010000004171c00101000000000000000000000038000000e4e49f52686f9ee3b638528f721f1596196ffd0a1cddb64c3f216f06541805cfeb1a286dc78018095cdfec050e8007b5f4908962ba20d6c1":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"297ac1722ccac7589ecb240dc719842538ca974beb79f228":"505341004b45590000000000010000001771c00001000000000000000000000018000000297ac1722ccac7589ecb240dc719842538ca974beb79f228":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":"505341004b45590000000000010000001771e0000100000000000000000000001d0000000024122bf020fa113f6c0ac978dfbd41f749257a9468febdbe0dc9f7e8":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"7fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":"505341004b455900000000000100000017710001010000000000000000000000200000007fa06fa02d0e911b9a47fdc17d2d962ca01e2f31d60c6212d0ed7e3bba23a7b9":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":"505341004b45590000000000010000001271e1000100000000000000000000001c000000872f203b3ad35b7f2ecc803c3a0e1e0b1ed61cc1afe71b189cd4c995":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":"505341004b4559000000000001000000127100010100000000000000000000002000000049c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":"505341004b455900000000000100000012718001010000000000000000000000300000003f5d8d9be280b5696cc5cc9f94cf8af7e6b61dd6592b2ab2b3a4c607450417ec327dcdcaed7c10053d719a0574f0a76a":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"01b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":"505341004b4559000000000001000000127109020100000000000000000000004200000001b1b6ad07bb79e7320da59860ea28e055284f6058f279de666e06d435d2af7bda28d99fa47b7dd0963e16b0073078ee8b8a38d966a582f46d19ff95df3ad9685aae":1 - -PSA storage read: type: ECC_KEY_PAIR(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":"505341004b45590000000000010000001b71a0000100000000000000000000001500000000bf539a1cdda0d7f71a50a3f98aec0a2e8e4ced1e":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"03ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":"505341004b45590000000000010000002771a3000100000000000000000000001500000003ebc8fcded2d6ab72ec0f75bdb4fd080481273e71":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"41f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":"505341004b45590000000000010000002771e9000100000000000000000000001d00000041f08485ce587b06061c087e76e247c359de2ba9927ee013b2f1ed9ca8":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"1a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":"505341004b45590000000000010000002771ef000100000000000000000000001e0000001a8069ce2c2c8bdd7087f2a6ab49588797e6294e979495602ab9650b9c61":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":"505341004b455900000000000100000027711b0101000000000000000000000024000000006d627885dd48b9ec6facb5b3865377d755b75a5d51440e45211c1f600e15eff8a881a0":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"3ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":"505341004b455900000000000100000027719901010000000000000000000000330000003ff5e74d932fa77db139b7c948c81e4069c72c24845574064beea8976b70267f1c6f9a503e3892ea1dcbb71fcea423faa370a8":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":"505341004b455900000000000100000027713b0201000000000000000000000048000000005008c97b4a161c0db1bac6452c72846d57337aa92d8ecb4a66eb01d2f29555ffb61a5317225dcc8ca6917d91789e227efc0bfe9eeda7ee21998cd11c3c9885056b0e55b4f75d51":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":"505341004b45590000000000010000002271a30001000000000000000000000015000000009b05dc82d46d64a04a22e6e5ca70ca1231e68c50":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":"505341004b45590000000000010000002271e9000100000000000000000000001e00000000e5e42834e3c78758088b905deea975f28dc20ef6173e481f96e88afe7f":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":"505341004b455900000000000100000022711b0101000000000000000000000024000000004cecad915f6f3c9bbbd92d1eb101eda23f16c7dad60a57c87c7e1fd2b29b22f6d666ad":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"00c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":"505341004b4559000000000001000000227199010100000000000000000000003400000000c22422d265721a3ae2b3b2baeb77bee50416e19877af97b5fc1c700a0a88916ecb9050135883accb5e64edc77a3703f4f67a64":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":"505341004b455900000000000100000022713b0201000000000000000000000048000000026ac1cdf92a13a1b8d282da9725847908745138f5c6706b52d164e3675fcfbf86fc3e6ab2de732193267db029dd35a0599a94a118f480231cfc6ccca2ebfc1d8f54176e0f5656a1":1 - -PSA storage read: type: ECC_KEY_PAIR(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0210b482a458b4822d0cb21daa96819a67c8062d34":"505341004b45590000000000010000002b71a300010000000000000000000000150000000210b482a458b4822d0cb21daa96819a67c8062d34":1 - -PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":"505341004b45590000000000010000004271ff00010000000000000000000000200000009d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60":1 - -PSA storage read: type: ECC_KEY_PAIR(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":"505341004b45590000000000010000004271c001010000000000000000000000390000006c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 160-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":"505341004b45590000000000010000003041a0000100000000000000000000002900000004d4b9186816358e2f9c59cf70748cb70641b22fbab65473db4b4e22a361ed7e3de7e8a8ddc4130c5c":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 192-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":"505341004b45590000000000010000003041c00001000000000000000000000031000000043fdd168c179ff5363dd71dcd58de9617caad791ae0c37328be9ca0bfc79cebabf6a95d1c52df5b5f3c8b1a2441cf6c88":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 224-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":"505341004b45590000000000010000003041e00001000000000000000000000039000000045fbea378fc8583b3837e3f21a457c31eaf20a54e18eb11d104b3adc47f9d1c97eb9ea4ac21740d70d88514b98bf0bc31addac1d19c4ab3cc":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 256-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":"505341004b4559000000000001000000304100010100000000000000000000004100000004768c8cae4abca6306db0ed81b0c4a6215c378066ec6d616c146e13f1c7df809b96ab6911c27d8a02339f0926840e55236d3d1efbe2669d090e4c4c660fada91d":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 320-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_320:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):320:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":"505341004b45590000000000010000003041400101000000000000000000000051000000049caed8fb4742956cc2ad12a9a1c995e21759ef26a07bc2054136d3d2f28bb331a70e26c4c687275ab1f434be7871e115d2350c0c5f61d4d06d2bcdb67f5cb63fdb794e5947c87dc6849a58694e37e6cd":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 384-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":"505341004b4559000000000001000000304180010100000000000000000000006100000004719f9d093a627e0d350385c661cebf00c61923566fe9006a3107af1d871bc6bb68985fd722ea32be316f8e783b7cd1957785f66cfc0cb195dd5c99a8e7abaa848553a584dfd2b48e76d445fe00dd8be59096d877d4696d23b4bc8db14724e66a":1 - -PSA storage read: type: ECC_PUBLIC_KEY(BRAINPOOL_P_R1) 512-bit -depends_on:PSA_WANT_ECC_BRAINPOOL_P_R1_512:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_BRAINPOOL_P_R1):512:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":"505341004b455900000000000100000030410002010000000000000000000000810000000438b7ec92b61c5c6c7fbc28a4ec759d48fcd4e2e374defd5c4968a54dbef7510e517886fbfc38ea39aa529359d70a7156c35d3cbac7ce776bdb251dd64bce71234424ee7049eed072f0dbc4d79996e175d557e263763ae97095c081e73e7db2e38adc3d4c9a0487b1ede876dc1fca61c902e9a1d8722b8612928f18a24845591a":1 - -PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 255-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":"505341004b45590000000000010000004141ff00010000000000000000000000200000008520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a":1 - -PSA storage read: type: ECC_PUBLIC_KEY(MONTGOMERY) 448-bit -depends_on:PSA_WANT_ECC_MONTGOMERY_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_MONTGOMERY):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":"505341004b45590000000000010000004141c00101000000000000000000000038000000c0d3a5a2b416a573dc9909f92f134ac01323ab8f8e36804e578588ba2d09fe7c3e737f771ca112825b548a0ffded6d6a2fd09a3e77dec30e":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 192-bit -depends_on:PSA_WANT_ECC_SECP_K1_192:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):192:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":"505341004b45590000000000010000001741c000010000000000000000000000310000000426b7bb38da649ac2138fc050c6548b32553dab68afebc36105d325b75538c12323cb0764789ecb992671beb2b6bef2f5":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 224-bit -depends_on:PSA_WANT_ECC_SECP_K1_224:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):224:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":"505341004b45590000000000010000001741e00001000000000000000000000039000000042cc7335f4b76042bed44ef45959a62aa215f7a5ff0c8111b8c44ed654ee71c1918326ad485b2d599fe2a6eab096ee26d977334d2bac6d61d":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_K1) 256-bit -depends_on:PSA_WANT_ECC_SECP_K1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_K1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":"505341004b45590000000000010000001741000101000000000000000000000041000000045c39154579efd667adc73a81015a797d2c8682cdfbd3c3553c4a185d481cdc50e42a0e1cbc3ca29a32a645e927f54beaed14c9dbbf8279d725f5495ca924b24d":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 225-bit -depends_on:PSA_WANT_ECC_SECP_R1_225:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):225:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":"505341004b45590000000000010000001241e10001000000000000000000000039000000046f00eadaa949fee3e9e1c7fa1247eecec86a0dce46418b9bd3117b981d4bd0ae7a990de912f9d060d6cb531a42d22e394ac29e81804bf160":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 256-bit -depends_on:PSA_WANT_ECC_SECP_R1_256:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":"505341004b45590000000000010000001241000101000000000000000000000041000000047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 384-bit -depends_on:PSA_WANT_ECC_SECP_R1_384:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):384:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":"505341004b4559000000000001000000124180010100000000000000000000006100000004d9c662b50ba29ca47990450e043aeaf4f0c69b15676d112f622a71c93059af999691c5680d2b44d111579db12f4a413a2ed5c45fcfb67b5b63e00b91ebe59d09a6b1ac2c0c4282aa12317ed5914f999bc488bb132e8342cc36f2ca5e3379c747":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R1) 521-bit -depends_on:PSA_WANT_ECC_SECP_R1_521:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):521:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":"505341004b4559000000000001000000124109020100000000000000000000008500000004001de142d54f69eb038ee4b7af9d3ca07736fd9cf719eb354d69879ee7f3c136fb0fbf9f08f86be5fa128ec1a051d3e6c643e85ada8ffacf3663c260bd2c844b6f5600cee8e48a9e65d09cadd89f235dee05f3b8a646be715f1f67d5b434e0ff23a1fc07ef7740193e40eeff6f3bcdfd765aa9155033524fe4f205f5444e292c4c2f6ac1":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECP_R2) 160-bit -depends_on:PSA_WANT_ECC_SECP_R2_160:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R2):160:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":"505341004b45590000000000010000001b41a00001000000000000000000000029000000049570d541398665adb5cfa16f5af73b3196926bbd4b876bdb80f8eab20d0f540c22f4de9c140f6d7b":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 163-bit -depends_on:PSA_WANT_ECC_SECT_K1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":"505341004b45590000000000010000002741a3000100000000000000000000002b0000000406f88f90b4b65950f06ce433afdb097e320f433dc2062b8a65db8fafd3c110f46bc45663fbf021ee7eb9":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 233-bit -depends_on:PSA_WANT_ECC_SECT_K1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":"505341004b45590000000000010000002741e9000100000000000000000000003d0000000401e9d7189189f773bd8f71be2c10774ba18842434dfa9312595ea545104400f45a9d5675647513ba75b079fe66a29daac2ec86a6a5d4e75c5f290c1f":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 239-bit -depends_on:PSA_WANT_ECC_SECT_K1_239:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):239:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":"505341004b45590000000000010000002741ef000100000000000000000000003d00000004068d76b9f4508762c2379db9ee8b87ad8d86d9535132ffba3b5680440cfa28eb133d4232faf1c9aba96af11aefe634a551440800d5f8185105d3072d":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 283-bit -depends_on:PSA_WANT_ECC_SECT_K1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":"505341004b455900000000000100000027411b01010000000000000000000000490000000405f48374debceaadb46ba385fd92048fcc5b9af1a1c90408bf94a68b9378df1cbfdfb6fb026a96bea06d8f181bf10c020adbcc88b6ecff96bdc564a9649c247cede601c4be63afc3":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 409-bit -depends_on:PSA_WANT_ECC_SECT_K1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":"505341004b4559000000000001000000274199010100000000000000000000006900000004012c587f69f68b308ba6dcb238797f4e22290ca939ae806604e2b5ab4d9caef5a74a98fd87c4f88d292dd39d92e556e16c6ecc3c019a105826eef507cd9a04119f54d5d850b3720b3792d5d03410e9105610f7e4b420166ed45604a7a1f229d80975ba6be2060e8b":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_K1) 571-bit -depends_on:PSA_WANT_ECC_SECT_K1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_K1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":"505341004b455900000000000100000027413b020100000000000000000000009100000004050172a7fd7adf98e4e2ed2742faa5cd12731a15fb0dbbdf75b1c3cc771a4369af6f2fa00e802735650881735759ea9c79961ded18e0daa0ac59afb1d513b5bbda9962e435f454fc020b4afe1445c2302ada07d295ec2580f8849b2dfa7f956b09b4cbe4c88d3b1c217049f75d3900d36df0fa12689256b58dd2ef784ebbeb0564600cf47a841485f8cf897a68accd5a":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 163-bit -depends_on:PSA_WANT_ECC_SECT_R1_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":"505341004b45590000000000010000002241a3000100000000000000000000002b0000000400465eeb9e7258b11e33c02266bfe834b20bcb118700772796ee4704ec67651bd447e3011959a79a04cb":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 233-bit -depends_on:PSA_WANT_ECC_SECT_R1_233:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):233:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":"505341004b45590000000000010000002241e9000100000000000000000000003d0000000400cd68c8af4430c92ec7a7048becfdf00a6bae8d1b4c37286f2d336f2a0e017eca3748f4ad6d435c85867aa014eea1bd6d9d005bbd8319cab629001d":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 283-bit -depends_on:PSA_WANT_ECC_SECT_R1_283:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):283:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"04052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":"505341004b455900000000000100000022411b010100000000000000000000004900000004052f9ff887254c2d1440ba9e30f13e2185ba53c373b2c410dae21cf8c167f796c08134f601cbc4c570bffbc2433082cf4d9eb5ba173ecb8caec15d66a02673f60807b2daa729b765":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 409-bit -depends_on:PSA_WANT_ECC_SECT_R1_409:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):409:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":"505341004b455900000000000100000022419901010000000000000000000000690000000401aa25466b1d291846db365957b25431591e50d9c109fe2106e93bb369775896925b15a7bfec397406ab4fe6f6b1a13bf8fdcb9300fa5500a813228676b0a6c572ed96b0f4aec7e87832e7e20f17ca98ecdfd36f59c82bddb8665f1f357a73900e827885ec9e1f22":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R1) 571-bit -depends_on:PSA_WANT_ECC_SECT_R1_571:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R1):571:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":"505341004b455900000000000100000022413b0201000000000000000000000091000000040708f3403ee9948114855c17572152a08f8054d486defef5f29cbffcfb7cfd9280746a1ac5f751a6ad902ec1e0525120e9be56f03437af196fbe60ee7856e3542ab2cf87880632d80290e39b1a2bd03c6bbf6225511c567bd2ff41d2325dc58346f2b60b1feee4dc8b2af2296c2dc52b153e0556b5d24152b07f690c3fa24e4d1d19efbdeb1037833a733654d2366c74":1 - -PSA storage read: type: ECC_PUBLIC_KEY(SECT_R2) 163-bit -depends_on:PSA_WANT_ECC_SECT_R2_163:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECT_R2):163:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"0403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":"505341004b45590000000000010000002b41a3000100000000000000000000002b0000000403692601144c32a6cfa369ae20ae5d43c1c764678c037bafe80c6fd2e42b7ced96171d9c5367fd3dca6f":1 - -PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 255-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_255:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):255:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":"505341004b45590000000000010000004241ff0001000000000000000000000020000000d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a":1 - -PSA storage read: type: ECC_PUBLIC_KEY(TWISTED_EDWARDS) 448-bit -depends_on:PSA_WANT_ECC_TWISTED_EDWARDS_448:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY -key_storage_read:0x0001:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_TWISTED_EDWARDS):448:PSA_KEY_USAGE_EXPORT:0x0000:0x0000:"5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":"505341004b45590000000000010000004241c001010000000000000000000000390000005fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180":1 - -PSA storage read: alg: PSA_ALG_ANY_HASH -depends_on:PSA_WANT_ALG_ANY_HASH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ANY_HASH:0x0000:"4b":"505341004b45590000000000010000000110080001000000ff00000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_ANY_HASH -depends_on:PSA_WANT_ALG_ANY_HASH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ANY_HASH:"4c":"505341004b4559000000000001000000011008000100000000000000ff000002010000004c":0 - -PSA storage read: alg: PSA_ALG_CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_MAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000001c00300000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CBC_MAC -depends_on:PSA_WANT_ALG_CBC_MAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_MAC:"4c":"505341004b45590000000000010000000110080001000000000000000001c003010000004c":0 - -PSA storage read: alg: PSA_ALG_CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000040400400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CBC_NO_PADDING -depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000404004010000004c":0 - -PSA storage read: alg: PSA_ALG_CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CBC_PKCS7:0x0000:"4b":"505341004b455900000000000100000001100800010000000041400400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CBC_PKCS7 -depends_on:PSA_WANT_ALG_CBC_PKCS7:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CBC_PKCS7:"4c":"505341004b455900000000000100000001100800010000000000000000414004010000004c":0 - -PSA storage read: alg: PSA_ALG_CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000001500500000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CCM -depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CCM:"4c":"505341004b455900000000000100000001100800010000000000000000015005010000004c":0 - -PSA storage read: alg: PSA_ALG_CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000011c00400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CFB -depends_on:PSA_WANT_ALG_CFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CFB:"4c":"505341004b45590000000000010000000110080001000000000000000011c004010000004c":0 - -PSA storage read: alg: PSA_ALG_CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CHACHA20_POLY1305:0x0000:"4b":"505341004b455900000000000100000001100800010000000005100500000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CHACHA20_POLY1305 -depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CHACHA20_POLY1305:"4c":"505341004b455900000000000100000001100800010000000000000000051005010000004c":0 - -PSA storage read: alg: PSA_ALG_CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CMAC:0x0000:"4b":"505341004b455900000000000100000001100800010000000002c00300000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CMAC -depends_on:PSA_WANT_ALG_CMAC:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CMAC:"4c":"505341004b45590000000000010000000110080001000000000000000002c003010000004c":0 - -PSA storage read: alg: PSA_ALG_CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0x0000:"4b":"505341004b455900000000000100000001100800010000000010c00400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_CTR -depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_CTR:"4c":"505341004b45590000000000010000000110080001000000000000000010c004010000004c":0 - -PSA storage read: alg: PSA_ALG_ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECB_NO_PADDING:0x0000:"4b":"505341004b455900000000000100000001100800010000000044400400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_ECB_NO_PADDING -depends_on:PSA_WANT_ALG_ECB_NO_PADDING:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECB_NO_PADDING:"4c":"505341004b455900000000000100000001100800010000000000000000444004010000004c":0 - -PSA storage read: alg: PSA_ALG_ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000020900000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_ECDH -depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDH:"4c":"505341004b455900000000000100000001100800010000000000000000000209010000004c":0 - -PSA storage read: alg: PSA_ALG_ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ECDSA_ANY:0x0000:"4b":"505341004b455900000000000100000001100800010000000006000600000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_ECDSA_ANY -depends_on:PSA_WANT_ALG_ECDSA_ANY:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ECDSA_ANY:"4c":"505341004b455900000000000100000001100800010000000000000000060006010000004c":0 - -PSA storage read: alg: PSA_ALG_ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED25519PH:0x0000:"4b":"505341004b455900000000000100000001100800010000000b09000600000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_ED25519PH -depends_on:PSA_WANT_ALG_ED25519PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED25519PH:"4c":"505341004b45590000000000010000000110080001000000000000000b090006010000004c":0 - -PSA storage read: alg: PSA_ALG_ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_ED448PH:0x0000:"4b":"505341004b455900000000000100000001100800010000001509000600000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_ED448PH -depends_on:PSA_WANT_ALG_ED448PH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_ED448PH:"4c":"505341004b455900000000000100000001100800010000000000000015090006010000004c":0 - -PSA storage read: alg: PSA_ALG_FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_FFDH:0x0000:"4b":"505341004b455900000000000100000001100800010000000000010900000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_FFDH -depends_on:PSA_WANT_ALG_FFDH:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_FFDH:"4c":"505341004b455900000000000100000001100800010000000000000000000109010000004c":0 - -PSA storage read: alg: PSA_ALG_GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_GCM:0x0000:"4b":"505341004b455900000000000100000001100800010000000002500500000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_GCM -depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_GCM:"4c":"505341004b455900000000000100000001100800010000000000000000025005010000004c":0 - -PSA storage read: alg: PSA_ALG_MD2 -depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD2:0x0000:"4b":"505341004b455900000000000100000001100800010000000100000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_MD2 -depends_on:PSA_WANT_ALG_MD2:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD2:"4c":"505341004b455900000000000100000001100800010000000000000001000002010000004c":0 - -PSA storage read: alg: PSA_ALG_MD4 -depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD4:0x0000:"4b":"505341004b455900000000000100000001100800010000000200000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_MD4 -depends_on:PSA_WANT_ALG_MD4:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD4:"4c":"505341004b455900000000000100000001100800010000000000000002000002010000004c":0 - -PSA storage read: alg: PSA_ALG_MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_MD5:0x0000:"4b":"505341004b455900000000000100000001100800010000000300000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_MD5 -depends_on:PSA_WANT_ALG_MD5:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_MD5:"4c":"505341004b455900000000000100000001100800010000000000000003000002010000004c":0 - -PSA storage read: alg: PSA_ALG_OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_OFB:0x0000:"4b":"505341004b455900000000000100000001100800010000000012c00400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_OFB -depends_on:PSA_WANT_ALG_OFB:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_OFB:"4c":"505341004b45590000000000010000000110080001000000000000000012c004010000004c":0 - -PSA storage read: alg: PSA_ALG_PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:0x0000:"4b":"505341004b455900000000000100000001100800010000000002800800000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_PBKDF2_AES_CMAC_PRF_128 -depends_on:PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PBKDF2_AES_CMAC_PRF_128:"4c":"505341004b455900000000000100000001100800010000000000000000028008010000004c":0 - -PSA storage read: alg: PSA_ALG_PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_PURE_EDDSA:0x0000:"4b":"505341004b455900000000000100000001100800010000000008000600000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_PURE_EDDSA -depends_on:PSA_WANT_ALG_PURE_EDDSA:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_PURE_EDDSA:"4c":"505341004b455900000000000100000001100800010000000000000000080006010000004c":0 - -PSA storage read: alg: PSA_ALG_RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RIPEMD160:0x0000:"4b":"505341004b455900000000000100000001100800010000000400000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_RIPEMD160 -depends_on:PSA_WANT_ALG_RIPEMD160:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RIPEMD160:"4c":"505341004b455900000000000100000001100800010000000000000004000002010000004c":0 - -PSA storage read: alg: PSA_ALG_RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_CRYPT:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000700000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_RSA_PKCS1V15_CRYPT -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_CRYPT:"4c":"505341004b455900000000000100000001100800010000000000000000020007010000004c":0 - -PSA storage read: alg: PSA_ALG_RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:0x0000:"4b":"505341004b455900000000000100000001100800010000000002000600000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_RSA_PKCS1V15_SIGN_RAW -depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_RSA_PKCS1V15_SIGN_RAW:"4c":"505341004b455900000000000100000001100800010000000000000000020006010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_224:0x0000:"4b":"505341004b455900000000000100000001100800010000001000000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA3_224 -depends_on:PSA_WANT_ALG_SHA3_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_224:"4c":"505341004b455900000000000100000001100800010000000000000010000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_256:0x0000:"4b":"505341004b455900000000000100000001100800010000001100000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA3_256 -depends_on:PSA_WANT_ALG_SHA3_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_256:"4c":"505341004b455900000000000100000001100800010000000000000011000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_384:0x0000:"4b":"505341004b455900000000000100000001100800010000001200000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA3_384 -depends_on:PSA_WANT_ALG_SHA3_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_384:"4c":"505341004b455900000000000100000001100800010000000000000012000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA3_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001300000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA3_512 -depends_on:PSA_WANT_ALG_SHA3_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA3_512:"4c":"505341004b455900000000000100000001100800010000000000000013000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHAKE256_512:0x0000:"4b":"505341004b455900000000000100000001100800010000001500000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHAKE256_512 -depends_on:PSA_WANT_ALG_SHAKE256_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHAKE256_512:"4c":"505341004b455900000000000100000001100800010000000000000015000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_1:0x0000:"4b":"505341004b455900000000000100000001100800010000000500000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_1 -depends_on:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_1:"4c":"505341004b455900000000000100000001100800010000000000000005000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000800000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_224 -depends_on:PSA_WANT_ALG_SHA_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_224:"4c":"505341004b455900000000000100000001100800010000000000000008000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000900000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_256 -depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_256:"4c":"505341004b455900000000000100000001100800010000000000000009000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_384:0x0000:"4b":"505341004b455900000000000100000001100800010000000a00000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_384 -depends_on:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_384:"4c":"505341004b45590000000000010000000110080001000000000000000a000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512:0x0000:"4b":"505341004b455900000000000100000001100800010000000b00000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_512 -depends_on:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512:"4c":"505341004b45590000000000010000000110080001000000000000000b000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_224:0x0000:"4b":"505341004b455900000000000100000001100800010000000c00000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_512_224 -depends_on:PSA_WANT_ALG_SHA_512_224:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_224:"4c":"505341004b45590000000000010000000110080001000000000000000c000002010000004c":0 - -PSA storage read: alg: PSA_ALG_SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_SHA_512_256:0x0000:"4b":"505341004b455900000000000100000001100800010000000d00000200000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_SHA_512_256 -depends_on:PSA_WANT_ALG_SHA_512_256:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_SHA_512_256:"4c":"505341004b45590000000000010000000110080001000000000000000d000002010000004c":0 - -PSA storage read: alg: PSA_ALG_STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_STREAM_CIPHER:0x0000:"4b":"505341004b455900000000000100000001100800010000000001800400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_STREAM_CIPHER -depends_on:PSA_WANT_ALG_STREAM_CIPHER:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_STREAM_CIPHER:"4c":"505341004b455900000000000100000001100800010000000000000000018004010000004c":0 - -PSA storage read: alg: PSA_ALG_XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:PSA_ALG_XTS:0x0000:"4b":"505341004b4559000000000001000000011008000100000000ff400400000000010000004b":0 - -PSA storage read: alg2: PSA_ALG_XTS -depends_on:PSA_WANT_ALG_XTS:PSA_WANT_KEY_TYPE_RAW_DATA -key_storage_read:0x0001:PSA_KEY_TYPE_RAW_DATA:8:PSA_KEY_USAGE_EXPORT:0x0000:PSA_ALG_XTS:"4c":"505341004b455900000000000100000001100800010000000000000000ff4004010000004c":0 - -# End of automatically generated file. diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj deleted file mode 100644 index 0be32fc5aa..0000000000 --- a/visualc/VS2010/benchmark.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA} - Win32Proj - benchmark - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj deleted file mode 100644 index 3fbcb52a52..0000000000 --- a/visualc/VS2010/cert_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D4D691D4-137C-CBFA-735B-D46636D7E4D8} - Win32Proj - cert_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj deleted file mode 100644 index 41fdf31a3b..0000000000 --- a/visualc/VS2010/cert_req.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE} - Win32Proj - cert_req - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj deleted file mode 100644 index f1f93ea371..0000000000 --- a/visualc/VS2010/cert_write.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {35E52E46-3BA9-4361-41D3-53663C2E9B8A} - Win32Proj - cert_write - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj deleted file mode 100644 index 4b8b2168f4..0000000000 --- a/visualc/VS2010/crl_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DB904B85-AD31-B7FB-114F-88760CC485F2} - Win32Proj - crl_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj deleted file mode 100644 index 885935bdff..0000000000 --- a/visualc/VS2010/crypt_and_hash.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7} - Win32Proj - crypt_and_hash - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj deleted file mode 100644 index 3899f0ec32..0000000000 --- a/visualc/VS2010/crypto_examples.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {020C31BD-C4DF-BABA-E537-F517C4E98537} - Win32Proj - crypto_examples - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj deleted file mode 100644 index 043ab1afc1..0000000000 --- a/visualc/VS2010/dh_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE} - Win32Proj - dh_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj deleted file mode 100644 index f0366cb248..0000000000 --- a/visualc/VS2010/dh_genprime.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {718960D9-5DA6-7B56-39AD-637E81076C71} - Win32Proj - dh_genprime - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj deleted file mode 100644 index 5a986bc57c..0000000000 --- a/visualc/VS2010/dh_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {8D91B804-E2CE-142D-8E06-FBB037ED1F65} - Win32Proj - dh_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj deleted file mode 100644 index 3fd65456de..0000000000 --- a/visualc/VS2010/dtls_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5} - Win32Proj - dtls_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj deleted file mode 100644 index b10ec4df5e..0000000000 --- a/visualc/VS2010/dtls_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317} - Win32Proj - dtls_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj deleted file mode 100644 index 578e43b626..0000000000 --- a/visualc/VS2010/ecdh_curve25519.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {82EE497E-12CC-7C5B-A072-665678ACB43E} - Win32Proj - ecdh_curve25519 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj deleted file mode 100644 index f7ad2e9227..0000000000 --- a/visualc/VS2010/ecdsa.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E} - Win32Proj - ecdsa - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj deleted file mode 100644 index b7e45f9789..0000000000 --- a/visualc/VS2010/gen_entropy.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DE695064-13C3-18B0-378D-8B22672BF3F4} - Win32Proj - gen_entropy - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj deleted file mode 100644 index fa026141cf..0000000000 --- a/visualc/VS2010/gen_key.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52} - Win32Proj - gen_key - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj deleted file mode 100644 index a385841a06..0000000000 --- a/visualc/VS2010/gen_random_ctr_drbg.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E} - Win32Proj - gen_random_ctr_drbg - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj deleted file mode 100644 index faad77596a..0000000000 --- a/visualc/VS2010/generic_sum.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D071CCF7-ACA0-21F8-D382-52A759AEA261} - Win32Proj - generic_sum - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj deleted file mode 100644 index 6a81d914e9..0000000000 --- a/visualc/VS2010/hello.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D} - Win32Proj - hello - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj deleted file mode 100644 index bba584170a..0000000000 --- a/visualc/VS2010/key_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {10AE376F-1A70-0297-0216-1FD01AD15D19} - Win32Proj - key_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj deleted file mode 100644 index 0d7013796d..0000000000 --- a/visualc/VS2010/key_app_writer.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8} - Win32Proj - key_app_writer - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj deleted file mode 100644 index 8584aee758..0000000000 --- a/visualc/VS2010/key_ladder_demo.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {778777A0-393D-45E8-83C1-EAF487236F1F} - Win32Proj - key_ladder_demo - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mbedTLS.sln b/visualc/VS2010/mbedTLS.sln deleted file mode 100644 index dc3264451e..0000000000 --- a/visualc/VS2010/mbedTLS.sln +++ /dev/null @@ -1,676 +0,0 @@ - -Microsoft Visual Studio Solution File, Format Version 11.00 -# Visual C++ Express 2010 -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mbedTLS", "mbedTLS.vcxproj", "{46CF2D25-6A36-4189-B59C-E4815388E554}" -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypt_and_hash", "crypt_and_hash.vcxproj", "{5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "generic_sum", "generic_sum.vcxproj", "{D071CCF7-ACA0-21F8-D382-52A759AEA261}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hello", "hello.vcxproj", "{B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_client", "dh_client.vcxproj", "{4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_genprime", "dh_genprime.vcxproj", "{718960D9-5DA6-7B56-39AD-637E81076C71}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dh_server", "dh_server.vcxproj", "{8D91B804-E2CE-142D-8E06-FBB037ED1F65}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdh_curve25519", "ecdh_curve25519.vcxproj", "{82EE497E-12CC-7C5B-A072-665678ACB43E}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ecdsa", "ecdsa.vcxproj", "{F58142CC-0CC7-0B18-5A0F-53642CFBA18E}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_key", "gen_key.vcxproj", "{BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_app", "key_app.vcxproj", "{10AE376F-1A70-0297-0216-1FD01AD15D19}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_app_writer", "key_app_writer.vcxproj", "{E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mpi_demo", "mpi_demo.vcxproj", "{A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_decrypt", "pk_decrypt.vcxproj", "{1EC6CBA3-6187-D456-D9B7-A35399395D71}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_encrypt", "pk_encrypt.vcxproj", "{55007179-7746-9CFB-97EC-65102FB272C8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_sign", "pk_sign.vcxproj", "{F2E8CA55-597F-7FDC-6456-D8650FB970A3}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pk_verify", "pk_verify.vcxproj", "{C429B336-1B30-119C-3B34-21A186D6744F}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_decrypt", "rsa_decrypt.vcxproj", "{E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_encrypt", "rsa_encrypt.vcxproj", "{D06CF12E-F222-9273-41BF-B8A052FA5527}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_genkey", "rsa_genkey.vcxproj", "{F472475C-F677-0E7F-F127-45BF5B64F622}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_sign", "rsa_sign.vcxproj", "{10790F49-6887-AAB6-2D86-BCBD516F8D26}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_sign_pss", "rsa_sign_pss.vcxproj", "{DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify", "rsa_verify.vcxproj", "{689E28CF-89ED-BA38-3A14-78A75D891D46}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "rsa_verify_pss", "rsa_verify_pss.vcxproj", "{95C50864-854C-2A11-4C91-BCE654E344FB}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crypto_examples", "crypto_examples.vcxproj", "{020C31BD-C4DF-BABA-E537-F517C4E98537}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "key_ladder_demo", "key_ladder_demo.vcxproj", "{778777A0-393D-45E8-83C1-EAF487236F1F}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "psa_constant_names", "psa_constant_names.vcxproj", "{A0BAD8F0-69B5-8382-86ED-C36ACBE54117}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_entropy", "gen_entropy.vcxproj", "{DE695064-13C3-18B0-378D-8B22672BF3F4}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "gen_random_ctr_drbg", "gen_random_ctr_drbg.vcxproj", "{5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_client", "dtls_client.vcxproj", "{FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "dtls_server", "dtls_server.vcxproj", "{BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "mini_client", "mini_client.vcxproj", "{C4FE29EA-266D-5295-4840-976B9B5B3843}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client1", "ssl_client1.vcxproj", "{487A2F80-3CA3-678D-88D5-82194872CF08}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_client2", "ssl_client2.vcxproj", "{4E590E9D-E28F-87FF-385B-D58736388231}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_context_info", "ssl_context_info.vcxproj", "{017ECC7D-FB6D-46D8-076B-F64172E8E3BC}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_fork_server", "ssl_fork_server.vcxproj", "{918CD402-047D-8467-E11C-E1132053F916}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_mail_client", "ssl_mail_client.vcxproj", "{7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server", "ssl_server.vcxproj", "{E08E0065-896A-7487-DEA5-D3B80B71F975}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ssl_server2", "ssl_server2.vcxproj", "{A4DA7463-1047-BDF5-E1B3-5632CB573F41}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark.vcxproj", "{90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "query_compile_time_config", "query_compile_time_config.vcxproj", "{D6F58AF2-9D80-562A-E2B0-F743281522B9}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "selftest", "selftest.vcxproj", "{7DBC5F77-3DA1-5F73-8421-E693D95FC66A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "udp_proxy", "udp_proxy.vcxproj", "{7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "zeroize", "zeroize.vcxproj", "{10C01E94-4926-063E-9F56-C84ED190D349}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "pem2der", "pem2der.vcxproj", "{D3C6FBD6-D78E-7180-8345-5E09B492DBEC}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "strerror", "strerror.vcxproj", "{23EF735C-CC4C-3EC4-A75E-903DB340F04A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_app", "cert_app.vcxproj", "{D4D691D4-137C-CBFA-735B-D46636D7E4D8}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_req", "cert_req.vcxproj", "{C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cert_write", "cert_write.vcxproj", "{35E52E46-3BA9-4361-41D3-53663C2E9B8A}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "crl_app", "crl_app.vcxproj", "{DB904B85-AD31-B7FB-114F-88760CC485F2}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "req_app", "req_app.vcxproj", "{486B1375-5CFA-C2D2-DD89-C9F497BADCB3}" - ProjectSection(ProjectDependencies) = postProject - {46CF2D25-6A36-4189-B59C-E4815388E554} = {46CF2D25-6A36-4189-B59C-E4815388E554} - EndProjectSection -EndProject -Global - GlobalSection(SolutionConfigurationPlatforms) = preSolution - Debug|Win32 = Debug|Win32 - Debug|x64 = Debug|x64 - Release|Win32 = Release|Win32 - Release|x64 = Release|x64 - EndGlobalSection - GlobalSection(ProjectConfigurationPlatforms) = postSolution - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|Win32.ActiveCfg = Debug|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|Win32.Build.0 = Debug|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|x64.ActiveCfg = Debug|x64 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Debug|x64.Build.0 = Debug|x64 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.ActiveCfg = Release|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|Win32.Build.0 = Release|Win32 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.ActiveCfg = Release|x64 - {46CF2D25-6A36-4189-B59C-E4815388E554}.Release|x64.Build.0 = Release|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.ActiveCfg = Debug|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|Win32.Build.0 = Debug|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.ActiveCfg = Debug|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Debug|x64.Build.0 = Debug|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|Win32.ActiveCfg = Release|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|Win32.Build.0 = Release|Win32 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|x64.ActiveCfg = Release|x64 - {5DBB9FC3-6FD6-CA8D-E0FA-35F1E75EFAE7}.Release|x64.Build.0 = Release|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|Win32.ActiveCfg = Debug|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|Win32.Build.0 = Debug|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|x64.ActiveCfg = Debug|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Debug|x64.Build.0 = Debug|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.ActiveCfg = Release|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|Win32.Build.0 = Release|Win32 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.ActiveCfg = Release|x64 - {D071CCF7-ACA0-21F8-D382-52A759AEA261}.Release|x64.Build.0 = Release|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|Win32.ActiveCfg = Debug|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|Win32.Build.0 = Debug|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|x64.ActiveCfg = Debug|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Debug|x64.Build.0 = Debug|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|Win32.ActiveCfg = Release|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|Win32.Build.0 = Release|Win32 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|x64.ActiveCfg = Release|x64 - {B02D4AE1-0218-1CD4-F44E-EFAE19B01B8D}.Release|x64.Build.0 = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.ActiveCfg = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|Win32.Build.0 = Debug|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.ActiveCfg = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Debug|x64.Build.0 = Debug|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.ActiveCfg = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|Win32.Build.0 = Release|Win32 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.ActiveCfg = Release|x64 - {4D29BE4A-979C-C5AE-44B5-30FB37D8D4EE}.Release|x64.Build.0 = Release|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.ActiveCfg = Debug|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|Win32.Build.0 = Debug|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.ActiveCfg = Debug|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Debug|x64.Build.0 = Debug|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.ActiveCfg = Release|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|Win32.Build.0 = Release|Win32 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.ActiveCfg = Release|x64 - {718960D9-5DA6-7B56-39AD-637E81076C71}.Release|x64.Build.0 = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.ActiveCfg = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|Win32.Build.0 = Debug|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.ActiveCfg = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Debug|x64.Build.0 = Debug|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.ActiveCfg = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|Win32.Build.0 = Release|Win32 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.ActiveCfg = Release|x64 - {8D91B804-E2CE-142D-8E06-FBB037ED1F65}.Release|x64.Build.0 = Release|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.ActiveCfg = Debug|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|Win32.Build.0 = Debug|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.ActiveCfg = Debug|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Debug|x64.Build.0 = Debug|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|Win32.ActiveCfg = Release|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|Win32.Build.0 = Release|Win32 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|x64.ActiveCfg = Release|x64 - {82EE497E-12CC-7C5B-A072-665678ACB43E}.Release|x64.Build.0 = Release|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|Win32.ActiveCfg = Debug|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|Win32.Build.0 = Debug|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|x64.ActiveCfg = Debug|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Debug|x64.Build.0 = Debug|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|Win32.ActiveCfg = Release|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|Win32.Build.0 = Release|Win32 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|x64.ActiveCfg = Release|x64 - {F58142CC-0CC7-0B18-5A0F-53642CFBA18E}.Release|x64.Build.0 = Release|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|Win32.ActiveCfg = Debug|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|Win32.Build.0 = Debug|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|x64.ActiveCfg = Debug|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Debug|x64.Build.0 = Debug|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|Win32.ActiveCfg = Release|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|Win32.Build.0 = Release|Win32 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|x64.ActiveCfg = Release|x64 - {BF782A50-E9AE-00CC-C28A-C9DA8AAB4D52}.Release|x64.Build.0 = Release|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|Win32.ActiveCfg = Debug|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|Win32.Build.0 = Debug|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|x64.ActiveCfg = Debug|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Debug|x64.Build.0 = Debug|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|Win32.ActiveCfg = Release|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|Win32.Build.0 = Release|Win32 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|x64.ActiveCfg = Release|x64 - {10AE376F-1A70-0297-0216-1FD01AD15D19}.Release|x64.Build.0 = Release|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|Win32.ActiveCfg = Debug|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|Win32.Build.0 = Debug|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|x64.ActiveCfg = Debug|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Debug|x64.Build.0 = Debug|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|Win32.ActiveCfg = Release|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|Win32.Build.0 = Release|Win32 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|x64.ActiveCfg = Release|x64 - {E8ED79F9-8034-1B09-263E-D3F8C4C5C4A8}.Release|x64.Build.0 = Release|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|Win32.ActiveCfg = Debug|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|Win32.Build.0 = Debug|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|x64.ActiveCfg = Debug|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Debug|x64.Build.0 = Debug|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|Win32.ActiveCfg = Release|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|Win32.Build.0 = Release|Win32 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|x64.ActiveCfg = Release|x64 - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE}.Release|x64.Build.0 = Release|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|Win32.ActiveCfg = Debug|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|Win32.Build.0 = Debug|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|x64.ActiveCfg = Debug|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Debug|x64.Build.0 = Debug|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|Win32.ActiveCfg = Release|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|Win32.Build.0 = Release|Win32 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|x64.ActiveCfg = Release|x64 - {1EC6CBA3-6187-D456-D9B7-A35399395D71}.Release|x64.Build.0 = Release|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|Win32.ActiveCfg = Debug|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|Win32.Build.0 = Debug|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|x64.ActiveCfg = Debug|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Debug|x64.Build.0 = Debug|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|Win32.ActiveCfg = Release|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|Win32.Build.0 = Release|Win32 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|x64.ActiveCfg = Release|x64 - {55007179-7746-9CFB-97EC-65102FB272C8}.Release|x64.Build.0 = Release|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|Win32.ActiveCfg = Debug|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|Win32.Build.0 = Debug|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|x64.ActiveCfg = Debug|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Debug|x64.Build.0 = Debug|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|Win32.ActiveCfg = Release|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|Win32.Build.0 = Release|Win32 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|x64.ActiveCfg = Release|x64 - {F2E8CA55-597F-7FDC-6456-D8650FB970A3}.Release|x64.Build.0 = Release|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|Win32.ActiveCfg = Debug|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|Win32.Build.0 = Debug|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|x64.ActiveCfg = Debug|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Debug|x64.Build.0 = Debug|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|Win32.ActiveCfg = Release|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|Win32.Build.0 = Release|Win32 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|x64.ActiveCfg = Release|x64 - {C429B336-1B30-119C-3B34-21A186D6744F}.Release|x64.Build.0 = Release|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|Win32.ActiveCfg = Debug|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|Win32.Build.0 = Debug|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|x64.ActiveCfg = Debug|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Debug|x64.Build.0 = Debug|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|Win32.ActiveCfg = Release|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|Win32.Build.0 = Release|Win32 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|x64.ActiveCfg = Release|x64 - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9}.Release|x64.Build.0 = Release|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|Win32.ActiveCfg = Debug|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|Win32.Build.0 = Debug|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|x64.ActiveCfg = Debug|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Debug|x64.Build.0 = Debug|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|Win32.ActiveCfg = Release|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|Win32.Build.0 = Release|Win32 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|x64.ActiveCfg = Release|x64 - {D06CF12E-F222-9273-41BF-B8A052FA5527}.Release|x64.Build.0 = Release|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|Win32.ActiveCfg = Debug|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|Win32.Build.0 = Debug|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|x64.ActiveCfg = Debug|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Debug|x64.Build.0 = Debug|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|Win32.ActiveCfg = Release|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|Win32.Build.0 = Release|Win32 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|x64.ActiveCfg = Release|x64 - {F472475C-F677-0E7F-F127-45BF5B64F622}.Release|x64.Build.0 = Release|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|Win32.ActiveCfg = Debug|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|Win32.Build.0 = Debug|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|x64.ActiveCfg = Debug|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Debug|x64.Build.0 = Debug|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|Win32.ActiveCfg = Release|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|Win32.Build.0 = Release|Win32 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|x64.ActiveCfg = Release|x64 - {10790F49-6887-AAB6-2D86-BCBD516F8D26}.Release|x64.Build.0 = Release|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|Win32.ActiveCfg = Debug|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|Win32.Build.0 = Debug|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|x64.ActiveCfg = Debug|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Debug|x64.Build.0 = Debug|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|Win32.ActiveCfg = Release|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|Win32.Build.0 = Release|Win32 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|x64.ActiveCfg = Release|x64 - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D}.Release|x64.Build.0 = Release|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|Win32.ActiveCfg = Debug|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|Win32.Build.0 = Debug|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|x64.ActiveCfg = Debug|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Debug|x64.Build.0 = Debug|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|Win32.ActiveCfg = Release|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|Win32.Build.0 = Release|Win32 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|x64.ActiveCfg = Release|x64 - {689E28CF-89ED-BA38-3A14-78A75D891D46}.Release|x64.Build.0 = Release|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|Win32.ActiveCfg = Debug|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|Win32.Build.0 = Debug|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|x64.ActiveCfg = Debug|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Debug|x64.Build.0 = Debug|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.ActiveCfg = Release|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|Win32.Build.0 = Release|Win32 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.ActiveCfg = Release|x64 - {95C50864-854C-2A11-4C91-BCE654E344FB}.Release|x64.Build.0 = Release|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.ActiveCfg = Debug|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|Win32.Build.0 = Debug|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.ActiveCfg = Debug|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Debug|x64.Build.0 = Debug|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.ActiveCfg = Release|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|Win32.Build.0 = Release|Win32 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.ActiveCfg = Release|x64 - {020C31BD-C4DF-BABA-E537-F517C4E98537}.Release|x64.Build.0 = Release|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.ActiveCfg = Debug|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|Win32.Build.0 = Debug|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.ActiveCfg = Debug|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Debug|x64.Build.0 = Debug|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.ActiveCfg = Release|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|Win32.Build.0 = Release|Win32 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.ActiveCfg = Release|x64 - {778777A0-393D-45E8-83C1-EAF487236F1F}.Release|x64.Build.0 = Release|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.ActiveCfg = Debug|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|Win32.Build.0 = Debug|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.ActiveCfg = Debug|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Debug|x64.Build.0 = Debug|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.ActiveCfg = Release|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|Win32.Build.0 = Release|Win32 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.ActiveCfg = Release|x64 - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117}.Release|x64.Build.0 = Release|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.ActiveCfg = Debug|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|Win32.Build.0 = Debug|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.ActiveCfg = Debug|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Debug|x64.Build.0 = Debug|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|Win32.ActiveCfg = Release|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|Win32.Build.0 = Release|Win32 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|x64.ActiveCfg = Release|x64 - {DE695064-13C3-18B0-378D-8B22672BF3F4}.Release|x64.Build.0 = Release|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|Win32.ActiveCfg = Debug|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|Win32.Build.0 = Debug|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|x64.ActiveCfg = Debug|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Debug|x64.Build.0 = Debug|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.ActiveCfg = Release|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|Win32.Build.0 = Release|Win32 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.ActiveCfg = Release|x64 - {5FCC71F6-FF33-EBCF-FBA2-8FC783D5318E}.Release|x64.Build.0 = Release|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.ActiveCfg = Debug|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|Win32.Build.0 = Debug|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.ActiveCfg = Debug|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Debug|x64.Build.0 = Debug|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.ActiveCfg = Release|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|Win32.Build.0 = Release|Win32 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.ActiveCfg = Release|x64 - {FE7AB78F-DBF1-0721-3522-0D7C3011D2E5}.Release|x64.Build.0 = Release|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.ActiveCfg = Debug|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|Win32.Build.0 = Debug|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.ActiveCfg = Debug|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Debug|x64.Build.0 = Debug|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.ActiveCfg = Release|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|Win32.Build.0 = Release|Win32 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.ActiveCfg = Release|x64 - {BFE89EAA-D98B-34E1-C5A4-4080F6FFE317}.Release|x64.Build.0 = Release|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.ActiveCfg = Debug|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|Win32.Build.0 = Debug|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.ActiveCfg = Debug|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Debug|x64.Build.0 = Debug|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.ActiveCfg = Release|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|Win32.Build.0 = Release|Win32 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.ActiveCfg = Release|x64 - {C4FE29EA-266D-5295-4840-976B9B5B3843}.Release|x64.Build.0 = Release|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.ActiveCfg = Debug|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|Win32.Build.0 = Debug|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.ActiveCfg = Debug|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Debug|x64.Build.0 = Debug|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.ActiveCfg = Release|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|Win32.Build.0 = Release|Win32 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.ActiveCfg = Release|x64 - {487A2F80-3CA3-678D-88D5-82194872CF08}.Release|x64.Build.0 = Release|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.ActiveCfg = Debug|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|Win32.Build.0 = Debug|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.ActiveCfg = Debug|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Debug|x64.Build.0 = Debug|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.ActiveCfg = Release|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|Win32.Build.0 = Release|Win32 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.ActiveCfg = Release|x64 - {4E590E9D-E28F-87FF-385B-D58736388231}.Release|x64.Build.0 = Release|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|Win32.ActiveCfg = Debug|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|Win32.Build.0 = Debug|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|x64.ActiveCfg = Debug|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Debug|x64.Build.0 = Debug|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|Win32.ActiveCfg = Release|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|Win32.Build.0 = Release|Win32 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|x64.ActiveCfg = Release|x64 - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC}.Release|x64.Build.0 = Release|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.ActiveCfg = Debug|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|Win32.Build.0 = Debug|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.ActiveCfg = Debug|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Debug|x64.Build.0 = Debug|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.ActiveCfg = Release|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Release|Win32.Build.0 = Release|Win32 - {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.ActiveCfg = Release|x64 - {918CD402-047D-8467-E11C-E1132053F916}.Release|x64.Build.0 = Release|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.ActiveCfg = Debug|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|Win32.Build.0 = Debug|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.ActiveCfg = Debug|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Debug|x64.Build.0 = Debug|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.ActiveCfg = Release|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|Win32.Build.0 = Release|Win32 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.ActiveCfg = Release|x64 - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD}.Release|x64.Build.0 = Release|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.ActiveCfg = Debug|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|Win32.Build.0 = Debug|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.ActiveCfg = Debug|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Debug|x64.Build.0 = Debug|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.ActiveCfg = Release|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|Win32.Build.0 = Release|Win32 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.ActiveCfg = Release|x64 - {E08E0065-896A-7487-DEA5-D3B80B71F975}.Release|x64.Build.0 = Release|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.ActiveCfg = Debug|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|Win32.Build.0 = Debug|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.ActiveCfg = Debug|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Debug|x64.Build.0 = Debug|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.ActiveCfg = Release|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|Win32.Build.0 = Release|Win32 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.ActiveCfg = Release|x64 - {A4DA7463-1047-BDF5-E1B3-5632CB573F41}.Release|x64.Build.0 = Release|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.ActiveCfg = Debug|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|Win32.Build.0 = Debug|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.ActiveCfg = Debug|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Debug|x64.Build.0 = Debug|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|Win32.ActiveCfg = Release|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|Win32.Build.0 = Release|Win32 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|x64.ActiveCfg = Release|x64 - {90EFD9A4-C6B0-3EE8-1F06-0A0E0D55AEDA}.Release|x64.Build.0 = Release|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.ActiveCfg = Debug|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|Win32.Build.0 = Debug|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.ActiveCfg = Debug|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Debug|x64.Build.0 = Debug|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.ActiveCfg = Release|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|Win32.Build.0 = Release|Win32 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.ActiveCfg = Release|x64 - {D6F58AF2-9D80-562A-E2B0-F743281522B9}.Release|x64.Build.0 = Release|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|Win32.ActiveCfg = Debug|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|Win32.Build.0 = Debug|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|x64.ActiveCfg = Debug|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Debug|x64.Build.0 = Debug|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.ActiveCfg = Release|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|Win32.Build.0 = Release|Win32 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.ActiveCfg = Release|x64 - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A}.Release|x64.Build.0 = Release|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.ActiveCfg = Debug|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|Win32.Build.0 = Debug|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.ActiveCfg = Debug|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Debug|x64.Build.0 = Debug|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.ActiveCfg = Release|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|Win32.Build.0 = Release|Win32 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.ActiveCfg = Release|x64 - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A}.Release|x64.Build.0 = Release|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.ActiveCfg = Debug|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|Win32.Build.0 = Debug|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.ActiveCfg = Debug|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Debug|x64.Build.0 = Debug|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.ActiveCfg = Release|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|Win32.Build.0 = Release|Win32 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.ActiveCfg = Release|x64 - {10C01E94-4926-063E-9F56-C84ED190D349}.Release|x64.Build.0 = Release|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.ActiveCfg = Debug|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|Win32.Build.0 = Debug|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.ActiveCfg = Debug|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Debug|x64.Build.0 = Debug|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|Win32.ActiveCfg = Release|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|Win32.Build.0 = Release|Win32 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|x64.ActiveCfg = Release|x64 - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC}.Release|x64.Build.0 = Release|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|Win32.ActiveCfg = Debug|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|Win32.Build.0 = Debug|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|x64.ActiveCfg = Debug|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Debug|x64.Build.0 = Debug|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.ActiveCfg = Release|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|Win32.Build.0 = Release|Win32 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.ActiveCfg = Release|x64 - {23EF735C-CC4C-3EC4-A75E-903DB340F04A}.Release|x64.Build.0 = Release|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.ActiveCfg = Debug|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|Win32.Build.0 = Debug|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.ActiveCfg = Debug|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Debug|x64.Build.0 = Debug|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.ActiveCfg = Release|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|Win32.Build.0 = Release|Win32 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.ActiveCfg = Release|x64 - {D4D691D4-137C-CBFA-735B-D46636D7E4D8}.Release|x64.Build.0 = Release|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.ActiveCfg = Debug|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|Win32.Build.0 = Debug|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.ActiveCfg = Debug|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Debug|x64.Build.0 = Debug|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.ActiveCfg = Release|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|Win32.Build.0 = Release|Win32 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.ActiveCfg = Release|x64 - {C9E2AB15-8AEF-DD48-60C3-557ECC5215BE}.Release|x64.Build.0 = Release|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.ActiveCfg = Debug|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|Win32.Build.0 = Debug|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.ActiveCfg = Debug|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Debug|x64.Build.0 = Debug|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.ActiveCfg = Release|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|Win32.Build.0 = Release|Win32 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.ActiveCfg = Release|x64 - {35E52E46-3BA9-4361-41D3-53663C2E9B8A}.Release|x64.Build.0 = Release|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.ActiveCfg = Debug|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|Win32.Build.0 = Debug|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.ActiveCfg = Debug|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Debug|x64.Build.0 = Debug|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.ActiveCfg = Release|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|Win32.Build.0 = Release|Win32 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.ActiveCfg = Release|x64 - {DB904B85-AD31-B7FB-114F-88760CC485F2}.Release|x64.Build.0 = Release|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.ActiveCfg = Debug|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|Win32.Build.0 = Debug|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.ActiveCfg = Debug|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Debug|x64.Build.0 = Debug|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.ActiveCfg = Release|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|Win32.Build.0 = Release|Win32 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.ActiveCfg = Release|x64 - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3}.Release|x64.Build.0 = Release|x64 - EndGlobalSection - GlobalSection(SolutionProperties) = preSolution - HideSolutionNode = FALSE - EndGlobalSection -EndGlobal diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj deleted file mode 100644 index c2f106373e..0000000000 --- a/visualc/VS2010/mbedTLS.vcxproj +++ /dev/null @@ -1,400 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - {46CF2D25-6A36-4189-B59C-E4815388E554} - Win32Proj - mbedTLS - - - - StaticLibrary - true - Unicode - - - StaticLibrary - true - Unicode - - - StaticLibrary - false - true - Unicode - - - StaticLibrary - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - _USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - CompileAsC - - - Windows - true - - - - - Level3 - Disabled - _USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - CompileAsC - - - Windows - true - - - - - Level3 - MaxSpeed - true - true - NDEBUG;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Windows - true - true - true - - - - - Level3 - MaxSpeed - true - true - WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions) - -../../library;../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Windows - true - true - true - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj deleted file mode 100644 index e4ee166bf7..0000000000 --- a/visualc/VS2010/mini_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C4FE29EA-266D-5295-4840-976B9B5B3843} - Win32Proj - mini_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj deleted file mode 100644 index b0fee89c37..0000000000 --- a/visualc/VS2010/mpi_demo.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A59FAA0B-9C34-1F99-794D-A365A3AA8CCE} - Win32Proj - mpi_demo - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj deleted file mode 100644 index 84c2e8c0aa..0000000000 --- a/visualc/VS2010/pem2der.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D3C6FBD6-D78E-7180-8345-5E09B492DBEC} - Win32Proj - pem2der - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj deleted file mode 100644 index da3e8d8e09..0000000000 --- a/visualc/VS2010/pk_decrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {1EC6CBA3-6187-D456-D9B7-A35399395D71} - Win32Proj - pk_decrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj deleted file mode 100644 index 829e072344..0000000000 --- a/visualc/VS2010/pk_encrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {55007179-7746-9CFB-97EC-65102FB272C8} - Win32Proj - pk_encrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj deleted file mode 100644 index d93d11469f..0000000000 --- a/visualc/VS2010/pk_sign.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {F2E8CA55-597F-7FDC-6456-D8650FB970A3} - Win32Proj - pk_sign - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj deleted file mode 100644 index 5933b92587..0000000000 --- a/visualc/VS2010/pk_verify.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {C429B336-1B30-119C-3B34-21A186D6744F} - Win32Proj - pk_verify - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj deleted file mode 100644 index d35dd19a14..0000000000 --- a/visualc/VS2010/psa_constant_names.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A0BAD8F0-69B5-8382-86ED-C36ACBE54117} - Win32Proj - psa_constant_names - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj deleted file mode 100644 index d0e0a6df6f..0000000000 --- a/visualc/VS2010/query_compile_time_config.vcxproj +++ /dev/null @@ -1,168 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D6F58AF2-9D80-562A-E2B0-F743281522B9} - Win32Proj - query_compile_time_config - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj deleted file mode 100644 index 900e415fb1..0000000000 --- a/visualc/VS2010/req_app.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {486B1375-5CFA-C2D2-DD89-C9F497BADCB3} - Win32Proj - req_app - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj deleted file mode 100644 index 188b17efda..0000000000 --- a/visualc/VS2010/rsa_decrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E0D71D72-8DF4-CCFC-EF60-741EADAB8BF9} - Win32Proj - rsa_decrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj deleted file mode 100644 index a44f676d70..0000000000 --- a/visualc/VS2010/rsa_encrypt.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {D06CF12E-F222-9273-41BF-B8A052FA5527} - Win32Proj - rsa_encrypt - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj deleted file mode 100644 index 35b27b7a38..0000000000 --- a/visualc/VS2010/rsa_genkey.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {F472475C-F677-0E7F-F127-45BF5B64F622} - Win32Proj - rsa_genkey - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj deleted file mode 100644 index 90a7ac8cb8..0000000000 --- a/visualc/VS2010/rsa_sign.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {10790F49-6887-AAB6-2D86-BCBD516F8D26} - Win32Proj - rsa_sign - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj deleted file mode 100644 index 5d2ac82081..0000000000 --- a/visualc/VS2010/rsa_sign_pss.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {DCD3A1B6-5EC1-8266-93EF-BD2B9BEFE12D} - Win32Proj - rsa_sign_pss - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj deleted file mode 100644 index a413ba8ca7..0000000000 --- a/visualc/VS2010/rsa_verify.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {689E28CF-89ED-BA38-3A14-78A75D891D46} - Win32Proj - rsa_verify - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj deleted file mode 100644 index 369b14514c..0000000000 --- a/visualc/VS2010/rsa_verify_pss.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {95C50864-854C-2A11-4C91-BCE654E344FB} - Win32Proj - rsa_verify_pss - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj deleted file mode 100644 index 6feb5936f3..0000000000 --- a/visualc/VS2010/selftest.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7DBC5F77-3DA1-5F73-8421-E693D95FC66A} - Win32Proj - selftest - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj deleted file mode 100644 index 860334e4a4..0000000000 --- a/visualc/VS2010/ssl_client1.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {487A2F80-3CA3-678D-88D5-82194872CF08} - Win32Proj - ssl_client1 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj deleted file mode 100644 index 9884f23702..0000000000 --- a/visualc/VS2010/ssl_client2.vcxproj +++ /dev/null @@ -1,169 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {4E590E9D-E28F-87FF-385B-D58736388231} - Win32Proj - ssl_client2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_context_info.vcxproj b/visualc/VS2010/ssl_context_info.vcxproj deleted file mode 100644 index 1c98d34bf7..0000000000 --- a/visualc/VS2010/ssl_context_info.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {017ECC7D-FB6D-46D8-076B-F64172E8E3BC} - Win32Proj - ssl_context_info - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj deleted file mode 100644 index 6d44ef0795..0000000000 --- a/visualc/VS2010/ssl_fork_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {918CD402-047D-8467-E11C-E1132053F916} - Win32Proj - ssl_fork_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj deleted file mode 100644 index e2253c665e..0000000000 --- a/visualc/VS2010/ssl_mail_client.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7C4863A1-941A-C5AE-E1F9-30F062E4B2FD} - Win32Proj - ssl_mail_client - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj deleted file mode 100644 index 23ad7ecc87..0000000000 --- a/visualc/VS2010/ssl_server.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {E08E0065-896A-7487-DEA5-D3B80B71F975} - Win32Proj - ssl_server - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj deleted file mode 100644 index d8f3e592dc..0000000000 --- a/visualc/VS2010/ssl_server2.vcxproj +++ /dev/null @@ -1,169 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {A4DA7463-1047-BDF5-E1B3-5632CB573F41} - Win32Proj - ssl_server2 - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj deleted file mode 100644 index 9e70decd97..0000000000 --- a/visualc/VS2010/strerror.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {23EF735C-CC4C-3EC4-A75E-903DB340F04A} - Win32Proj - strerror - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj deleted file mode 100644 index 69678f635d..0000000000 --- a/visualc/VS2010/udp_proxy.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {7E2C80FE-3CC3-82B4-0CAD-65DC233DE13A} - Win32Proj - udp_proxy - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj deleted file mode 100644 index 9e0746de9a..0000000000 --- a/visualc/VS2010/zeroize.vcxproj +++ /dev/null @@ -1,167 +0,0 @@ - - - - - Debug - Win32 - - - Debug - x64 - - - Release - Win32 - - - Release - x64 - - - - - - - - {46cf2d25-6a36-4189-b59c-e4815388e554} - true - - - - {10C01E94-4926-063E-9F56-C84ED190D349} - Win32Proj - zeroize - - - - Application - true - Unicode - - - Application - true - Unicode - - - Application - false - true - Unicode - - - Application - false - true - Unicode - - - - - - - - - - - - - - - - - - - true - $(Configuration)\$(TargetName)\ - - - true - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - false - $(Configuration)\$(TargetName)\ - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - Disabled - %(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - Debug - - - false - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies) - - - - - Level3 - MaxSpeed - true - true - NDEBUG;%(PreprocessorDefinitions) - -../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include - - - Console - true - true - true - Release - %(AdditionalDependencies); - - - - - - From 9039303cf58882d1fde68d2f6047795dfc750e9c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 18 May 2021 05:27:18 +0100 Subject: [PATCH 126/271] Add migration guide Signed-off-by: Hanno Becker --- .../session-cache-api.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 docs/3.0-migration-guide.d/session-cache-api.md diff --git a/docs/3.0-migration-guide.d/session-cache-api.md b/docs/3.0-migration-guide.d/session-cache-api.md new file mode 100644 index 0000000000..b28ce1946a --- /dev/null +++ b/docs/3.0-migration-guide.d/session-cache-api.md @@ -0,0 +1,28 @@ +Session Cache API Change +----------------------------------------------------------------- + +This affects users who use `mbedtls_ssl_conf_session_cache()` +to configure a custom session cache implementation different +from the one Mbed TLS implements in `library/ssl_cache.c`. + +Those users will need to modify the API of their session cache +implementation to that of a key-value store with keys being +session IDs and values being instances of `mbedtls_ssl_session`: + +``` +typedef int mbedtls_ssl_cache_get_t( void *data, + unsigned char const *session_id, + size_t session_id_len, + mbedtls_ssl_session *session ); +typedef int mbedtls_ssl_cache_set_t( void *data, + unsigned char const *session_id, + size_t session_id_len, + const mbedtls_ssl_session *session ); +``` + +Since the structure of `mbedtls_ssl_session` is no longer public from 3.0 +onwards, portable session cache implementations must not access fields of +`mbedtls_ssl_session`. See the corresponding migration guide. Users that +find themselves unable to migrate their session cache functionality without +accessing fields of `mbedtls_ssl_session` should describe their usecase +on the Mbed TLS mailing list. From 217715d32bb64840306660b355336110b3b55215 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 18 May 2021 05:28:53 +0100 Subject: [PATCH 127/271] Add ChangeLog entry Signed-off-by: Hanno Becker --- ChangeLog.d/session-cache-api.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/session-cache-api.txt diff --git a/ChangeLog.d/session-cache-api.txt b/ChangeLog.d/session-cache-api.txt new file mode 100644 index 0000000000..e3f25d6b86 --- /dev/null +++ b/ChangeLog.d/session-cache-api.txt @@ -0,0 +1,5 @@ +API Changes + * The getter and setter API of the SSL session cache (used for + session-ID based session resumption) has changed to that of + a key-value store with keys being session IDs and values + being opaque instances of `mbedtls_ssl_session`. From ea620864ac82aeb8a5c219459a62eaeaf620377b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 18 May 2021 08:36:36 +0100 Subject: [PATCH 128/271] Fix formatting of changelog entry Signed-off-by: Hanno Becker --- ChangeLog.d/session-cache-api.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/session-cache-api.txt b/ChangeLog.d/session-cache-api.txt index e3f25d6b86..75cc9438f8 100644 --- a/ChangeLog.d/session-cache-api.txt +++ b/ChangeLog.d/session-cache-api.txt @@ -1,4 +1,4 @@ -API Changes +API changes * The getter and setter API of the SSL session cache (used for session-ID based session resumption) has changed to that of a key-value store with keys being session IDs and values From 11425347f0b40e7ce2225789a8619352d95aacba Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 11:57:05 +0100 Subject: [PATCH 129/271] Modifies tests in rsa test suite Modification of tests in test_suite_rsa.function to adept them for the removal of the mode param from mbedtls_rsa_pkcs1_sign function. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 1bf1850027..f8bf859bf6 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -205,27 +205,22 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From fa1581ea03395212b9fef2b01ba957a0d26502ab Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 12:38:33 +0100 Subject: [PATCH 130/271] Modifies typedef of mbedtls_pk_rsa_alt_sign_func This commit modifies the typedef of mbedtls_pk_rsa_alt_sign_func and propagates the associated changes throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/pk.h | 2 +- library/pk_wrap.c | 2 +- tests/suites/test_suite_pk.function | 4 ++-- tests/suites/test_suite_x509write.function | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 093b3bc6d6..25f02ff69d 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -234,7 +234,7 @@ typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, size_t *olen, size_t output_max_len ); typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ); typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx ); #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ diff --git a/library/pk_wrap.c b/library/pk_wrap.c index e1ad50795d..ec07c60246 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -770,7 +770,7 @@ static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, if( *sig_len > MBEDTLS_PK_SIGNATURE_MAX_SIZE ) return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); - return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, md_alg, (unsigned int) hash_len, hash, sig ) ); } diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index b81bd7be47..27d73ff9ad 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -70,13 +70,13 @@ int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, } int mbedtls_rsa_sign_func( void *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { ((void) f_rng); ((void) p_rng); return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, mode, + mbedtls_test_rnd_std_rand, NULL, MBEDTLS_RSA_PRIVATE, md_alg, hashlen, hash, sig ) ); } size_t mbedtls_rsa_key_len_func( void *ctx ) diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index 04ea69b1a6..a36fa43763 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -16,10 +16,10 @@ int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen, } int mbedtls_rsa_sign_func( void *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, + mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, + return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, hashlen, hash, sig ) ); } size_t mbedtls_rsa_key_len_func( void *ctx ) From ef80a9c5e0750be11155f976638368b7c55753da Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 18 May 2021 15:19:54 +0200 Subject: [PATCH 131/271] Add migration guide for removed null entropy config option Signed-off-by: Mateusz Starzyk --- docs/3.0-migration-guide.d/remove-null-entropy.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 docs/3.0-migration-guide.d/remove-null-entropy.md diff --git a/docs/3.0-migration-guide.d/remove-null-entropy.md b/docs/3.0-migration-guide.d/remove-null-entropy.md new file mode 100644 index 0000000000..d6c39057f0 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-null-entropy.md @@ -0,0 +1,9 @@ +Remove the option to build the library without any entropy sources +------------------------------------------------------------------ + +This does not affect users who use the default `config.h`, as this option was +already off by default. + +If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option, you can either use +`MBEDTLS_ENTROPY_NV_SEED` or create a fake entropy function. + From b9eaa7369ba7db91a1077634db3be1362ef6b361 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 15:42:16 +0100 Subject: [PATCH 132/271] Modifies tests in test suite RSA Modifies tests for mbedtls_rsa_rsassa_pkcs1_v15_sign function in test_suite_rsa.function Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f8bf859bf6..e70faac72b 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -227,27 +227,22 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From a7a4306adf2bff2fd376991b39ee2888e70dd220 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 16:39:33 +0200 Subject: [PATCH 133/271] Fix build error when int32_t is not int Fix a pointer mismatch when int32_t is not int, for example on Cortex-M where in32_t is long int. Fix #4530 Signed-off-by: Gilles Peskine --- ChangeLog.d/host_test-int32.txt | 3 +++ tests/suites/host_test.function | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/host_test-int32.txt diff --git a/ChangeLog.d/host_test-int32.txt b/ChangeLog.d/host_test-int32.txt new file mode 100644 index 0000000000..60ef8e9702 --- /dev/null +++ b/ChangeLog.d/host_test-int32.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix test suite code on platforms where int32_t is not int, such as + Arm Cortex-M. Fixes #4530. diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function index d83d751ec6..a5fd7179b6 100644 --- a/tests/suites/host_test.function +++ b/tests/suites/host_test.function @@ -33,7 +33,7 @@ int verify_string( char **str ) * * \return 0 if success else 1 */ -int verify_int( char *str, int *value ) +int verify_int( char *str, int32_t *value ) { size_t i; int minus = 0; @@ -238,7 +238,7 @@ static int parse_arguments( char *buf, size_t len, char **params, * * \return 0 for success else 1 */ -static int convert_params( size_t cnt , char ** params , int * int_params_store ) +static int convert_params( size_t cnt , char ** params , int32_t * int_params_store ) { char ** cur = params; char ** out = params; @@ -520,7 +520,7 @@ int execute_tests( int argc , const char ** argv ) char buf[5000]; char *params[50]; /* Store for proccessed integer params. */ - int int_params[50]; + int32_t int_params[50]; void *pointer; #if defined(__unix__) || (defined(__APPLE__) && defined(__MACH__)) int stdout_fd = -1; From 9a66d5c1817792e30d39911cd6781c21f8e0cc65 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 15:50:21 +0100 Subject: [PATCH 134/271] Modifies tests in RSA test suite Tests for mbedtls_rsa_rsassa_pss_sign in test_suite_rsa.function have been modified to allow for upcoming removal of mode param. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index e70faac72b..7c7d8f9b69 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -249,27 +249,22 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From 140184d0293bf14e004c78f6cc722d563f9b0079 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 16:04:07 +0100 Subject: [PATCH 135/271] Removes mode param from mbedtls_rsa_pkcs1_sign Commit removes the mode parameter from mbedtls_rsa_pkcs1_sign and progagates the change to all relevant parts of the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 21 ++++----------------- library/pk_wrap.c | 5 +++-- library/psa_crypto_rsa.c | 1 - library/rsa.c | 13 +++++-------- programs/pkey/dh_server.c | 2 +- programs/pkey/rsa_sign.c | 2 +- tests/suites/test_suite_pk.function | 2 +- tests/suites/test_suite_pkcs1_v15.function | 4 ++-- tests/suites/test_suite_pkcs1_v21.function | 4 ++-- tests/suites/test_suite_rsa.function | 12 ++++-------- tests/suites/test_suite_x509write.function | 4 ++-- 11 files changed, 25 insertions(+), 45 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index c250525d70..96548bd4df 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -790,7 +790,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * a message digest using PKCS#1. * * It is the generic wrapper for performing a PKCS#1 - * signature using the \p mode from the context. + * signature. * * \note The \p sig buffer must be as large as the size * of \p ctx->N. For example, 128 Bytes if RSA-1024 is used. @@ -799,25 +799,13 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * mbedtls_rsa_rsassa_pss_sign() for details on * \p md_alg and \p hash_id. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PRIVATE. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG function to use. If the padding mode is PKCS#1 v2.1, - * this must be provided. If the padding mode is PKCS#1 v1.5 and - * \p mode is #MBEDTLS_RSA_PRIVATE, it is used for blinding - * and should be provided; see mbedtls_rsa_private() for more - * more. It is ignored otherwise. + * this must be provided. If the padding mode is PKCS#1 v1.5 + * it is used for blinding and should be provided; + * see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * if \p f_rng is \c NULL or doesn't need a context argument. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -838,7 +826,6 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/pk_wrap.c b/library/pk_wrap.c index ec07c60246..9f4c187b05 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -120,8 +120,9 @@ static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, *sig_len = mbedtls_rsa_get_len( rsa ); - return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, (unsigned int) hash_len, hash, sig ) ); + return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, + md_alg, (unsigned int) hash_len, + hash, sig ) ); } static int rsa_decrypt_wrap( void *ctx, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 686f07d334..192f4a3971 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -419,7 +419,6 @@ static psa_status_t rsa_sign_hash( ret = mbedtls_rsa_pkcs1_sign( rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, md_alg, (unsigned int) hash_length, hash, diff --git a/library/rsa.c b/library/rsa.c index 86bd71d47d..22880a23d2 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2129,15 +2129,12 @@ cleanup: int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || hash != NULL ); @@ -2147,14 +2144,14 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + md_alg, hashlen, hash, sig ); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + md_alg, hashlen, hash, sig ); #endif default: @@ -2714,7 +2711,7 @@ int mbedtls_rsa_self_test( int verbose ) } if( mbedtls_rsa_pkcs1_sign( &rsa, myrand, NULL, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, + MBEDTLS_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c index dccf0951ca..63df77ee01 100644 --- a/programs/pkey/dh_server.c +++ b/programs/pkey/dh_server.c @@ -229,7 +229,7 @@ int main( void ) buf[n ] = (unsigned char)( rsa.len >> 8 ); buf[n + 1] = (unsigned char)( rsa.len ); - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256, 0, hash, buf + n + 2 ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned %d\n\n", ret ); diff --git a/programs/pkey/rsa_sign.c b/programs/pkey/rsa_sign.c index c9522c8c26..1cfa0a8dd9 100644 --- a/programs/pkey/rsa_sign.c +++ b/programs/pkey/rsa_sign.c @@ -146,7 +146,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256, + if( ( ret = mbedtls_rsa_pkcs1_sign( &rsa, NULL, NULL, MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", (unsigned int) -ret ); diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function index 27d73ff9ad..0038a58630 100644 --- a/tests/suites/test_suite_pk.function +++ b/tests/suites/test_suite_pk.function @@ -76,7 +76,7 @@ int mbedtls_rsa_sign_func( void *ctx, ((void) f_rng); ((void) p_rng); return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, - mbedtls_test_rnd_std_rand, NULL, MBEDTLS_RSA_PRIVATE, + mbedtls_test_rnd_std_rand, NULL, md_alg, hashlen, hash, sig ) ); } size_t mbedtls_rsa_key_len_func( void *ctx ) diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 878c414ad6..0c2547d2e8 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -293,8 +293,8 @@ void pkcs1_rsassa_v15_sign( int mod, int radix_P, char * input_P, int radix_Q, TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PRIVATE, digest, - 0, hash_result, output ) == result ); + &info, digest, 0, hash_result, + output ) == result ); if( result == 0 ) { diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 623f7bc552..e64f22290f 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -148,8 +148,8 @@ void pkcs1_rsassa_pss_sign( int mod, data_t * input_P, data_t * input_Q, if (fixed_salt_length == MBEDTLS_RSA_SALT_LEN_ANY) { TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_buffer_rand, - &info, MBEDTLS_RSA_PRIVATE, digest, 0, - hash_result, output ) == result ); + &info, digest, 0,hash_result, + output ) == result ); if( result == 0 ) { ASSERT_COMPARE( output, ctx.len, result_str->x, result_str->len ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 7c7d8f9b69..e4f962562a 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -205,22 +205,18 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( NULL, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); @@ -479,8 +475,8 @@ void mbedtls_rsa_pkcs1_sign( data_t * message_str, int padding_mode, TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, digest, - 0, hash_result, output ) == result ); + &rnd_info, digest, 0, hash_result, + output ) == result ); if( result == 0 ) { @@ -560,8 +556,8 @@ void rsa_pkcs1_sign_raw( data_t * hash_result, TEST_ASSERT( mbedtls_rsa_pkcs1_sign( &ctx, &mbedtls_test_rnd_pseudo_rand, - &rnd_info, MBEDTLS_RSA_PRIVATE, - MBEDTLS_MD_NONE, hash_result->len, + &rnd_info, MBEDTLS_MD_NONE, + hash_result->len, hash_result->x, output ) == 0 ); diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function index a36fa43763..44f846fd31 100644 --- a/tests/suites/test_suite_x509write.function +++ b/tests/suites/test_suite_x509write.function @@ -19,8 +19,8 @@ int mbedtls_rsa_sign_func( void *ctx, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { - return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, hashlen, hash, sig ) ); + return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, + md_alg, hashlen, hash, sig ) ); } size_t mbedtls_rsa_key_len_func( void *ctx ) { From c1ae30a05e124569ce59c2dde60e71b3a8a3ce95 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 18 May 2021 18:59:37 +0100 Subject: [PATCH 136/271] Fix docs for mbedtls_padlock_has_support Fix a slight inaccuracy in the docs for the return value of mbedtls_padlock_has_support. Signed-off-by: Dave Rodgman --- library/padlock.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/padlock.h b/library/padlock.h index 78dbeb60d2..4f4e400346 100644 --- a/library/padlock.h +++ b/library/padlock.h @@ -71,7 +71,7 @@ extern "C" { * * \param feature The feature to detect * - * \return 1 if CPU has support for the feature, 0 otherwise + * \return non-zero if CPU has support for the feature, 0 otherwise */ int mbedtls_padlock_has_support( int feature ); From 96d6e087175e650c90e93a2d686fbca1e4ec1194 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 20:06:04 +0200 Subject: [PATCH 137/271] Make the formatting of numbers consistent Signed-off-by: Gilles Peskine --- include/mbedtls/sha256.h | 4 ++-- include/mbedtls/sha512.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h index 1100869520..22c2c7d7eb 100644 --- a/include/mbedtls/sha256.h +++ b/include/mbedtls/sha256.h @@ -128,7 +128,7 @@ int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx, * and have a hash operation started. * \param output The SHA-224 or SHA-256 checksum result. * This must be a writable buffer of length \c 32 bytes - * for SHA-256, 28 bytes for SHA-224. + * for SHA-256, \c 28 bytes for SHA-224. * * \return \c 0 on success. * \return A negative error code on failure. @@ -166,7 +166,7 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, * \param ilen The length of the input data in Bytes. * \param output The SHA-224 or SHA-256 checksum result. * This must be a writable buffer of length \c 32 bytes - * for SHA-256, 28 bytes for SHA-224. + * for SHA-256, \c 28 bytes for SHA-224. * \param is224 Determines which function to use. This must be * either \c 0 for SHA-256, or \c 1 for SHA-224. */ diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index 2852273140..ef1fa22231 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -135,7 +135,7 @@ int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, * and have a hash operation started. * \param output The SHA-384 or SHA-512 checksum result. * This must be a writable buffer of length \c 64 bytes - * for SHA-512, 48 bytes for SHA-384. + * for SHA-512, \c 48 bytes for SHA-384. * * \return \c 0 on success. * \return A negative error code on failure. @@ -173,7 +173,7 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param ilen The length of the input data in Bytes. * \param output The SHA-384 or SHA-512 checksum result. * This must be a writable buffer of length \c 64 bytes - * for SHA-512, 48 bytes for SHA-384. + * for SHA-512, \c 48 bytes for SHA-384. * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * From 52118189da539dcd1a2937eff272a10c97a7a7e1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 20:38:33 +0200 Subject: [PATCH 138/271] Fix copypasta in the description of mbedtls_gcm_update_ad Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 7218081e3c..78f2a438ff 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -240,8 +240,9 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, size_t iv_len ); /** - * \brief This function starts a GCM encryption or decryption - * operation. + * \brief This function feeds an input buffer as associated data + * (authenticated but not encrypted data) in a GCM + * encryption or decryption operation. * * \note This function may only be called once per operation: * you must pass the whole associated data in a single From 518fdb00e85866d4661e3609ef179d2ae9087753 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 20:43:31 +0200 Subject: [PATCH 139/271] Fix size/length confusion in documentation Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 78f2a438ff..995578ff8b 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -276,7 +276,7 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * is greater than zero, this must be a readable buffer * of at least \p input_length bytes. * \param input_length The length of the input data in bytes. - * \param output The buffer for the output data. If \p output_length + * \param output The buffer for the output data. If \p output_size * is greater than zero, this must be a writable buffer of * of at least \p output_size bytes. * This function may withhold the end of the output if From 8e8cdd150ac813739769bfb4a58aeaae51938e0c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 21:02:13 +0200 Subject: [PATCH 140/271] Add some information about the multipart calling sequence Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 995578ff8b..ae41c60472 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -244,6 +244,11 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx, * (authenticated but not encrypted data) in a GCM * encryption or decryption operation. * + * Call this function after mbedtls_gcm_starts() to pass + * the associated data. If the associated data is empty, + * you do not need to call this function. You may not + * call this function after calling mbedtls_cipher_update(). + * * \note This function may only be called once per operation: * you must pass the whole associated data in a single * call. This limitation will be lifted in a future version @@ -267,6 +272,12 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * \brief This function feeds an input buffer into an ongoing GCM * encryption or decryption operation. * + * You may call this function zero, one or more times + * to pass successive parts of the input: the plaintext to + * encrypt, or the ciphertext (not including the tag) to + * decrypt. After the last part of the input, call + * mbedtls_gcm_finish(). + * * \note For decryption, the output buffer cannot be the same as * input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. From d9380b5270afeef00aa5167225ad2771b2bf8c18 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 21:02:52 +0200 Subject: [PATCH 141/271] Document reasons for MBEDTLS_ERR_GCM_BAD_INPUT in update and finish Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index ae41c60472..2e998e71d0 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -312,7 +312,10 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * unspecified. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure: + * total input length too long, + * unsupported input/output buffer overlap detected, + * or \p output_size too small. */ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, const unsigned char *input, size_t input_length, @@ -343,7 +346,9 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * Alternative implementations may require a 15-byte buffer. * * \return \c 0 on success. - * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure. + * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure: + * invalid value of \p tag_len, + * or \p output_len too small. */ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, unsigned char *output, size_t output_len, From 526549854c79c721d4eefcece6756102f125a6bb Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 16:54:00 +0100 Subject: [PATCH 142/271] Removes mode param from mbedtls_rsa_rsassa_pkcs1_v15_sign Commit removes the mode parameter from mbedtls_rsa_rsassa_pkcs1_v15_sign and propagates the change throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 18 ++---------------- library/rsa.c | 18 +----------------- tests/suites/test_suite_rsa.function | 4 ---- 3 files changed, 3 insertions(+), 37 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 96548bd4df..e7ab073b09 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -835,24 +835,11 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 signature * operation (RSASSA-PKCS1-v1_5-SIGN). * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PRIVATE. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. If \p mode is - * #MBEDTLS_RSA_PUBLIC, it is ignored. + * \param f_rng The RNG function. This is used for blinding and should be + * provided; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * if \p f_rng is \c NULL or doesn't need a context argument. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -873,7 +860,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/rsa.c b/library/rsa.c index 22880a23d2..8129429b92 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2049,7 +2049,6 @@ static int rsa_rsassa_pkcs1_v15_encode( mbedtls_md_type_t md_alg, int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, @@ -2059,16 +2058,11 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, unsigned char *sig_try = NULL, *verif = NULL; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || hash != NULL ); RSA_VALIDATE_RET( sig != NULL ); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - /* * Prepare PKCS1-v1.5 encoding (padding and hash identifier) */ @@ -2077,16 +2071,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, ctx->len, sig ) ) != 0 ) return( ret ); - /* - * Call respective RSA primitive - */ - - if( mode == MBEDTLS_RSA_PUBLIC ) - { - /* Skip verification on a public key operation */ - return( mbedtls_rsa_public( ctx, sig, sig ) ); - } - /* Private key operation * * In order to prevent Lenstra's attack, make the signature in a @@ -2144,7 +2128,7 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, + return mbedtls_rsa_rsassa_pkcs1_v15_sign( ctx, f_rng, p_rng, md_alg, hashlen, hash, sig ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index e4f962562a..440c571742 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -223,22 +223,18 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( NULL, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From de9fdc4b12c2f83a32c3bc5e16148970d37c303a Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 17:10:04 +0100 Subject: [PATCH 143/271] Removes mode param from mbedtls_rsa_rsassa_pss_sign Commit removes the mode param from mbedtls_rsa_rsassa_pss_sign and propagates the changes throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 12 ------------ library/psa_crypto_rsa.c | 1 - library/rsa.c | 7 +++---- tests/suites/test_suite_rsa.function | 4 ---- 4 files changed, 3 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index e7ab073b09..103d6915f5 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -939,21 +939,10 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * the key size in bytes), this function returns * #MBEDTLS_ERR_RSA_BAD_INPUT_DATA. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PUBLIC mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PRIVATE. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PUBLIC and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG function. It must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * if \p f_rng doesn't need a context argument. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PRIVATE or #MBEDTLS_RSA_PUBLIC (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -974,7 +963,6 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 192f4a3971..4f41596543 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -433,7 +433,6 @@ static psa_status_t rsa_sign_hash( ret = mbedtls_rsa_rsassa_pss_sign( rsa, mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_NONE, (unsigned int) hash_length, hash, diff --git a/library/rsa.c b/library/rsa.c index 8129429b92..b241b8fee3 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1897,13 +1897,12 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, md_alg, + return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig ); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -2134,8 +2133,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, - md_alg, hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg, + hashlen, hash, sig ); #endif default: diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 440c571742..814385baa4 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -241,22 +241,18 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( NULL, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_sign( &ctx, NULL, NULL, - MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From 28b55850bdf836d83fe240a455c819a7f3bd7174 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 18:30:00 +0100 Subject: [PATCH 144/271] Modifies tests for verify functions Relevant tests have been modified and in some cases removed in preparation for removal of mode parameter from verify functions. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 55 ++++++++-------------------- 1 file changed, 16 insertions(+), 39 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 814385baa4..96a8cbf022 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -281,118 +281,95 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), buf, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), - buf, buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - invalid_mode, - 0, sizeof( buf ), - buf, - 0, 0, - buf ) ); - TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, - valid_mode, + MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, 0, 0, From ac1331211e9f9c9d371a8e327c2fc8a95e90b239 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 19:26:39 +0100 Subject: [PATCH 145/271] Removes f_rng parameter from mbedtls_rsa_pkcs1_verify Commit removes f_rng parameter from mbedtls_rsa_pkcs1_verify as a prerequisite to removing the mode parameter. f_rng no longer has relevance in this function if mode is removed. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 4 ---- library/pk_wrap.c | 2 +- library/psa_crypto_rsa.c | 1 - library/rsa.c | 7 +++---- programs/pkey/dh_client.c | 2 +- programs/pkey/rsa_verify.c | 2 +- tests/suites/test_suite_pkcs1_v15.function | 2 +- tests/suites/test_suite_pkcs1_v21.function | 4 ++-- tests/suites/test_suite_rsa.function | 12 ++++++------ 9 files changed, 15 insertions(+), 21 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 103d6915f5..f4e7d965fd 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -989,9 +989,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA public key context to use. - * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. Otherwise, it is ignored. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng is \c NULL or doesn't need a context. * \param mode The mode of operation. This must be either @@ -1013,7 +1010,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 9f4c187b05..fbcfdb1579 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -90,7 +90,7 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( sig_len < rsa_len ) return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL, + if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, sig ) ) != 0 ) return( ret ); diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 4f41596543..1ab57c61a3 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -490,7 +490,6 @@ static psa_status_t rsa_verify_hash( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); ret = mbedtls_rsa_pkcs1_verify( rsa, - mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE, MBEDTLS_RSA_PUBLIC, md_alg, diff --git a/library/rsa.c b/library/rsa.c index b241b8fee3..7545a799ad 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2414,7 +2414,6 @@ cleanup: * Do an RSA operation and check the message digest */ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, mbedtls_md_type_t md_alg, @@ -2434,13 +2433,13 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, f_rng, p_rng, mode, md_alg, + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, p_rng, mode, md_alg, hashlen, hash, sig ); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, f_rng, p_rng, mode, md_alg, + return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, p_rng, mode, md_alg, hashlen, hash, sig ); #endif @@ -2707,7 +2706,7 @@ int mbedtls_rsa_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); - if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, + if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index d6e4990a9b..eb21566f64 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -220,7 +220,7 @@ int main( void ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index fbc0779b2c..60e1377bca 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -140,7 +140,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, NULL, MBEDTLS_RSA_PUBLIC, + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 0c2547d2e8..83604285c2 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -334,7 +334,7 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index e64f22290f..f291a5fbb6 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -199,7 +199,7 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -244,7 +244,7 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, hash_len = message_str->len; } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, msg_digest_id, hash_len, hash_result, result_str->x ) == result_simple ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 96a8cbf022..873ce8a478 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -280,22 +280,22 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( NULL, NULL, NULL, + mbedtls_rsa_pkcs1_verify( NULL, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, + mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, + mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, + mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); @@ -485,7 +485,7 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -564,7 +564,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); From 613d1a4fb7ce0a4c172b5f30e0b1220594ca0a9b Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 19:34:03 +0100 Subject: [PATCH 146/271] Removes p_rng param from mbedtls_rsa_pkcs1_verify Commit removes p_rng from mbedtls_rsa_pkcs1_verify since p_rng has no relevance following the removal of f_rng from this function. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 3 --- library/pk_wrap.c | 6 +++--- library/psa_crypto_rsa.c | 1 - library/rsa.c | 7 +++---- programs/pkey/dh_client.c | 2 +- programs/pkey/rsa_verify.c | 2 +- tests/suites/test_suite_pkcs1_v15.function | 2 +- tests/suites/test_suite_pkcs1_v21.function | 4 ++-- tests/suites/test_suite_rsa.function | 12 ++++++------ 9 files changed, 17 insertions(+), 22 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index f4e7d965fd..b41af89a24 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -989,8 +989,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA public key context to use. - * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. @@ -1010,7 +1008,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/pk_wrap.c b/library/pk_wrap.c index fbcfdb1579..b536b6615e 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -90,9 +90,9 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( sig_len < rsa_len ) return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, - MBEDTLS_RSA_PUBLIC, md_alg, - (unsigned int) hash_len, hash, sig ) ) != 0 ) + if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, MBEDTLS_RSA_PUBLIC, + md_alg, (unsigned int) hash_len, + hash, sig ) ) != 0 ) return( ret ); /* The buffer contains a valid signature followed by extra data. diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 1ab57c61a3..25157d2611 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -490,7 +490,6 @@ static psa_status_t rsa_verify_hash( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); ret = mbedtls_rsa_pkcs1_verify( rsa, - MBEDTLS_PSA_RANDOM_STATE, MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_length, diff --git a/library/rsa.c b/library/rsa.c index 7545a799ad..ba164ffa98 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2414,7 +2414,6 @@ cleanup: * Do an RSA operation and check the message digest */ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2433,13 +2432,13 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, p_rng, mode, md_alg, + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, NULL, mode, md_alg, hashlen, hash, sig ); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, p_rng, mode, md_alg, + return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, NULL, mode, md_alg, hashlen, hash, sig ); #endif @@ -2706,7 +2705,7 @@ int mbedtls_rsa_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); - if( mbedtls_rsa_pkcs1_verify( &rsa, NULL, + if( mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index eb21566f64..bdbabb620e 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -220,7 +220,7 @@ int main( void ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, MBEDTLS_RSA_PUBLIC, + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 60e1377bca..8f207c78b5 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -140,7 +140,7 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, NULL, MBEDTLS_RSA_PUBLIC, + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret ); diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 83604285c2..2e22bdd33e 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -334,7 +334,7 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index f291a5fbb6..ad8f319e4e 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -199,7 +199,7 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -244,7 +244,7 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, hash_len = message_str->len; } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, msg_digest_id, hash_len, hash_result, result_str->x ) == result_simple ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 873ce8a478..764d21a95a 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -280,22 +280,22 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( NULL, NULL, + mbedtls_rsa_pkcs1_verify( NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, + mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, + mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_pkcs1_verify( &ctx, NULL, + mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); @@ -485,7 +485,7 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -564,7 +564,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); From 68d9cbca97aa9aaf495318904096f8a2a15e90cd Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 18 May 2021 18:45:09 +0100 Subject: [PATCH 147/271] Removes mode param from mbedtls_rsa_pkcs1_verify Commit removes mode parameter from mbedtls_rsa_pkcs1_verify and propagates the change throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 14 +------------- library/pk_wrap.c | 4 ++-- library/psa_crypto_rsa.c | 1 - library/rsa.c | 10 +++------- programs/pkey/dh_client.c | 4 ++-- programs/pkey/rsa_verify.c | 4 ++-- tests/suites/test_suite_pkcs1_v15.function | 2 +- tests/suites/test_suite_pkcs1_v21.function | 8 ++++---- tests/suites/test_suite_rsa.function | 8 ++------ 9 files changed, 17 insertions(+), 38 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index b41af89a24..f1696c2ebb 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -973,24 +973,13 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * the message digest. * * This is the generic wrapper for performing a PKCS#1 - * verification using the mode from the context. + * verification. * * \note For PKCS#1 v2.1 encoding, see comments on * mbedtls_rsa_rsassa_pss_verify() about \p md_alg and * \p hash_id. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * set to #MBEDTLS_RSA_PUBLIC. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA public key context to use. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -1008,7 +997,6 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/pk_wrap.c b/library/pk_wrap.c index b536b6615e..c351113e04 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -90,8 +90,8 @@ static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, if( sig_len < rsa_len ) return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); - if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, MBEDTLS_RSA_PUBLIC, - md_alg, (unsigned int) hash_len, + if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, md_alg, + (unsigned int) hash_len, hash, sig ) ) != 0 ) return( ret ); diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 25157d2611..11c9ab29c3 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -490,7 +490,6 @@ static psa_status_t rsa_verify_hash( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE ); ret = mbedtls_rsa_pkcs1_verify( rsa, - MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_length, hash, diff --git a/library/rsa.c b/library/rsa.c index ba164ffa98..4619f0207d 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2414,15 +2414,12 @@ cleanup: * Do an RSA operation and check the message digest */ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, const unsigned char *sig ) { RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( sig != NULL ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || @@ -2432,13 +2429,13 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, NULL, mode, md_alg, + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, NULL, mode, md_alg, + return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif @@ -2705,8 +2702,7 @@ int mbedtls_rsa_self_test( int verbose ) if( verbose != 0 ) mbedtls_printf( "passed\n PKCS#1 sig. verify: " ); - if( mbedtls_rsa_pkcs1_verify( &rsa, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, + if( mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA1, 0, sha1sum, rsa_ciphertext ) != 0 ) { if( verbose != 0 ) diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c index bdbabb620e..c6b3132005 100644 --- a/programs/pkey/dh_client.c +++ b/programs/pkey/dh_client.c @@ -220,8 +220,8 @@ int main( void ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 0, hash, p ) ) != 0 ) + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA256, + 0, hash, p ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned %d\n\n", ret ); goto exit; diff --git a/programs/pkey/rsa_verify.c b/programs/pkey/rsa_verify.c index 8f207c78b5..6aca17134a 100644 --- a/programs/pkey/rsa_verify.c +++ b/programs/pkey/rsa_verify.c @@ -140,8 +140,8 @@ int main( int argc, char *argv[] ) goto exit; } - if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_RSA_PUBLIC, - MBEDTLS_MD_SHA256, 20, hash, buf ) ) != 0 ) + if( ( ret = mbedtls_rsa_pkcs1_verify( &rsa, MBEDTLS_MD_SHA256, + 20, hash, buf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_rsa_pkcs1_verify returned -0x%0x\n\n", (unsigned int) -ret ); goto exit; diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function index 2e22bdd33e..d1c0fc1292 100644 --- a/tests/suites/test_suite_pkcs1_v15.function +++ b/tests/suites/test_suite_pkcs1_v15.function @@ -334,7 +334,7 @@ void pkcs1_rsassa_v15_verify( int mod, int radix_N, char * input_N, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index ad8f319e4e..0983a4232d 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -199,7 +199,7 @@ void pkcs1_rsassa_pss_verify( int mod, data_t * input_N, data_t * input_E, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -244,9 +244,9 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, hash_len = message_str->len; } - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, - msg_digest_id, hash_len, hash_result, - result_str->x ) == result_simple ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, msg_digest_id, + hash_len, hash_result, + result_str->x ) == result_simple ); TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, msg_digest_id, hash_len, hash_result, diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 764d21a95a..112c4fc7b6 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -281,22 +281,18 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( NULL, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_pkcs1_verify( &ctx, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); @@ -485,7 +481,7 @@ void mbedtls_rsa_pkcs1_verify( data_t * message_str, int padding_mode, if( mbedtls_md_info_from_type( digest ) != NULL ) TEST_ASSERT( mbedtls_md( mbedtls_md_info_from_type( digest ), message_str->x, message_str->len, hash_result ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, digest, 0, hash_result, result_str->x ) == result ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, digest, 0, hash_result, result_str->x ) == result ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); @@ -564,7 +560,7 @@ void rsa_pkcs1_verify_raw( data_t * hash_result, TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 ); - TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); + TEST_ASSERT( mbedtls_rsa_pkcs1_verify( &ctx, MBEDTLS_MD_NONE, hash_result->len, hash_result->x, result_str->x ) == correct ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); From b7bb0687f75e515e6d9ad1af5f004baf553a5d4c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 22:31:53 +0200 Subject: [PATCH 148/271] Rework and reword the guarantees on output_size To simplify the documentation, and because there are only two realistic behaviors in practice, only allow two behaviors for multipart output: immediate output, or buffering of the last partial block. State some simple rules that applications can follow if they don't care about the details. Explicitly state how much output is needed for finish(). Only require the buffer size to be the size of the actual output, not the size of the potential output in the worst case. Rename the parameter from output_len to output_size since it's a buffer size and not necessarily the length of the data. No longer guarantee that the built-in implementation produces immediate output. Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 53 +++++++++++++++++++++++-------------------- library/gcm.c | 4 ++-- 2 files changed, 30 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 2e998e71d0..e717aa1bff 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -278,6 +278,22 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * decrypt. After the last part of the input, call * mbedtls_gcm_finish(). * + * This function may produce output in one of the following + * ways: + * - Immediate output: the output length is always equal + * to the input length. + * - Buffered output: the output consists of a whole number + * of 16-byte blocks. If the total input length so far + * (not including associated data) is 16 \* *B* + *A* + * with *A* < 16 then the total output length is 16 \* *B*. + * + * In particular: + * - It is always correct to call this function with + * \c output_size >= \c input_size + 15. + * - If \c input_size is a multiple of 16 for all the calls + * to this function during an operation, then it is + * correct to use \c output_size = \c input_size. + * * \note For decryption, the output buffer cannot be the same as * input buffer. If the buffers overlap, the output buffer * must trail at least 8 Bytes behind the input buffer. @@ -290,22 +306,8 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * \param output The buffer for the output data. If \p output_size * is greater than zero, this must be a writable buffer of * of at least \p output_size bytes. - * This function may withhold the end of the output if - * it is a partial block for the underlying block cipher. - * That is, if the cumulated input passed to - * mbedtls_gcm_update() so far (including the current call) - * is 16 *n* + *p* with *p* < 16, this function may - * withhold the last *p* bytes, which will be output by - * a subsequent call to mbedtls_gcm_update() or - * mbedtls_gcm_finish(). * \param output_size The size of the output buffer in bytes. - * This must be at least \p input_length plus the length - * of the input withheld by the previous call to - * mbedtls_gcm_update(). Therefore: - * - With arbitrary inputs, \p output_size may need to - * be as large as `input_length + 15`. - * - If all input lengths are a multiple of 16, then - * \p output_size = \p input_length is sufficient. + * See the function description regarding the output size. * \param output_length On success, \p *output_length contains the actual * length of the output written in \p output. * On failure, the content of \p *output_length is @@ -335,15 +337,16 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * \param tag_len The length of the tag to generate. This must be at least * four. * \param output The buffer for the final output. - * This must be a writable buffer of at least \p output_len - * bytes. - * With the built-in implementation, there is no final - * output and this can be \p NULL. - * Alternative implementations may return a partial block - * of output. - * \param output_len The size of the \p output buffer in bytes. - * With the built-in implementation, this can be \c 0. - * Alternative implementations may require a 15-byte buffer. + * If \p output_size is nonzero, this must be a writable + * buffer of at least \p output_size bytes. + * \param output_size The size of the \p output buffer in bytes. + * This must be large enough for the output that + * mbedtls_gcm_update() has not produced. In particular: + * - If mbedtls_gcm_update() produces immediate output, + * or if the total input size is a multiple of \c 16, + * then mbedtls_gcm_finish() never produces any output, + * so \p output_size can be \c 0. + * - \p output_size never needs to be more than \c 15. * * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure: @@ -351,7 +354,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * or \p output_len too small. */ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *output, size_t output_len, + unsigned char *output, size_t output_size, unsigned char *tag, size_t tag_len ); /** diff --git a/library/gcm.c b/library/gcm.c index ee10093c0e..2bd907115e 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -488,7 +488,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, } int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, - unsigned char *output, size_t output_len, + unsigned char *output, size_t output_size, unsigned char *tag, size_t tag_len ) { unsigned char work_buf[16]; @@ -502,7 +502,7 @@ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, /* We never pass any output in finish(). The output parameter exists only * for the sake of alternative implementations. */ (void) output; - (void) output_len; + (void) output_size; orig_len = ctx->len * 8; orig_add_len = ctx->add_len * 8; From 3ea8e2d5adee4fe439f2a8fc78e1c73221ece9ba Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 10 May 2021 16:09:08 +0200 Subject: [PATCH 149/271] Restore alphabetical order of SHA definitions Signed-off-by: Mateusz Starzyk --- library/version_features.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/library/version_features.c b/library/version_features.c index ce263ec397..55dbcf16af 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -462,9 +462,6 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA512_SMALLER) "MBEDTLS_SHA512_SMALLER", #endif /* MBEDTLS_SHA512_SMALLER */ -#if defined(MBEDTLS_SHA384_C) - "MBEDTLS_SHA384_C", -#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) "MBEDTLS_SSL_ALL_ALERT_MESSAGES", #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ @@ -759,12 +756,15 @@ static const char * const features[] = { #if defined(MBEDTLS_SHA1_C) "MBEDTLS_SHA1_C", #endif /* MBEDTLS_SHA1_C */ -#if defined(MBEDTLS_SHA256_C) - "MBEDTLS_SHA256_C", -#endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA224_C) "MBEDTLS_SHA224_C", #endif /* MBEDTLS_SHA224_C */ +#if defined(MBEDTLS_SHA256_C) + "MBEDTLS_SHA256_C", +#endif /* MBEDTLS_SHA256_C */ +#if defined(MBEDTLS_SHA384_C) + "MBEDTLS_SHA384_C", +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA512_C) "MBEDTLS_SHA512_C", #endif /* MBEDTLS_SHA512_C */ From a309e0ec073adc649899bea908c4ff459ec2d3a4 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 10 May 2021 16:10:30 +0200 Subject: [PATCH 150/271] Remove redundant SHA384 `if defined` block. Signed-off-by: Mateusz Starzyk --- programs/test/query_config.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/programs/test/query_config.c b/programs/test/query_config.c index db56ea4e69..49494ab135 100644 --- a/programs/test/query_config.c +++ b/programs/test/query_config.c @@ -1283,14 +1283,6 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SHA512_SMALLER */ -#if defined(MBEDTLS_SHA384_C) - if( strcmp( "MBEDTLS_SHA384_C", config ) == 0 ) - { - MACRO_EXPANSION_TO_STR( MBEDTLS_SHA384_C ); - return( 0 ); - } -#endif /* MBEDTLS_SHA384_C */ - #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) if( strcmp( "MBEDTLS_SSL_ALL_ALERT_MESSAGES", config ) == 0 ) { From 6848537eaba67bba706146138283b1447efd2d2e Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Mon, 10 May 2021 20:10:32 +0200 Subject: [PATCH 151/271] Remove obsolete config requirements for SHA384 in ssl-opt. Signed-off-by: Mateusz Starzyk --- tests/ssl-opt.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 32bd65dac6..267b564464 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1331,11 +1331,9 @@ run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 -requires_config_enabled MBEDTLS_SHA384_C run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 -requires_config_enabled MBEDTLS_SHA384_C run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED @@ -4304,7 +4302,6 @@ run_test "Authentication, CA callback: server ECDH p256v1, client optional, p -c "! Certificate verification flags"\ -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check -requires_config_enabled MBEDTLS_SHA384_C requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK run_test "Authentication, CA callback: client SHA256, server required" \ "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ From c722ebb7d9177eb86727273718271caaafe5b123 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 11 May 2021 10:05:45 +0200 Subject: [PATCH 152/271] Update SHA-224 documentation. Rephrase config.h documentation and add a note to template configs. Signed-off-by: Mateusz Starzyk --- configs/config-ccm-psk-tls1_2.h | 2 ++ configs/config-mini-tls1_1.h | 2 ++ configs/config-no-entropy.h | 2 ++ configs/config-suite-b.h | 2 ++ configs/config-symmetric-only.h | 2 ++ configs/config-thread.h | 2 ++ include/mbedtls/config.h | 4 ++-- 7 files changed, 14 insertions(+), 2 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 09223b9bdb..8a8e7299ea 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -48,6 +48,8 @@ #define MBEDTLS_ENTROPY_C #define MBEDTLS_MD_C #define MBEDTLS_NET_C +/* Library does not support enabling SHA-224 without SHA-256. Future version will + * have this option disabled by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h index 0d58e49287..d09c1f81fa 100644 --- a/configs/config-mini-tls1_1.h +++ b/configs/config-mini-tls1_1.h @@ -56,6 +56,8 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_RSA_C #define MBEDTLS_SHA1_C +/* Library does not support enabling SHA-224 without SHA-256. Future version will + * have this option disabled by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index d4948de991..d0aef1d5cb 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -73,6 +73,8 @@ #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PLATFORM_C #define MBEDTLS_RSA_C +/* Library does not support enabling SHA-224 without SHA-256. Future version will + * have this option disabled by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index 9466845d67..ea6a5bf5f8 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -63,6 +63,8 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C +/* Library does not support enabling SHA-224 without SHA-256. Future version will + * have this option disabled by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 9b69dfe0d3..066991cb34 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -84,6 +84,8 @@ #define MBEDTLS_PSA_ITS_FILE_C #define MBEDTLS_RIPEMD160_C #define MBEDTLS_SHA1_C +/* Library does not support enabling SHA-224 without SHA-256. Future version will + * have this option disabled by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 331403791f..4ccbffa255 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -67,6 +67,8 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C +/* Library does not support enabling SHA-224 without SHA-256. Future version will + * have this option disabled by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_COOKIE_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 251a6160d2..8e60951e77 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3106,10 +3106,10 @@ * \def MBEDTLS_SHA224_C * * Enable the SHA-224 cryptographic hash algorithm. + * Future version will have this option disabled by default. * * Requires: MBEDTLS_SHA256_C. Library does not support enabling - * SHA-224 without SHA-256. Future version will have - * this option disabled by default. + * SHA-224 without SHA-256. * * Module: library/sha256.c * Caller: library/md.c From 9d2d6c9ea02dfac32f35ae5fce2128755c0f638f Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Tue, 18 May 2021 15:54:20 +0200 Subject: [PATCH 153/271] Clarfiy SHA224 and SHA256 documentation Signed-off-by: Mateusz Starzyk --- configs/config-ccm-psk-tls1_2.h | 5 +++-- configs/config-mini-tls1_1.h | 5 +++-- configs/config-no-entropy.h | 5 +++-- configs/config-suite-b.h | 5 +++-- configs/config-symmetric-only.h | 5 +++-- configs/config-thread.h | 5 +++-- include/mbedtls/config.h | 6 +++--- 7 files changed, 21 insertions(+), 15 deletions(-) diff --git a/configs/config-ccm-psk-tls1_2.h b/configs/config-ccm-psk-tls1_2.h index 8a8e7299ea..e54e7a0a22 100644 --- a/configs/config-ccm-psk-tls1_2.h +++ b/configs/config-ccm-psk-tls1_2.h @@ -48,8 +48,9 @@ #define MBEDTLS_ENTROPY_C #define MBEDTLS_MD_C #define MBEDTLS_NET_C -/* Library does not support enabling SHA-224 without SHA-256. Future version will - * have this option disabled by default. */ +/* The library does not currently support enabling SHA-224 without SHA-256. + * A future version of the library will have this option disabled + * by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h index d09c1f81fa..83d1ab713c 100644 --- a/configs/config-mini-tls1_1.h +++ b/configs/config-mini-tls1_1.h @@ -56,8 +56,9 @@ #define MBEDTLS_PK_PARSE_C #define MBEDTLS_RSA_C #define MBEDTLS_SHA1_C -/* Library does not support enabling SHA-224 without SHA-256. Future version will - * have this option disabled by default. */ +/* The library does not currently support enabling SHA-224 without SHA-256. + * A future version of the library will have this option disabled + * by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_CLI_C diff --git a/configs/config-no-entropy.h b/configs/config-no-entropy.h index d0aef1d5cb..09b3cf5e0a 100644 --- a/configs/config-no-entropy.h +++ b/configs/config-no-entropy.h @@ -73,8 +73,9 @@ #define MBEDTLS_PK_WRITE_C #define MBEDTLS_PLATFORM_C #define MBEDTLS_RSA_C -/* Library does not support enabling SHA-224 without SHA-256. Future version will - * have this option disabled by default. */ +/* The library does not currently support enabling SHA-224 without SHA-256. + * A future version of the library will have this option disabled + * by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C diff --git a/configs/config-suite-b.h b/configs/config-suite-b.h index ea6a5bf5f8..26e03de4a6 100644 --- a/configs/config-suite-b.h +++ b/configs/config-suite-b.h @@ -63,8 +63,9 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -/* Library does not support enabling SHA-224 without SHA-256. Future version will - * have this option disabled by default. */ +/* The library does not currently support enabling SHA-224 without SHA-256. + * A future version of the library will have this option disabled + * by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h index 066991cb34..29e77b52c9 100644 --- a/configs/config-symmetric-only.h +++ b/configs/config-symmetric-only.h @@ -84,8 +84,9 @@ #define MBEDTLS_PSA_ITS_FILE_C #define MBEDTLS_RIPEMD160_C #define MBEDTLS_SHA1_C -/* Library does not support enabling SHA-224 without SHA-256. Future version will - * have this option disabled by default. */ +/* The library does not currently support enabling SHA-224 without SHA-256. + * A future version of the library will have this option disabled + * by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SHA384_C diff --git a/configs/config-thread.h b/configs/config-thread.h index 4ccbffa255..bce9668fd0 100644 --- a/configs/config-thread.h +++ b/configs/config-thread.h @@ -67,8 +67,9 @@ #define MBEDTLS_OID_C #define MBEDTLS_PK_C #define MBEDTLS_PK_PARSE_C -/* Library does not support enabling SHA-224 without SHA-256. Future version will - * have this option disabled by default. */ +/* The library does not currently support enabling SHA-224 without SHA-256. + * A future version of the library will have this option disabled + * by default. */ #define MBEDTLS_SHA224_C #define MBEDTLS_SHA256_C #define MBEDTLS_SSL_COOKIE_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 8e60951e77..8bd07a7b72 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3106,9 +3106,9 @@ * \def MBEDTLS_SHA224_C * * Enable the SHA-224 cryptographic hash algorithm. - * Future version will have this option disabled by default. + * A future version of the library will have this option disabled by default. * - * Requires: MBEDTLS_SHA256_C. Library does not support enabling + * Requires: MBEDTLS_SHA256_C. The library does not currently support enabling * SHA-224 without SHA-256. * * Module: library/sha256.c @@ -3124,7 +3124,7 @@ * * Enable the SHA-256 cryptographic hash algorithm. * - * Requires: MBEDTLS_SHA224_C. Library does not support enabling + * Requires: MBEDTLS_SHA224_C. The library does not currently support enabling * SHA-256 without SHA-224. * * Module: library/sha256.c From 86ead6aba32faa7a19cc323a12ec036cd6914be2 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 11:56:06 +0200 Subject: [PATCH 154/271] Add changelog entries for SHA1 and SHA384 ciphersuites bugfixes. Signed-off-by: Mateusz Starzyk --- ChangeLog.d/ciphersuite-sha1-sha384-guard.txt | 4 ++++ ChangeLog.d/ciphersuite-sha384-guard.txt | 2 ++ 2 files changed, 6 insertions(+) create mode 100644 ChangeLog.d/ciphersuite-sha1-sha384-guard.txt create mode 100644 ChangeLog.d/ciphersuite-sha384-guard.txt diff --git a/ChangeLog.d/ciphersuite-sha1-sha384-guard.txt b/ChangeLog.d/ciphersuite-sha1-sha384-guard.txt new file mode 100644 index 0000000000..d253f349a5 --- /dev/null +++ b/ChangeLog.d/ciphersuite-sha1-sha384-guard.txt @@ -0,0 +1,4 @@ +Bugfix + * The cipher suite TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 was not available + when SHA-1 was disabled and was offered when SHA-1 was enabled but SHA-384 + was disabled. Fix the dependency. Fixes #4472. diff --git a/ChangeLog.d/ciphersuite-sha384-guard.txt b/ChangeLog.d/ciphersuite-sha384-guard.txt new file mode 100644 index 0000000000..0ddf463ebc --- /dev/null +++ b/ChangeLog.d/ciphersuite-sha384-guard.txt @@ -0,0 +1,2 @@ +Bugfix + * Do not offer SHA384 cipher suites when SHA-384 is disabled. Fixes #4499. From fe561fe717e83a928d169cc7be3159149f23aa1b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 19 May 2021 12:21:53 +0200 Subject: [PATCH 155/271] Doxygen: use \p for parameter names Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index e717aa1bff..c7d82fc2c4 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -289,10 +289,10 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * * In particular: * - It is always correct to call this function with - * \c output_size >= \c input_size + 15. - * - If \c input_size is a multiple of 16 for all the calls + * \p output_size >= \p input_size + 15. + * - If \p input_size is a multiple of 16 for all the calls * to this function during an operation, then it is - * correct to use \c output_size = \c input_size. + * correct to use \p output_size = \p input_size. * * \note For decryption, the output buffer cannot be the same as * input buffer. If the buffers overlap, the output buffer From af5b26aeaa4ec64ced9add267caaee3d4aa9e5a2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 19 May 2021 12:24:33 +0200 Subject: [PATCH 156/271] Fix parameter names in documentation Signed-off-by: Gilles Peskine --- include/mbedtls/gcm.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index c7d82fc2c4..e893a99792 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -289,10 +289,10 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx, * * In particular: * - It is always correct to call this function with - * \p output_size >= \p input_size + 15. - * - If \p input_size is a multiple of 16 for all the calls + * \p output_size >= \p input_length + 15. + * - If \p input_length is a multiple of 16 for all the calls * to this function during an operation, then it is - * correct to use \p output_size = \p input_size. + * correct to use \p output_size = \p input_length. * * \note For decryption, the output buffer cannot be the same as * input buffer. If the buffers overlap, the output buffer @@ -351,7 +351,7 @@ int mbedtls_gcm_update( mbedtls_gcm_context *ctx, * \return \c 0 on success. * \return #MBEDTLS_ERR_GCM_BAD_INPUT on failure: * invalid value of \p tag_len, - * or \p output_len too small. + * or \p output_size too small. */ int mbedtls_gcm_finish( mbedtls_gcm_context *ctx, unsigned char *output, size_t output_size, From d9a4c73c996d36c0e12be203f4ae2bd9ca12031c Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 12:36:24 +0200 Subject: [PATCH 157/271] Add changelog entries for MBEDTLS_SHA224_C and MBEDTLS_SHA384_C. Signed-off-by: Mateusz Starzyk --- ChangeLog.d/sha224_sha384.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/sha224_sha384.txt diff --git a/ChangeLog.d/sha224_sha384.txt b/ChangeLog.d/sha224_sha384.txt new file mode 100644 index 0000000000..f60ea563e7 --- /dev/null +++ b/ChangeLog.d/sha224_sha384.txt @@ -0,0 +1,7 @@ +API changes + * Replace MBEDTLS_SHA512_NO_SHA384 config option with MBEDTLS_SHA384_C. + This separates config option enabling the SHA384 algorithm from option + enabling the SHA512 algorithm. Fixes #4034. + * Introduce MBEDTLS_SHA224_C. + This separates config option enabling the SHA224 algorithm from option + enabling SHA256. From cbc088f5d0c522ecf3fb6b9cab370ee7e3bef42c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 11:39:58 +0100 Subject: [PATCH 158/271] Removes p_rng from mbedtls_rsa_rsassa_pkcs1_v15_verify Commit removes p_rng from mbedtls_rsa_rsassa_pkcs1_v15_verify function in preparation of removal of mode parameter. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 3 --- library/rsa.c | 5 ++--- tests/suites/test_suite_rsa.function | 4 ---- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index f1696c2ebb..37fddddee9 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1019,8 +1019,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, * this is used for blinding and should be provided; see * mbedtls_rsa_private() for more. Otherwise, it is ignored. - * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. @@ -1041,7 +1039,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/rsa.c b/library/rsa.c index 4619f0207d..9e2d054b86 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2332,7 +2332,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2377,7 +2376,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, ret = ( mode == MBEDTLS_RSA_PUBLIC ) ? mbedtls_rsa_public( ctx, sig, encoded ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, encoded ); + : mbedtls_rsa_private( ctx, f_rng, NULL, sig, encoded ); if( ret != 0 ) goto cleanup; @@ -2429,7 +2428,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg, + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 112c4fc7b6..a529c55ce9 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -298,25 +298,21 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL, - NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, - NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, From 475053df2c9188ae8ead34de32e620451d4e8d07 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 11:44:27 +0100 Subject: [PATCH 159/271] Removes f_rng from mbedtls_rsa_rsassa_pkcs1_v15_verify Commit performs removal of f_rng parameter from mbedtls_rsa_rsassa_pkcs1_v15_verify function in preparation for removal of mode parameter. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 4 ---- library/rsa.c | 5 ++--- tests/suites/test_suite_rsa.function | 8 ++++---- 3 files changed, 6 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 37fddddee9..6a0309af07 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1016,9 +1016,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA public key context to use. - * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. Otherwise, it is ignored. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. @@ -1038,7 +1035,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/rsa.c b/library/rsa.c index 9e2d054b86..4d569704a9 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2331,7 +2331,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function */ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2376,7 +2375,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, ret = ( mode == MBEDTLS_RSA_PUBLIC ) ? mbedtls_rsa_public( ctx, sig, encoded ) - : mbedtls_rsa_private( ctx, f_rng, NULL, sig, encoded ); + : mbedtls_rsa_private( ctx, NULL, NULL, sig, encoded ); if( ret != 0 ) goto cleanup; @@ -2428,7 +2427,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, NULL, MBEDTLS_RSA_PUBLIC, md_alg, + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index a529c55ce9..8f952b38f8 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -297,22 +297,22 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, NULL, + mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, From 2e1262517cb7e11e508c5cf20b49dfd399d77410 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 11:48:53 +0100 Subject: [PATCH 160/271] Removes mode parameter from mbedtls_rsa_rsassa_pkcs1_v15_verify Commit removes mode parameter from mbedtls_rsa_rsassa_pkcs1_v15_verify and propagates the change throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 12 ------------ library/rsa.c | 14 +++----------- tests/suites/test_suite_rsa.function | 4 ---- 3 files changed, 3 insertions(+), 27 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 6a0309af07..869bfd923d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1006,18 +1006,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 verification * operation (RSASSA-PKCS1-v1_5-VERIFY). * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * set to #MBEDTLS_RSA_PUBLIC. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA public key context to use. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -1035,7 +1024,6 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/rsa.c b/library/rsa.c index 4d569704a9..bdb2b7ef37 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2331,7 +2331,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function */ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, @@ -2342,8 +2341,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, unsigned char *encoded = NULL, *encoded_expected = NULL; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( sig != NULL ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || @@ -2351,9 +2348,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, sig_len = ctx->len; - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V15 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - /* * Prepare expected PKCS1 v1.5 encoding of hash. */ @@ -2373,9 +2367,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * Apply RSA primitive to get what should be PKCS1 encoded hash. */ - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, encoded ) - : mbedtls_rsa_private( ctx, NULL, NULL, sig, encoded ); + ret = mbedtls_rsa_public( ctx, sig, encoded ); if( ret != 0 ) goto cleanup; @@ -2427,8 +2419,8 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, { #if defined(MBEDTLS_PKCS1_V15) case MBEDTLS_RSA_PKCS_V15: - return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, MBEDTLS_RSA_PUBLIC, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pkcs1_v15_verify( ctx, md_alg, + hashlen, hash, sig ); #endif #if defined(MBEDTLS_PKCS1_V21) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 8f952b38f8..f6aaa7a025 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -298,22 +298,18 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( NULL, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pkcs1_v15_verify( &ctx, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From 08f4c9c571685bd44dfd5ad5c6a916e2589cedfc Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 11:56:02 +0100 Subject: [PATCH 161/271] Removes p_rng param from mbedtls_rsa_rsassa_pss_verify Commit removes p_rng parameter from mbedtls_rsa_rsassa_pss_verify function as preparation for removing the mode parameter. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 3 --- library/psa_crypto_rsa.c | 1 - library/rsa.c | 5 ++--- tests/suites/test_suite_rsa.function | 8 ++++---- 4 files changed, 6 insertions(+), 11 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 869bfd923d..a89c1f59bf 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1057,8 +1057,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, * this is used for blinding and should be provided; see * mbedtls_rsa_private() for more. Otherwise, it is ignored. - * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. @@ -1079,7 +1077,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 11c9ab29c3..464e027d72 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -503,7 +503,6 @@ static psa_status_t rsa_verify_hash( mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); ret = mbedtls_rsa_rsassa_pss_verify( rsa, mbedtls_psa_get_random, - MBEDTLS_PSA_RANDOM_STATE, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, (unsigned int) hash_length, diff --git a/library/rsa.c b/library/rsa.c index bdb2b7ef37..333747e494 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2298,7 +2298,6 @@ exit: */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2318,7 +2317,7 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, p_rng, mode, + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, NULL, mode, md_alg, hashlen, hash, mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, sig ) ); @@ -2425,7 +2424,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, md_alg, + return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index f6aaa7a025..41cef93832 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -315,22 +315,22 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( NULL, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify( NULL, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, From 718a53db2c5bf4d615ce8e73aed3ba68fb1a8b9e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:01:35 +0100 Subject: [PATCH 162/271] Removed f_rng param from mbedtls_rsa_rsassa_pss_verify Commit removes f_rng parameter from mbedtls_rsa_rsassa_pss_verify function in preparation of mode parameter removal. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 4 ---- library/psa_crypto_rsa.c | 1 - library/rsa.c | 5 ++--- tests/suites/test_suite_rsa.function | 8 ++++---- 4 files changed, 6 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index a89c1f59bf..ab2d5a53b1 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1054,9 +1054,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. * * \param ctx The initialized RSA public key context to use. - * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. Otherwise, it is ignored. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. @@ -1076,7 +1073,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 464e027d72..4108703909 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -502,7 +502,6 @@ static psa_status_t rsa_verify_hash( { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); ret = mbedtls_rsa_rsassa_pss_verify( rsa, - mbedtls_psa_get_random, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, (unsigned int) hash_length, diff --git a/library/rsa.c b/library/rsa.c index 333747e494..99a56b799f 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2297,7 +2297,6 @@ exit: * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2317,7 +2316,7 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, f_rng, NULL, mode, + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, NULL, mode, md_alg, hashlen, hash, mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, sig ) ); @@ -2424,7 +2423,7 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, NULL, MBEDTLS_RSA_PUBLIC, md_alg, + return mbedtls_rsa_rsassa_pss_verify( ctx, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, sig ); #endif diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 41cef93832..b9d7b59004 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -315,22 +315,22 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( NULL, NULL, + mbedtls_rsa_rsassa_pss_verify( NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, From 5ee4cc031c590df8fb4e5c36c2652af9d9d80e34 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:07:42 +0100 Subject: [PATCH 163/271] Removes mode param from mbedtls_rsa_rsassa_pss_verify Commit removes the mode parameter from the mbedtls_rsa_rsassa_pss_verify function and propagates the change throughout the process. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 12 ------------ library/psa_crypto_rsa.c | 1 - library/rsa.c | 17 ++++++++--------- tests/suites/test_suite_rsa.function | 4 ---- 4 files changed, 8 insertions(+), 26 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index ab2d5a53b1..0b53eb7a07 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1044,18 +1044,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * same. If \p hash_id in the RSA context is unset, * the \p md_alg from the function call is used. * - * \deprecated It is deprecated and discouraged to call this function - * in #MBEDTLS_RSA_PRIVATE mode. Future versions of the library - * are likely to remove the \p mode argument and have it - * implicitly set to #MBEDTLS_RSA_PUBLIC. - * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA public key context to use. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE (deprecated). * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -1073,7 +1062,6 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 4108703909..10ce30e380 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -502,7 +502,6 @@ static psa_status_t rsa_verify_hash( { mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg ); ret = mbedtls_rsa_rsassa_pss_verify( rsa, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_NONE, (unsigned int) hash_length, hash, diff --git a/library/rsa.c b/library/rsa.c index 99a56b799f..d3b4bf0fcc 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2297,7 +2297,6 @@ exit: * Simplified PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, @@ -2305,8 +2304,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, { mbedtls_md_type_t mgf1_hash_id; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( sig != NULL ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || @@ -2316,10 +2313,12 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, NULL, mode, - md_alg, hashlen, hash, - mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, - sig ) ); + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, NULL, + MBEDTLS_RSA_PUBLIC, + md_alg, hashlen, hash, + mgf1_hash_id, + MBEDTLS_RSA_SALT_LEN_ANY, + sig ) ); } #endif /* MBEDTLS_PKCS1_V21 */ @@ -2423,8 +2422,8 @@ int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx, #if defined(MBEDTLS_PKCS1_V21) case MBEDTLS_RSA_PKCS_V21: - return mbedtls_rsa_rsassa_pss_verify( ctx, MBEDTLS_RSA_PUBLIC, md_alg, - hashlen, hash, sig ); + return mbedtls_rsa_rsassa_pss_verify( ctx, md_alg, + hashlen, hash, sig ); #endif default: diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index b9d7b59004..8475036817 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -316,22 +316,18 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( NULL, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify( &ctx, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, buf ) ); From 578e9abcbda986bcdc48fb76a010f12278a874b7 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:14:57 +0100 Subject: [PATCH 164/271] Removes p_rng param from mbedtls_rsa_rsassa_pss_verify_ext Commit removes p_rng parameter from the mbedtls_rsa_rsassa_pss_verify_ext function in preparation for removal of the mode parameter. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 3 --- library/pk.c | 2 +- library/rsa.c | 5 ++--- tests/suites/test_suite_pkcs1_v21.function | 2 +- tests/suites/test_suite_rsa.function | 8 ++++---- 5 files changed, 8 insertions(+), 12 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 0b53eb7a07..0fde575f4d 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1083,8 +1083,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, * this is used for blinding and should be provided; see * mbedtls_rsa_private() for more. Otherwise, it is ignored. - * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. * \param md_alg The message-digest algorithm used to hash the original data. @@ -1108,7 +1106,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/pk.c b/library/pk.c index 6d296638d8..e0dedecc37 100644 --- a/library/pk.c +++ b/library/pk.c @@ -367,7 +367,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ), - NULL, NULL, MBEDTLS_RSA_PUBLIC, + NULL, MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, pss_opts->mgf1_hash_id, pss_opts->expected_salt_len, diff --git a/library/rsa.c b/library/rsa.c index d3b4bf0fcc..6b18fe7cf3 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2148,7 +2148,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, */ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2187,7 +2186,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, ret = ( mode == MBEDTLS_RSA_PUBLIC ) ? mbedtls_rsa_public( ctx, sig, buf ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, buf ); + : mbedtls_rsa_private( ctx, f_rng, NULL, sig, buf ); if( ret != 0 ) return( ret ); @@ -2313,7 +2312,7 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, NULL, + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, mgf1_hash_id, diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 0983a4232d..82f33d610e 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -248,7 +248,7 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, hash_len, hash_result, result_str->x ) == result_simple ); - TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, MBEDTLS_RSA_PUBLIC, + TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, MBEDTLS_RSA_PUBLIC, msg_digest_id, hash_len, hash_result, mgf_hash, salt_len, result_str->x ) == result_full ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 8475036817..05886ffba8 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -333,26 +333,26 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, From 9e65f791b56634e1bc4fd0b2edebd50cc1beab46 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:18:58 +0100 Subject: [PATCH 165/271] Removes f_rng param from mbedtls_rsa_rsassa_pss_verify_ext Commit removes the f_rng parameter from the mbedtls_rsa_rsassa_pss_verify_ext function. This is in preparation for the removal of the mode parameter. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 4 ---- library/pk.c | 2 +- library/rsa.c | 5 ++--- tests/suites/test_suite_pkcs1_v21.function | 2 +- tests/suites/test_suite_rsa.function | 8 ++++---- 5 files changed, 8 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 0fde575f4d..3f453f684e 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1080,9 +1080,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \note The \p hash_id in the RSA context is ignored. * * \param ctx The initialized RSA public key context to use. - * \param f_rng The RNG function to use. If \p mode is #MBEDTLS_RSA_PRIVATE, - * this is used for blinding and should be provided; see - * mbedtls_rsa_private() for more. Otherwise, it is ignored. * \param mode The mode of operation. This must be either * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. * \param md_alg The message-digest algorithm used to hash the original data. @@ -1105,7 +1102,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, diff --git a/library/pk.c b/library/pk.c index e0dedecc37..65a4d0c0f4 100644 --- a/library/pk.c +++ b/library/pk.c @@ -367,7 +367,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ), - NULL, MBEDTLS_RSA_PUBLIC, + MBEDTLS_RSA_PUBLIC, md_alg, (unsigned int) hash_len, hash, pss_opts->mgf1_hash_id, pss_opts->expected_salt_len, diff --git a/library/rsa.c b/library/rsa.c index 6b18fe7cf3..db684c8faa 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2147,7 +2147,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, @@ -2186,7 +2185,7 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, ret = ( mode == MBEDTLS_RSA_PUBLIC ) ? mbedtls_rsa_public( ctx, sig, buf ) - : mbedtls_rsa_private( ctx, f_rng, NULL, sig, buf ); + : mbedtls_rsa_private( ctx, NULL, NULL, sig, buf ); if( ret != 0 ) return( ret ); @@ -2312,7 +2311,7 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, ? (mbedtls_md_type_t) ctx->hash_id : md_alg; - return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, NULL, + return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, mgf1_hash_id, diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index 82f33d610e..c52edcb891 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -248,7 +248,7 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, hash_len, hash_result, result_str->x ) == result_simple ); - TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, MBEDTLS_RSA_PUBLIC, + TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, MBEDTLS_RSA_PUBLIC, msg_digest_id, hash_len, hash_result, mgf_hash, salt_len, result_str->x ) == result_full ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 05886ffba8..b822ed9ead 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -333,26 +333,26 @@ void rsa_invalid_param( ) buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( NULL, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( NULL, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( &ctx, MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, - mbedtls_rsa_rsassa_pss_verify_ext( &ctx, NULL, + mbedtls_rsa_rsassa_pss_verify_ext( &ctx, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, From 44085de5f705fc9f81a4d0ef0a9bd793a1bb79f0 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 13:22:53 +0200 Subject: [PATCH 166/271] Add migration guide for SHA384 and SHA224 options. Signed-off-by: Mateusz Starzyk --- .../modify_SHA384_option_behaviour.md | 9 +++++++++ .../separate_SHA224_from_SHA256.md | 11 +++++++++++ 2 files changed, 20 insertions(+) create mode 100644 docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md create mode 100644 docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md diff --git a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md new file mode 100644 index 0000000000..0efe14aa71 --- /dev/null +++ b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md @@ -0,0 +1,9 @@ +Replaced MBEDTLS_SHA512_NO_SHA384 with MBEDTLS_SHA384_C +------------------------------------------------------ + +This does not affect users who use the default `config.h`. +MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is +enabled by default. + +If you were using a config file with MBEDTLS_SHA512_NO_SHA384 enabled, +then just remove it (don't define MBEDTLS_SHA384_C). diff --git a/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md b/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md new file mode 100644 index 0000000000..96a38e057e --- /dev/null +++ b/docs/3.0-migration-guide.d/separate_SHA224_from_SHA256.md @@ -0,0 +1,11 @@ +Separated MBEDTLS_SHA224_C and MBEDTLS_SHA256_C +----------------------------------------------------------------- + +This does not affect users who use the default `config.h`. MBEDTLS_SHA256_C +was enabled by default. Now both MBEDTLS_SHA256_C and MBEDTLS_SHA224_C are +enabled. + +If you were using custom config file with MBEDTLS_SHA256_C enabled, then +you will need to add `#define MBEDTLS_SHA224_C` option your config. +Current version of the library does not support enabling MBEDTLS_SHA256_C +without MBEDTLS_SHA224_C. From 782a7f5bd6f40ec919baba159661e1977f562ccf Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:27:35 +0100 Subject: [PATCH 167/271] Removes mode param from mbedtls_rsa_rsassa_pss_verify_ext Commit removes the mode parameter from the mbedtls_rsa_rsassa_pss_verify_ext function. This change is propagated throughout the codebase. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 3 --- library/pk.c | 9 ++++----- library/rsa.c | 11 +---------- tests/suites/test_suite_pkcs1_v21.function | 7 +++---- tests/suites/test_suite_rsa.function | 4 ---- 5 files changed, 8 insertions(+), 26 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 3f453f684e..2c2af3f96e 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -1080,8 +1080,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \note The \p hash_id in the RSA context is ignored. * * \param ctx The initialized RSA public key context to use. - * \param mode The mode of operation. This must be either - * #MBEDTLS_RSA_PUBLIC or #MBEDTLS_RSA_PRIVATE. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -1102,7 +1100,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, * \return An \c MBEDTLS_ERR_RSA_XXX error code on failure. */ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, diff --git a/library/pk.c b/library/pk.c index 65a4d0c0f4..06021e26c0 100644 --- a/library/pk.c +++ b/library/pk.c @@ -367,11 +367,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ), - MBEDTLS_RSA_PUBLIC, - md_alg, (unsigned int) hash_len, hash, - pss_opts->mgf1_hash_id, - pss_opts->expected_salt_len, - sig ); + md_alg, (unsigned int) hash_len, hash, + pss_opts->mgf1_hash_id, + pss_opts->expected_salt_len, + sig ); if( ret != 0 ) return( ret ); diff --git a/library/rsa.c b/library/rsa.c index db684c8faa..14eb9205c7 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2147,7 +2147,6 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function */ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, @@ -2168,24 +2167,17 @@ int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx, unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( sig != NULL ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || hash != NULL ); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - siglen = ctx->len; if( siglen < 16 || siglen > sizeof( buf ) ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - ret = ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, buf ) - : mbedtls_rsa_private( ctx, NULL, NULL, sig, buf ); + ret = mbedtls_rsa_public( ctx, sig, buf ); if( ret != 0 ) return( ret ); @@ -2312,7 +2304,6 @@ int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx, : md_alg; return( mbedtls_rsa_rsassa_pss_verify_ext( ctx, - MBEDTLS_RSA_PUBLIC, md_alg, hashlen, hash, mgf1_hash_id, MBEDTLS_RSA_SALT_LEN_ANY, diff --git a/tests/suites/test_suite_pkcs1_v21.function b/tests/suites/test_suite_pkcs1_v21.function index c52edcb891..8f22f20943 100644 --- a/tests/suites/test_suite_pkcs1_v21.function +++ b/tests/suites/test_suite_pkcs1_v21.function @@ -248,10 +248,9 @@ void pkcs1_rsassa_pss_verify_ext( int mod, data_t * input_N, data_t * input_E, hash_len, hash_result, result_str->x ) == result_simple ); - TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, MBEDTLS_RSA_PUBLIC, - msg_digest_id, hash_len, hash_result, - mgf_hash, salt_len, - result_str->x ) == result_full ); + TEST_ASSERT( mbedtls_rsa_rsassa_pss_verify_ext( &ctx, msg_digest_id, hash_len, + hash_result, mgf_hash, salt_len, + result_str->x ) == result_full ); exit: mbedtls_mpi_free( &N ); mbedtls_mpi_free( &E ); diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index b822ed9ead..442e857ed7 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -334,26 +334,22 @@ void rsa_invalid_param( ) TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( NULL, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), NULL, 0, 0, buf ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( &ctx, - MBEDTLS_RSA_PUBLIC, 0, sizeof( buf ), buf, 0, 0, NULL ) ); TEST_INVALID_PARAM_RET( MBEDTLS_ERR_RSA_BAD_INPUT_DATA, mbedtls_rsa_rsassa_pss_verify_ext( &ctx, - MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1, 0, NULL, 0, 0, From 10bc18e3b417632878613648bbd4194e50c1d1a0 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 12:40:20 +0100 Subject: [PATCH 168/271] Corrects outstanding documentation issues Commit removes any remaining superfluous documentation that was not yet removed. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 2c2af3f96e..dda0a61b83 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -573,10 +573,6 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * It is the generic wrapper for performing a PKCS#1 encryption * operation. * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG to use. It is mandatory for PKCS#1 v2.1 padding * encoding, and for PKCS#1 v1.5 padding encoding. @@ -605,10 +601,6 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * \brief This function performs a PKCS#1 v1.5 encryption operation * (RSAES-PKCS1-v1_5-ENCRYPT). * - * \note Alternative implementations of RSA need not support - * mode being set to #MBEDTLS_RSA_PRIVATE and might instead - * return #MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED. - * * \param ctx The initialized RSA context to use. * \param f_rng The RNG function to use. It is needed for padding generation. * \param p_rng The RNG context to be passed to \p f_rng. This may From cad59ed48e4e6bb1fa0f8f25c5e9b25f79eda527 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 15:04:08 +0100 Subject: [PATCH 169/271] Removes mode param from rsa_rsassa_pss_sign Commit removes the mode parameter from the internal function rsa_rsassa_pss_sign. Signed-off-by: Thomas Daubney --- library/rsa.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/library/rsa.c b/library/rsa.c index 14eb9205c7..2f9438ad08 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1744,7 +1744,6 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, - int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, @@ -1760,16 +1759,11 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, const mbedtls_md_info_t *md_info; mbedtls_md_context_t md_ctx; RSA_VALIDATE_RET( ctx != NULL ); - RSA_VALIDATE_RET( mode == MBEDTLS_RSA_PRIVATE || - mode == MBEDTLS_RSA_PUBLIC ); RSA_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hashlen == 0 ) || hash != NULL ); RSA_VALIDATE_RET( sig != NULL ); - if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 ) - return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); - if( f_rng == NULL ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -1868,9 +1862,7 @@ exit: if( ret != 0 ) return( ret ); - return( ( mode == MBEDTLS_RSA_PUBLIC ) - ? mbedtls_rsa_public( ctx, sig, sig ) - : mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ) ); + return mbedtls_rsa_private( ctx, f_rng, p_rng, sig, sig ); } /* @@ -1886,7 +1878,7 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, int saltlen, unsigned char *sig ) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, + return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg, hashlen, hash, saltlen, sig ); } @@ -1902,7 +1894,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, const unsigned char *hash, unsigned char *sig ) { - return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, md_alg, + return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, md_alg, hashlen, hash, MBEDTLS_RSA_SALT_LEN_ANY, sig ); } #endif /* MBEDTLS_PKCS1_V21 */ From 41e4ce4884a95235b04f1ef899de7881dba55310 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 19 May 2021 15:10:05 +0100 Subject: [PATCH 170/271] Removes RSA constants This commit removes the RSA constants MBEDTLS_RSA_PUBLIC and MBEDTLS_RSA_PRIVATE because they are now superfluous given that the mode parameter has been removed. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 2 -- library/rsa.c | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index dda0a61b83..ecf345e64a 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -57,8 +57,6 @@ /* * RSA constants */ -#define MBEDTLS_RSA_PUBLIC 0 /**< Request private key operation. */ -#define MBEDTLS_RSA_PRIVATE 1 /**< Request public key operation. */ #define MBEDTLS_RSA_PKCS_V15 0 /**< Use PKCS#1 v1.5 encoding. */ #define MBEDTLS_RSA_PKCS_V21 1 /**< Use PKCS#1 v2.1 encoding. */ diff --git a/library/rsa.c b/library/rsa.c index 2f9438ad08..c3b54afda2 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -2345,7 +2345,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx, * Apply RSA primitive to get what should be PKCS1 encoded hash. */ - ret = mbedtls_rsa_public( ctx, sig, encoded ); + ret = mbedtls_rsa_public( ctx, sig, encoded ); if( ret != 0 ) goto cleanup; From c6d94aba5039fa56f6e49986e2e8e7f041c2f9bd Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 13:31:59 +0200 Subject: [PATCH 171/271] Fix remaining SHA384 dependencies and ifdef blocks. Signed-off-by: Mateusz Starzyk --- library/oid.c | 8 ++++-- library/ssl_misc.h | 4 +-- library/ssl_tls.c | 40 +++++++++++++-------------- tests/suites/test_suite_shax.function | 2 +- 4 files changed, 29 insertions(+), 25 deletions(-) diff --git a/library/oid.c b/library/oid.c index 5d2613364a..eb15a41b20 100644 --- a/library/oid.c +++ b/library/oid.c @@ -410,11 +410,13 @@ static const oid_sig_alg_t oid_sig_alg[] = MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA, }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA384, "ecdsa-with-SHA384", "ECDSA with SHA384" ), MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA, }, +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) { OID_DESCRIPTOR( MBEDTLS_OID_ECDSA_SHA512, "ecdsa-with-SHA512", "ECDSA with SHA512" ), MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA, @@ -639,11 +641,13 @@ static const oid_md_alg_t oid_md_alg[] = MBEDTLS_MD_SHA256, }, #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) { OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA384, "id-sha384", "SHA-384" ), MBEDTLS_MD_SHA384, }, +#endif /* MBEDTLS_SHA384_C */ +#if defined(MBEDTLS_SHA512_C) { OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_SHA512, "id-sha512", "SHA-512" ), MBEDTLS_MD_SHA512, diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9ac48c757c..22149dd37b 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -154,7 +154,7 @@ #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) /* Ciphersuites using HMAC */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #define MBEDTLS_SSL_MAC_ADD 48 /* SHA-384 used for HMAC */ #elif defined(MBEDTLS_SHA256_C) #define MBEDTLS_SSL_MAC_ADD 32 /* SHA-256 used for HMAC */ @@ -550,7 +550,7 @@ struct mbedtls_ssl_handshake_params mbedtls_sha256_context fin_sha256; #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_operation_t fin_sha384_psa; #else diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a690889191..cec38f70e0 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -653,7 +653,7 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen, } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) static int tls_prf_sha384( const unsigned char *secret, size_t slen, const char *label, const unsigned char *random, size_t rlen, @@ -662,7 +662,7 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen, return( tls_prf_generic( MBEDTLS_MD_SHA384, secret, slen, label, random, rlen, dstbuf, dlen ) ); } -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); @@ -683,7 +683,7 @@ static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned cha static void ssl_calc_finished_tls_sha256( mbedtls_ssl_context *,unsigned char *, int ); #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) static void ssl_update_checksum_sha384( mbedtls_ssl_context *, const unsigned char *, size_t ); static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char*, size_t * ); static void ssl_calc_finished_tls_sha384( mbedtls_ssl_context *, unsigned char *, int ); @@ -723,7 +723,7 @@ static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( tls_prf == tls_prf_sha384 ) { return( MBEDTLS_SSL_TLS_PRF_SHA384 ); @@ -759,11 +759,11 @@ int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_TLS_PRF_SHA384: tls_prf = tls_prf_sha384; break; -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA256_C) case MBEDTLS_SSL_TLS_PRF_SHA256: tls_prf = tls_prf_sha256; @@ -1293,7 +1293,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, int minor_ver, mbedtls_md_type_t hash ) { -#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA512_C) +#if !defined(MBEDTLS_SSL_PROTO_TLS1_2) || !defined(MBEDTLS_SHA384_C) (void) hash; #endif @@ -1307,7 +1307,7 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && hash == MBEDTLS_MD_SHA384 ) { @@ -1627,7 +1627,7 @@ void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, unsigned char *hash, size_t *hlen ) @@ -1674,7 +1674,7 @@ void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *ssl, #endif /* MBEDTLS_USE_PSA_CRYPTO */ return; } -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) @@ -2656,7 +2656,7 @@ void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, else #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) ssl->handshake->update_checksum = ssl_update_checksum_sha384; else @@ -2688,7 +2688,7 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_abort( &ssl->handshake->fin_sha384_psa ); psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); @@ -2714,7 +2714,7 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len ); #else @@ -2746,7 +2746,7 @@ static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, } #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { @@ -2895,7 +2895,7 @@ static void ssl_calc_finished_tls_sha256( } #endif /* MBEDTLS_SHA256_C */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) typedef int (*finish_sha384_t)(mbedtls_sha512_context*, unsigned char*); @@ -2977,7 +2977,7 @@ static void ssl_calc_finished_tls_sha384( MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); } -#endif /* MBEDTLS_SHA512_C */ +#endif /* MBEDTLS_SHA384_C */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ void mbedtls_ssl_handshake_wrapup_free_hs_transform( mbedtls_ssl_context *ssl ) @@ -3269,7 +3269,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) handshake->fin_sha384_psa = psa_hash_operation_init(); psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 ); @@ -5599,7 +5599,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) mbedtls_sha256_free( &handshake->fin_sha256 ); #endif #endif -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_hash_abort( &handshake->fin_sha384_psa ); #else @@ -6041,7 +6041,7 @@ typedef int (*tls_prf_fn)( const unsigned char *secret, size_t slen, unsigned char *dstbuf, size_t dlen ); static tls_prf_fn ssl_tls12prf_from_cs( int ciphersuite_id ) { -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); @@ -7000,7 +7000,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) break; #endif #endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SHA512_C) +#if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_HASH_SHA384: ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; break; diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function index a2028fba8d..1d4cf7192b 100644 --- a/tests/suites/test_suite_shax.function +++ b/tests/suites/test_suite_shax.function @@ -205,7 +205,7 @@ exit: } /* END_CASE */ -/* BEGIN_CASE depends_on:MBEDTLS_SHA512_C */ +/* BEGIN_CASE depends_on:MBEDTLS_SHA384_C */ void sha384( data_t * src_str, data_t * hash ) { unsigned char output[97]; From 2396b21f8015e58bfb9ef35f6a5da69eb46ab3bf Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Wed, 19 May 2021 16:35:51 +0200 Subject: [PATCH 172/271] Provide more in-depth migration guide after removal of null entropy. Signed-off-by: Mateusz Starzyk --- docs/3.0-migration-guide.d/remove-null-entropy.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove-null-entropy.md b/docs/3.0-migration-guide.d/remove-null-entropy.md index d6c39057f0..50e024a2a5 100644 --- a/docs/3.0-migration-guide.d/remove-null-entropy.md +++ b/docs/3.0-migration-guide.d/remove-null-entropy.md @@ -4,6 +4,8 @@ Remove the option to build the library without any entropy sources This does not affect users who use the default `config.h`, as this option was already off by default. -If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option, you can either use -`MBEDTLS_ENTROPY_NV_SEED` or create a fake entropy function. - +If you were using the `MBEDTLS_TEST_NULL_ENTROPY` option and your platform +doesn't have any entropy source, you should use `MBEDTLS_ENTROPY_NV_SEED` +and make sure your device is provisioned with a strong random seed. +Alternatively, for testing purposes only, you can create and register a fake +entropy function. From aa13e9394168e1ea467ccbb1971614b94245f6ac Mon Sep 17 00:00:00 2001 From: Shawn Carey Date: Thu, 6 May 2021 15:11:30 -0400 Subject: [PATCH 173/271] avoid "maybe-uninitialized" and "free-nonheap-object" errors/warnings with gcc11 Signed-off-by: Shawn Carey --- library/ecdsa.c | 2 +- library/x509write_crt.c | 4 ++-- library/x509write_csr.c | 4 ++-- programs/test/udp_proxy.c | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/library/ecdsa.c b/library/ecdsa.c index 35713a696c..9220633564 100644 --- a/library/ecdsa.c +++ b/library/ecdsa.c @@ -651,7 +651,7 @@ static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s, unsigned char *sig, size_t *slen ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char buf[MBEDTLS_ECDSA_MAX_LEN]; + unsigned char buf[MBEDTLS_ECDSA_MAX_LEN] = {0}; unsigned char *p = buf + sizeof( buf ); size_t len = 0; diff --git a/library/x509write_crt.c b/library/x509write_crt.c index 498b8b0a0c..8f4a4f5ea3 100644 --- a/library/x509write_crt.c +++ b/library/x509write_crt.c @@ -233,7 +233,7 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert * int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, unsigned int key_usage ) { - unsigned char buf[5], ku[2]; + unsigned char buf[5] = {0}, ku[2] = {0}; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | @@ -272,7 +272,7 @@ int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx, unsigned char ns_cert_type ) { - unsigned char buf[4]; + unsigned char buf[4] = {0}; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; diff --git a/library/x509write_csr.c b/library/x509write_csr.c index c7c8032bec..afda950341 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -91,7 +91,7 @@ int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) { - unsigned char buf[4]; + unsigned char buf[4] = {0}; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; @@ -113,7 +113,7 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, unsigned char ns_cert_type ) { - unsigned char buf[4]; + unsigned char buf[4] = {0}; unsigned char *c; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 0b1bfd738a..afe0118d07 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -1005,8 +1005,8 @@ exit: for( delay_idx = 0; delay_idx < MAX_DELAYED_HS; delay_idx++ ) { - mbedtls_free( opt.delay_cli + delay_idx ); - mbedtls_free( opt.delay_srv + delay_idx ); + mbedtls_free( opt.delay_cli[delay_idx] ); + mbedtls_free( opt.delay_srv[delay_idx] ); } mbedtls_net_free( &client_fd ); From 03092f5821d1045828469791c7ad8fb6b5d443da Mon Sep 17 00:00:00 2001 From: Shawn Carey Date: Thu, 13 May 2021 10:38:32 -0400 Subject: [PATCH 174/271] avoid -Wmaybe-uninitialized when buiding with gcc11 Signed-off-by: Shawn Carey --- tests/suites/test_suite_ssl.function | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index ef8d3b269d..d9261d1a2a 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2649,7 +2649,7 @@ exit: void ssl_message_mock_uninitialized( ) { enum { MSGLEN = 10 }; - unsigned char message[MSGLEN], received[MSGLEN]; + unsigned char message[MSGLEN] = {0}, received[MSGLEN]; mbedtls_mock_socket client, server; mbedtls_test_message_queue server_queue, client_queue; mbedtls_test_message_socket_context server_context, client_context; From 1905a244886c00f2fea12b8589a934e759d617af Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Sat, 24 Apr 2021 13:19:45 +0200 Subject: [PATCH 175/271] Fix missing compilation guard around psa_crypto_driver_wrappers.c Fix #4411. Signed-off-by: Gilles Peskine --- ChangeLog.d/undefined_reference_without_psa.txt | 4 ++++ library/psa_crypto_driver_wrappers.c | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 ChangeLog.d/undefined_reference_without_psa.txt diff --git a/ChangeLog.d/undefined_reference_without_psa.txt b/ChangeLog.d/undefined_reference_without_psa.txt new file mode 100644 index 0000000000..4dae53419f --- /dev/null +++ b/ChangeLog.d/undefined_reference_without_psa.txt @@ -0,0 +1,4 @@ +Bugfix + * With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built + nonetheless, resulting in undefined reference errors when building a + shared library. Reported by Guillermo Garcia M. in #4411. diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c index aab66ab20f..f61e5ebbe6 100644 --- a/library/psa_crypto_driver_wrappers.c +++ b/library/psa_crypto_driver_wrappers.c @@ -28,6 +28,8 @@ #include "mbedtls/platform.h" +#if defined(MBEDTLS_PSA_CRYPTO_C) + #if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) /* Include test driver definition when running tests */ @@ -1777,4 +1779,5 @@ psa_status_t psa_driver_wrapper_mac_abort( return( PSA_ERROR_INVALID_ARGUMENT ); } } -/* End of automatically generated file. */ + +#endif /* MBEDTLS_PSA_CRYPTO_C */ From 1af28f9b47992f9cf7ccc3085750255170aca3d9 Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 20 May 2021 10:36:15 +0200 Subject: [PATCH 176/271] Fix SHA224 documentation in default config. Signed-off-by: Mateusz Starzyk --- include/mbedtls/config.h | 1 - 1 file changed, 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 8bd07a7b72..2479f741f5 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3106,7 +3106,6 @@ * \def MBEDTLS_SHA224_C * * Enable the SHA-224 cryptographic hash algorithm. - * A future version of the library will have this option disabled by default. * * Requires: MBEDTLS_SHA256_C. The library does not currently support enabling * SHA-224 without SHA-256. From b5e08637adc0d45df10f46531972d79b3a6c4cc0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 01:15:52 +0200 Subject: [PATCH 177/271] Ignore generated source files that are no longer checked in Signed-off-by: Gilles Peskine --- .gitignore | 4 ++++ library/.gitignore | 4 ++++ programs/.gitignore | 6 +++++- tests/.gitignore | 5 +++++ 4 files changed, 18 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 39cdc4ea54..7665265e98 100644 --- a/.gitignore +++ b/.gitignore @@ -37,6 +37,10 @@ massif-* # Microsoft CMake extension for Visual Studio Code generates a build directory by default /build/ +# Visual Studio automatically generated files +/visualc/VS2010/mbedTLS.sln +/visualc/VS2010/*.vcxproj + # Visual Studio artifacts /visualc/VS2010/.localhistory/ /visualc/VS2010/.vs/ diff --git a/library/.gitignore b/library/.gitignore index 3a63a63a43..6fde1f5e77 100644 --- a/library/.gitignore +++ b/library/.gitignore @@ -2,3 +2,7 @@ libmbed* *.sln *.vcxproj + +# Automatically generated files +/error.c +/version_features.c diff --git a/programs/.gitignore b/programs/.gitignore index 4e66f4c0f8..83521a792b 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -5,6 +5,10 @@ *.sln *.vcxproj +# Generated source files +/psa/psa_constant_names_generated.c +/test/query_config.c + *.o *.exe @@ -66,5 +70,5 @@ x509/cert_write x509/crl_app x509/req_app -# generated files +# Generated data files pkey/keyfile.key diff --git a/tests/.gitignore b/tests/.gitignore index d9f4b51787..fa901cbe5b 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -1,6 +1,11 @@ *.sln *.vcxproj +# Generated source files +/suites/*.generated.data +/suites/test_suite_psa_crypto_storage_format.v[0-9]*.data +/suites/test_suite_psa_crypto_storage_format.current.data + *.log /test_suite* data_files/mpi_write From 76c5185dcd774a919c63dc66a7422724f2819ec0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 15:46:17 +0200 Subject: [PATCH 178/271] Move VS2010 Git ignore list to the VS2010 directory The main benefit is that this ensures that the directory always exists in a Git checkout. This way the maintenance scripts don't have to worry about the case where the directory doesn't exist. Also it unclutters `/.gitignore`. Signed-off-by: Gilles Peskine --- .gitignore | 12 ------------ visualc/VS2010/.gitignore | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 12 deletions(-) create mode 100644 visualc/VS2010/.gitignore diff --git a/.gitignore b/.gitignore index 7665265e98..b209ffcd9f 100644 --- a/.gitignore +++ b/.gitignore @@ -37,18 +37,6 @@ massif-* # Microsoft CMake extension for Visual Studio Code generates a build directory by default /build/ -# Visual Studio automatically generated files -/visualc/VS2010/mbedTLS.sln -/visualc/VS2010/*.vcxproj - -# Visual Studio artifacts -/visualc/VS2010/.localhistory/ -/visualc/VS2010/.vs/ -/visualc/VS2010/Debug/ -/visualc/VS2010/Release/ -/visualc/VS2010/*.vcxproj.filters -/visualc/VS2010/*.vcxproj.user - # Generated documentation: /apidoc diff --git a/visualc/VS2010/.gitignore b/visualc/VS2010/.gitignore new file mode 100644 index 0000000000..d3da304f78 --- /dev/null +++ b/visualc/VS2010/.gitignore @@ -0,0 +1,14 @@ +# Files automatically generated by generate_visualc_files.pl +/mbedTLS.sln +/*.vcxproj + +# Files that may be left over from check-generated-files.sh +/*.bak + +# Visual Studio artifacts +/.localhistory/ +/.vs/ +/Debug/ +/Release/ +/*.vcxproj.filters +/*.vcxproj.user From 1570b59bcc46ffe989f62fcb76f564e8845d0c66 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 01:10:12 +0200 Subject: [PATCH 179/271] Generate source files before running any components Now that generated source files are no longer checked in version control, they must be generated before running any tests. Do not check the generated files for freshness: it's no longer relevant. Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8b9d7d172d..30ecd315bc 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -650,6 +650,10 @@ pre_check_tools () { "$@" scripts/output_env.sh } +pre_generate_files() { + make generated_files +} + ################################################################ @@ -672,11 +676,6 @@ component_check_recursion () { record_status tests/scripts/recursion.pl library/*.c } -component_check_generated_files () { - msg "Check: freshness of generated source files" # < 1s - record_status tests/scripts/check-generated-files.sh -} - component_check_doxy_blocks () { msg "Check: doxygen markup outside doxygen blocks" # < 1s record_status tests/scripts/check-doxy-blocks.pl @@ -2740,6 +2739,7 @@ pre_prepare_outcome_file pre_print_configuration pre_check_tools cleanup +pre_generate_files # Run the requested tests. for component in $RUN_COMPONENTS; do From 0da63bec88d27e3032fd334e1f0416c21c7eee63 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 11:55:13 +0200 Subject: [PATCH 180/271] Script to generate source files on Windows Signed-off-by: Gilles Peskine --- scripts/make_generated_files.bat | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 scripts/make_generated_files.bat diff --git a/scripts/make_generated_files.bat b/scripts/make_generated_files.bat new file mode 100644 index 0000000000..4c4b53eeab --- /dev/null +++ b/scripts/make_generated_files.bat @@ -0,0 +1,9 @@ +@rem Generate automatically-generated configuration-independent source files +@rem and build scripts. +@rem Perl and Python 3 must be on the PATH. +perl scripts\generate_errors.pl || exit /b +perl scripts\generate_query_config.pl || exit /b +perl scripts\generate_features.pl || exit /b +perl scripts\generate_visualc_files.pl || exit /b +python scripts\generate_psa_constants.py || exit /b +python tests\scripts\generate_psa_tests.py || exit /b From de7f1e0bc402e067a3551d8d8c67a16117055a0f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 11:55:48 +0200 Subject: [PATCH 181/271] Generate source files before doing builds on Travis On Linux, all.sh takes care of it. On Windows, run make_generated_files.bat. Perl is now required on Windows. Signed-off-by: Gilles Peskine --- .travis.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 9b729ec071..542f705694 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,7 +21,7 @@ jobs: script: - tests/scripts/all.sh -k 'check_*' - tests/scripts/all.sh -k test_default_out_of_box - - tests/scripts/test-ref-configs.pl + - tests/scripts/all.sh -k test_ref_configs - tests/scripts/all.sh -k build_arm_none_eabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus - name: full configuration @@ -39,11 +39,12 @@ jobs: before_install: - choco install python --version=3.5.4 env: - # Add the directory where the Choco package goes + # Add the directory where the Choco packages go - PATH=/c/Python35:/c/Python35/Scripts:$PATH script: + - type perl; perl --version - type python; python --version - - python scripts/generate_psa_constants.py + - scripts/make_generated_files.bat # Logs appear out of sequence on Windows. Give time to catch up. - sleep 5 - scripts/windows_msbuild.bat v141 # Visual Studio 2017 From 1411c7c0d6ce956da378384ac634493e9c09972c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 14:50:16 +0200 Subject: [PATCH 182/271] Don't make configuration-independent files depend on config.h Don't regenerate configuration-independent files when config.h or crypto_config.h changes. These files only depend on the set of symbols present in the headers and not on which symbols are enabled. To avoid rebuilding the generated files whenever the configuration changes, don't declare the configuration as a dependency. In the rare event that a maintainer makes an edit to *config.h that affects the generated files, they'll have to remove the generated files. Signed-off-by: Gilles Peskine --- library/Makefile | 9 +++++++-- programs/Makefile | 7 ++++++- tests/Makefile | 7 ++++++- 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/library/Makefile b/library/Makefile index aff814d00d..90a477d431 100644 --- a/library/Makefile +++ b/library/Makefile @@ -279,14 +279,19 @@ generated_files: $(GENERATED_FILES) error.c: ../scripts/generate_errors.pl error.c: ../scripts/data_files/error.fmt -error.c: $(wildcard ../include/mbedtls/*.h) +error.c: $(filter-out %config%,$(wildcard ../include/mbedtls/*.h)) error.c: echo " Gen $@" $(PERL) ../scripts/generate_errors.pl version_features.c: ../scripts/generate_features.pl version_features.c: ../scripts/data_files/version_features.fmt -version_features.c: ../include/mbedtls/config.h +## The generated file only depends on the options that are present in config.h, +## not on which options are set. To avoid regenerating this file all the time +## when switching between configurations, don't declare config.h as a +## dependency. Remove this file from your working tree if you've just added or +## removed an option in config.h. +#version_features.c: ../include/mbedtls/config.h version_features.c: echo " Gen $@" $(PERL) ../scripts/generate_features.pl diff --git a/programs/Makefile b/programs/Makefile index b2ba08e135..5795cd6dac 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -146,7 +146,12 @@ psa/psa_constant_names_generated.c: $(PYTHON) ../scripts/generate_psa_constants.py test/query_config.c: ../scripts/generate_query_config.pl -test/query_config.c: ../include/mbedtls/config.h +## The generated file only depends on the options that are present in config.h, +## not on which options are set. To avoid regenerating this file all the time +## when switching between configurations, don't declare config.h as a +## dependency. Remove this file from your working tree if you've just added or +## removed an option in config.h. +#test/query_config.c: ../include/mbedtls/config.h test/query_config.c: ../scripts/data_files/query_config.fmt test/query_config.c: echo " Gen $@" diff --git a/tests/Makefile b/tests/Makefile index ef571698c3..c1620d6e72 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -64,7 +64,12 @@ GENERATED_FILES := $(GENERATED_DATA_FILES) generated_files: $(GENERATED_FILES) $(GENERATED_DATA_FILES): scripts/generate_psa_tests.py -$(GENERATED_DATA_FILES): ../include/psa/crypto_config.h +## The generated file only depends on the options that are present in +## crypto_config.h, not on which options are set. To avoid regenerating this +## file all the time when switching between configurations, don't declare +## crypto_config.h as a dependency. Remove this file from your working tree +## if you've just added or removed an option in crypto_config.h. +#$(GENERATED_DATA_FILES): ../include/psa/crypto_config.h $(GENERATED_DATA_FILES): ../include/psa/crypto_values.h $(GENERATED_DATA_FILES): ../include/psa/crypto_extra.h $(GENERATED_DATA_FILES): suites/test_suite_psa_crypto_metadata.data From b0fa9d209d96c429c22ef85f05e2094e32cefd04 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 22 Apr 2021 20:07:44 +0200 Subject: [PATCH 183/271] Don't require make to generate visualc files Don't run `make list` to obtain the list of programs in generate_visualc_files.pl. This doesn't work on Windows when a `make` command is not available. Instead, read the makefile. Signed-off-by: Gilles Peskine --- programs/Makefile | 117 ++++++++++++++++-------------- scripts/generate_visualc_files.pl | 8 +- 2 files changed, 66 insertions(+), 59 deletions(-) diff --git a/programs/Makefile b/programs/Makefile index 5795cd6dac..dcdb8f36db 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -51,72 +51,79 @@ SHARED_SUFFIX= PYTHON ?= $(shell if type python3 >/dev/null 2>/dev/null; then echo python3; else echo python; fi) endif +## The following assignment is the list of base names of applications that +## will be built on Windows. Extra Linux/Unix/POSIX-only applications can +## be declared by appending with `APPS += ...` afterwards. +## See the get_app_list function in scripts/generate_visualc_files.pl and +## make sure to check that it still works if you tweak the format here. APPS = \ - aes/crypt_and_hash$(EXEXT) \ - hash/generic_sum$(EXEXT) \ - hash/hello$(EXEXT) \ - pkey/dh_client$(EXEXT) \ - pkey/dh_genprime$(EXEXT) \ - pkey/dh_server$(EXEXT) \ - pkey/ecdh_curve25519$(EXEXT) \ - pkey/ecdsa$(EXEXT) \ - pkey/gen_key$(EXEXT) \ - pkey/key_app$(EXEXT) \ - pkey/key_app_writer$(EXEXT) \ - pkey/mpi_demo$(EXEXT) \ - pkey/pk_decrypt$(EXEXT) \ - pkey/pk_encrypt$(EXEXT) \ - pkey/pk_sign$(EXEXT) \ - pkey/pk_verify$(EXEXT) \ - pkey/rsa_decrypt$(EXEXT) \ - pkey/rsa_encrypt$(EXEXT) \ - pkey/rsa_genkey$(EXEXT) \ - pkey/rsa_sign$(EXEXT) \ - pkey/rsa_sign_pss$(EXEXT) \ - pkey/rsa_verify$(EXEXT) \ - pkey/rsa_verify_pss$(EXEXT) \ - psa/crypto_examples$(EXEXT) \ - psa/key_ladder_demo$(EXEXT) \ - psa/psa_constant_names$(EXEXT) \ - random/gen_entropy$(EXEXT) \ - random/gen_random_ctr_drbg$(EXEXT) \ - ssl/dtls_client$(EXEXT) \ - ssl/dtls_server$(EXEXT) \ - ssl/mini_client$(EXEXT) \ - ssl/ssl_client1$(EXEXT) \ - ssl/ssl_client2$(EXEXT) \ - ssl/ssl_context_info$(EXEXT) \ - ssl/ssl_fork_server$(EXEXT) \ - ssl/ssl_mail_client$(EXEXT) \ - ssl/ssl_server$(EXEXT) \ - ssl/ssl_server2$(EXEXT) \ - test/benchmark$(EXEXT) \ - test/query_compile_time_config$(EXEXT) \ - test/selftest$(EXEXT) \ - test/udp_proxy$(EXEXT) \ - test/zeroize$(EXEXT) \ - util/pem2der$(EXEXT) \ - util/strerror$(EXEXT) \ - x509/cert_app$(EXEXT) \ - x509/cert_req$(EXEXT) \ - x509/cert_write$(EXEXT) \ - x509/crl_app$(EXEXT) \ - x509/req_app$(EXEXT) \ + aes/crypt_and_hash \ + hash/generic_sum \ + hash/hello \ + pkey/dh_client \ + pkey/dh_genprime \ + pkey/dh_server \ + pkey/ecdh_curve25519 \ + pkey/ecdsa \ + pkey/gen_key \ + pkey/key_app \ + pkey/key_app_writer \ + pkey/mpi_demo \ + pkey/pk_decrypt \ + pkey/pk_encrypt \ + pkey/pk_sign \ + pkey/pk_verify \ + pkey/rsa_decrypt \ + pkey/rsa_encrypt \ + pkey/rsa_genkey \ + pkey/rsa_sign \ + pkey/rsa_sign_pss \ + pkey/rsa_verify \ + pkey/rsa_verify_pss \ + psa/crypto_examples \ + psa/key_ladder_demo \ + psa/psa_constant_names \ + random/gen_entropy \ + random/gen_random_ctr_drbg \ + ssl/dtls_client \ + ssl/dtls_server \ + ssl/mini_client \ + ssl/ssl_client1 \ + ssl/ssl_client2 \ + ssl/ssl_context_info \ + ssl/ssl_fork_server \ + ssl/ssl_mail_client \ + ssl/ssl_server \ + ssl/ssl_server2 \ + test/benchmark \ + test/query_compile_time_config \ + test/selftest \ + test/udp_proxy \ + test/zeroize \ + util/pem2der \ + util/strerror \ + x509/cert_app \ + x509/cert_req \ + x509/cert_write \ + x509/crl_app \ + x509/req_app \ # End of APPS ifdef PTHREAD -APPS += ssl/ssl_pthread_server$(EXEXT) +APPS += ssl/ssl_pthread_server endif ifdef TEST_CPP -APPS += test/cpp_dummy_build$(EXEXT) +APPS += test/cpp_dummy_build endif +EXES = $(patsubst %,%$(EXEXT),$(APPS)) + .SILENT: .PHONY: all clean list fuzz -all: $(APPS) +all: $(EXES) ifndef WINDOWS # APPS doesn't include the fuzzing programs, which aren't "normal" # sample or test programs, and don't build with MSVC which is @@ -382,7 +389,7 @@ psa/crypto_examples$(EXEXT): psa/crypto_examples.c $(DEP) clean: ifndef WINDOWS - rm -f $(APPS) + rm -f $(EXES) -rm -f ssl/ssl_pthread_server$(EXEXT) -rm -f test/cpp_dummy_build$(EXEXT) else @@ -399,4 +406,4 @@ else endif list: - echo $(APPS) + echo $(EXES) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index d11041c318..f325e9a98d 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -177,10 +177,10 @@ sub gen_app { } sub get_app_list { - my $app_list = `cd $programs_dir && make list`; - die "make list failed: $!\n" if $?; - - return split /\s+/, $app_list; + my $makefile_contents = slurp_file('programs/Makefile'); + $makefile_contents =~ /\n\s*APPS\s*=[\\\s]*(.*?)(? Date: Thu, 22 Apr 2021 20:09:25 +0200 Subject: [PATCH 184/271] Simplify line ending management and make it work on Windows Instead of manipulating CR explicitly to cope with CRLF (Windows) line endings in input and produce output with CRLF line endings, just convert files from/to CRLF line endings when reading/writing. The minimum required Perl version remains 5.8, since this both the version that introduced Digest::MD5 (which was used before this patch) and the version that introduced open "<:crlf" (which this patch introduces). Signed-off-by: Gilles Peskine --- scripts/generate_visualc_files.pl | 51 +++++++++++++++---------------- 1 file changed, 25 insertions(+), 26 deletions(-) diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index f325e9a98d..5500c6fad9 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -79,31 +79,30 @@ my @excluded_files = qw( my %excluded_files = (); foreach (@excluded_files) { $excluded_files{$_} = 1 } -# Need windows line endings! my $vsx_hdr_tpl = <\r + EOT my $vsx_src_tpl = <\r + EOT my $vsx_sln_app_entry_tpl = <; close $fh; @@ -137,7 +136,7 @@ sub slurp_file { sub content_to_file { my ($content, $filename) = @_; - open my $fh, '>', $filename or die "Could not write to $filename\n"; + open my $fh, '>:crlf', $filename or die "Could not write to $filename\n"; print $fh $content; close $fh; } @@ -161,17 +160,17 @@ sub gen_app { my $srcs = ""; if( $appname eq "ssl_client2" or $appname eq "ssl_server2" or $appname eq "query_compile_time_config" ) { - $srcs .= "\r\n "; + $srcs .= "\n "; } if( $appname eq "ssl_client2" or $appname eq "ssl_server2" ) { - $srcs .= "\r\n "; + $srcs .= "\n "; } my $content = $template; $content =~ s//$srcs/g; $content =~ s//$appname/g; $content =~ s//$guid/g; - $content =~ s/INCLUDE_DIRECTORIES\r\n/$include_directories/g; + $content =~ s/INCLUDE_DIRECTORIES\n/$include_directories/g; content_to_file( $content, "$dir/$appname.$ext" ); } @@ -214,9 +213,9 @@ sub gen_main_file { my $source_entries = gen_entry_list( $src_tpl, @$sources ); my $out = slurp_file( $main_tpl ); - $out =~ s/SOURCE_ENTRIES\r\n/$source_entries/m; - $out =~ s/HEADER_ENTRIES\r\n/$header_entries/m; - $out =~ s/INCLUDE_DIRECTORIES\r\n/$library_include_directories/g; + $out =~ s/SOURCE_ENTRIES\n/$source_entries/m; + $out =~ s/HEADER_ENTRIES\n/$header_entries/m; + $out =~ s/INCLUDE_DIRECTORIES\n/$library_include_directories/g; content_to_file( $out, $main_out ); } @@ -242,8 +241,8 @@ sub gen_vsx_solution { } my $out = slurp_file( $vsx_sln_tpl_file ); - $out =~ s/APP_ENTRIES\r\n/$app_entries/m; - $out =~ s/CONF_ENTRIES\r\n/$conf_entries/m; + $out =~ s/APP_ENTRIES\n/$app_entries/m; + $out =~ s/CONF_ENTRIES\n/$conf_entries/m; content_to_file( $out, $vsx_sln_file ); } From a4d3273fc7a0a3a5f834b05fb293cb67de6eabf5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 23 Apr 2021 09:44:59 +0200 Subject: [PATCH 185/271] Accept Windows line endings on inputs on any platform Accept Windows line endings in input files on any platform. This makes the scripts work even when running a Unix perl with a source tree that has Windows line endings, as happens for example on our Travis Windows instances. This change is harmless in the common case where the input has the platform's default line endings. Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 4 ++-- scripts/generate_features.pl | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index ed17a0dbdf..606714f991 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -56,7 +56,7 @@ my @high_level_modules = qw( CIPHER DHM ECP MD my $line_separator = $/; undef $/; -open(FORMAT_FILE, "$error_format_file") or die "Opening error format file '$error_format_file': $!"; +open(FORMAT_FILE, '<:crlf', "$error_format_file") or die "Opening error format file '$error_format_file': $!"; my $error_format = ; close(FORMAT_FILE); @@ -66,7 +66,7 @@ my @files = <$include_dir/*.h>; my @necessary_include_files; my @matches; foreach my $file (@files) { - open(FILE, "$file"); + open(FILE, '<:crlf', "$file"); my @grep_res = grep(/^\s*#define\s+MBEDTLS_ERR_\w+\s+\-0x[0-9A-Fa-f]+/, ); push(@matches, @grep_res); close FILE; diff --git a/scripts/generate_features.pl b/scripts/generate_features.pl index 74a95279be..6b1dcbf897 100755 --- a/scripts/generate_features.pl +++ b/scripts/generate_features.pl @@ -45,13 +45,13 @@ my @sections = ( "System support", "mbed TLS modules", my $line_separator = $/; undef $/; -open(FORMAT_FILE, "$feature_format_file") or die "Opening feature format file '$feature_format_file': $!"; +open(FORMAT_FILE, '<:crlf', "$feature_format_file") or die "Opening feature format file '$feature_format_file': $!"; my $feature_format = ; close(FORMAT_FILE); $/ = $line_separator; -open(CONFIG_H, "$include_dir/config.h") || die("Failure when opening config.h: $!"); +open(CONFIG_H, '<:crlf', "$include_dir/config.h") || die("Failure when opening config.h: $!"); my $feature_defines = ""; my $in_section = 0; From 9d1edb6224e257354d11ee99793315ead7673814 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 23 Apr 2021 22:07:25 +0200 Subject: [PATCH 186/271] If $CC looks like MSVC, use a compatible command line syntax Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/c_build_helper.py | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 5c587a16bb..9215d648ca 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -108,6 +108,10 @@ def get_c_expression_values( * ``keep_c``: if true, keep the temporary C file (presumably for debugging purposes). + Use the C compiler specified by the ``CC`` environment variable, defaulting + to ``cc``. If ``CC`` looks like MSVC, use its command line syntax, + otherwise assume the compiler supports Unix traditional ``-I`` and ``-o``. + Return the list of values of the ``expressions``. """ if include_path is None: @@ -124,9 +128,14 @@ def get_c_expression_values( ) c_file.close() cc = os.getenv('CC', 'cc') - subprocess.check_call([cc] + - ['-I' + dir for dir in include_path] + - ['-o', exe_name, c_name]) + cc_is_msvc = ('\\' + cc).lower().endswith('\\cl.exe') + cmd = [cc] + cmd += ['-I' + dir for dir in include_path] + # MSVC doesn't support -o to specify the output file, but we use its + # default output file name. + if not cc_is_msvc: + cmd += ['-o', exe_name] + subprocess.check_call(cmd + [c_name]) if keep_c: sys.stderr.write('List of {} tests kept at {}\n' .format(caller, c_name)) From d2968bd12226f03c728bde3de06a396eeaeff1f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 6 May 2021 09:55:44 +0200 Subject: [PATCH 187/271] Explicitly specify exit code for "exit /b" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit "exit /b" without an explicit exit value doesn't copy the value of the last command executed, causing issues on Jenkins. Signed-off-by: Bence Szépkúti --- scripts/make_generated_files.bat | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/make_generated_files.bat b/scripts/make_generated_files.bat index 4c4b53eeab..e4465d8f09 100644 --- a/scripts/make_generated_files.bat +++ b/scripts/make_generated_files.bat @@ -1,9 +1,9 @@ @rem Generate automatically-generated configuration-independent source files @rem and build scripts. @rem Perl and Python 3 must be on the PATH. -perl scripts\generate_errors.pl || exit /b -perl scripts\generate_query_config.pl || exit /b -perl scripts\generate_features.pl || exit /b -perl scripts\generate_visualc_files.pl || exit /b -python scripts\generate_psa_constants.py || exit /b -python tests\scripts\generate_psa_tests.py || exit /b +perl scripts\generate_errors.pl || exit /b 1 +perl scripts\generate_query_config.pl || exit /b 1 +perl scripts\generate_features.pl || exit /b 1 +perl scripts\generate_visualc_files.pl || exit /b 1 +python scripts\generate_psa_constants.py || exit /b 1 +python tests\scripts\generate_psa_tests.py || exit /b 1 From cabae3d29ee81536388fb411016997354359c509 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Thu, 6 May 2021 15:14:16 +0200 Subject: [PATCH 188/271] Specify output name for MSVC as well MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The output file was being created in the working directory, instead of the temp directory. Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 9215d648ca..ddef10fbe2 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -95,7 +95,7 @@ def get_c_expression_values( caller=__name__, file_label='', header='', include_path=None, keep_c=False, -): # pylint: disable=too-many-arguments +): # pylint: disable=too-many-arguments, too-many-locals """Generate and run a program to print out numerical values for expressions. * ``cast_to``: a C type. @@ -131,10 +131,9 @@ def get_c_expression_values( cc_is_msvc = ('\\' + cc).lower().endswith('\\cl.exe') cmd = [cc] cmd += ['-I' + dir for dir in include_path] - # MSVC doesn't support -o to specify the output file, but we use its - # default output file name. - if not cc_is_msvc: - cmd += ['-o', exe_name] + # MSVC has deprecated using -o to specify the output file. + output_opt = '-Fe' if cc_is_msvc else '-o' + cmd += [output_opt + exe_name] subprocess.check_call(cmd + [c_name]) if keep_c: sys.stderr.write('List of {} tests kept at {}\n' From 9e84ec771192360c5c6db056285b784ea70883a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 7 May 2021 11:49:17 +0200 Subject: [PATCH 189/271] Always use posix semantics when joining paths MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The backslashes were causing issues with Makefile rules. Signed-off-by: Bence Szépkúti --- tests/scripts/generate_psa_tests.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index ab8ebffe44..30f82db257 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -22,6 +22,7 @@ generate only the specified files. import argparse import os +import posixpath import re import sys from typing import Callable, Dict, FrozenSet, Iterable, Iterator, List, Optional, TypeVar @@ -399,7 +400,7 @@ class TestGenerator: def filename_for(self, basename: str) -> str: """The location of the data file with the specified base name.""" - return os.path.join(self.test_suite_directory, basename + '.data') + return posixpath.join(self.test_suite_directory, basename + '.data') def write_test_data_file(self, basename: str, test_cases: Iterable[test_case.TestCase]) -> None: From 3bd51b0bb11e4e3ff0c3b8b8c97e9c30093e1de5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Fri, 7 May 2021 15:10:39 +0200 Subject: [PATCH 190/271] Improve MSVC detection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index ddef10fbe2..e9e65c30ac 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -128,7 +128,7 @@ def get_c_expression_values( ) c_file.close() cc = os.getenv('CC', 'cc') - cc_is_msvc = ('\\' + cc).lower().endswith('\\cl.exe') + cc_is_msvc = os.path.split(cc)[1].lower() in ('cl', 'cl.exe') cmd = [cc] cmd += ['-I' + dir for dir in include_path] # MSVC has deprecated using -o to specify the output file. From d05a588f19e9298794e08aecedc7cbe7bc52896e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 May 2021 23:57:42 +0200 Subject: [PATCH 191/271] Document how to build the generated source files Signed-off-by: Gilles Peskine --- README.md | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ee6ad52a31..3f41a0d76d 100644 --- a/README.md +++ b/README.md @@ -51,8 +51,27 @@ You need the following tools to build the library with the provided makefiles: * GNU Make or a build tool that CMake supports. * A C99 toolchain (compiler, linker, archiver). We actively test with GCC 5.4, Clang 3.8, IAR8 and Visual Studio 2013. More recent versions should work. Slightly older versions may work. -* Python 3 to generate the test code. -* Perl to run the tests. +* Python 3 to generate the test code, and to generate sample programs in the development branch. +* Perl to run the tests, and to generate some source files in the development branch. + +### Generated source files in the development branch + +The source code of Mbed TLS includes some files that are automatically generated by scripts and whose content depends only on the Mbed TLS source, not on the platform or on the library configuration. These files are not included in the development branch of Mbed TLS, but the generated files are included in official releases. This section explains how to generate the missing files in the development branch. + +The following tools are required: + +* Perl, for some library source files and for Visual Studio build files. +* Python 3, for some sample programs and test data. +* A C compiler for the host platform, for some test data. + +If you are cross-compiling, you must set the `CC` environment variable to a C compiler for the host platform when generating the configuration-independent files. + +Any of the following methods are available to generate the configuration-independent files: + +* If not cross-compiling, running `make` with any target, or just `make`, will automatically generate required files. +* Run `make generated_files` to generate all the configuration-independent files. +* On Unix/POSIX systems, run `tests/scripts/check-generated-files.sh -u` to generate all the configuration-independent files. +* On Windows, run `scripts\make_generated_files.bat` to generate all the configuration-independent files. ### Make @@ -174,6 +193,8 @@ The build files for Microsoft Visual Studio are generated for Visual Studio 2010 The solution file `mbedTLS.sln` contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need Python and perl environments as well. However, the selftest program in `programs/test/` is still available. +In the development branch of Mbed TLS, the Visual Studio solution files need to be generated first as described in [“Generated source files in the development branch”](#generated-source-files-in-the-development-branch). + Example programs ---------------- From 383339c1f11ac250e5d8186f728ebcff057c52f2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 17 May 2021 23:58:01 +0200 Subject: [PATCH 192/271] Changelog entry for the requirement to generate source files Signed-off-by: Gilles Peskine --- ChangeLog.d/no-generated-files.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ChangeLog.d/no-generated-files.txt diff --git a/ChangeLog.d/no-generated-files.txt b/ChangeLog.d/no-generated-files.txt new file mode 100644 index 0000000000..0f9648a99e --- /dev/null +++ b/ChangeLog.d/no-generated-files.txt @@ -0,0 +1,7 @@ +Requirement changes + * If you build the development version of Mbed TLS, rather than an official + release, some configuration-independent files are now generated at build + time rather than checked into source control. This includes some library + source files as well as the Visual Studio solution. Perl, Python 3 and a + C compiler for the host platform are required. See “Generated source files + in the development branch” in README.md for more information. From 7261fff37b53fb7db25827af662010288929e1dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 14:39:40 +0200 Subject: [PATCH 193/271] Switch assemble_changelog to using text strings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changelog contents should be UTF-8 text files. There's no need to be binary-safe. So switch to using text strings in Python (str, not bytes). This commit makes the following changes: * Bytes literals (b'…') to string literals ('…'). * Subprocess output (which is all git information) is decoded as ascii. * Inject text directly in exceptions rather than calling a decode method. This is enough to make the script work as desired in a UTF-8 locale. Signed-off-by: Gilles Peskine --- scripts/assemble_changelog.py | 78 +++++++++++++++++------------------ 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index 56d6c37e19..1699955235 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -63,15 +63,15 @@ class LostContent(Exception): # The category names we use in the changelog. # If you edit this, update ChangeLog.d/README.md. STANDARD_CATEGORIES = ( - b'API changes', - b'Default behavior changes', - b'Requirement changes', - b'New deprecations', - b'Removals', - b'Features', - b'Security', - b'Bugfix', - b'Changes', + 'API changes', + 'Default behavior changes', + 'Requirement changes', + 'New deprecations', + 'Removals', + 'Features', + 'Security', + 'Bugfix', + 'Changes', ) # The maximum line length for an entry @@ -122,13 +122,13 @@ class ChangelogFormat: class TextChangelogFormat(ChangelogFormat): """The traditional Mbed TLS changelog format.""" - _unreleased_version_text = b'= mbed TLS x.x.x branch released xxxx-xx-xx' + _unreleased_version_text = '= mbed TLS x.x.x branch released xxxx-xx-xx' @classmethod def is_released_version(cls, title): # Look for an incomplete release date - return not re.search(br'[0-9x]{4}-[0-9x]{2}-[0-9x]?x', title) + return not re.search(r'[0-9x]{4}-[0-9x]{2}-[0-9x]?x', title) - _top_version_re = re.compile(br'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)', + _top_version_re = re.compile(r'(?:\A|\n)(=[^\n]*\n+)(.*?\n)(?:=|$)', re.DOTALL) @classmethod def extract_top_version(cls, changelog_file_content): @@ -140,17 +140,17 @@ class TextChangelogFormat(ChangelogFormat): top_version_body = m.group(2) if cls.is_released_version(top_version_title): top_version_end = top_version_start - top_version_title = cls._unreleased_version_text + b'\n\n' - top_version_body = b'' + top_version_title = cls._unreleased_version_text + '\n\n' + top_version_body = '' return (changelog_file_content[:top_version_start], top_version_title, top_version_body, changelog_file_content[top_version_end:]) @classmethod def version_title_text(cls, version_title): - return re.sub(br'\n.*', version_title, re.DOTALL) + return re.sub(r'\n.*', version_title, re.DOTALL) - _category_title_re = re.compile(br'(^\w.*)\n+', re.MULTILINE) + _category_title_re = re.compile(r'(^\w.*)\n+', re.MULTILINE) @classmethod def split_categories(cls, version_body): """A category title is a line with the title in column 0.""" @@ -163,10 +163,10 @@ class TextChangelogFormat(ChangelogFormat): title_starts = [m.start(1) for m in title_matches] body_starts = [m.end(0) for m in title_matches] body_ends = title_starts[1:] + [len(version_body)] - bodies = [version_body[body_start:body_end].rstrip(b'\n') + b'\n' + bodies = [version_body[body_start:body_end].rstrip('\n') + '\n' for (body_start, body_end) in zip(body_starts, body_ends)] - title_lines = [version_body[:pos].count(b'\n') for pos in title_starts] - body_lines = [version_body[:pos].count(b'\n') for pos in body_starts] + title_lines = [version_body[:pos].count('\n') for pos in title_starts] + body_lines = [version_body[:pos].count('\n') for pos in body_starts] return [CategoryContent(title_match.group(1), title_line, body, body_line) for title_match, title_line, body, body_line @@ -176,9 +176,9 @@ class TextChangelogFormat(ChangelogFormat): def format_category(cls, title, body): # `split_categories` ensures that each body ends with a newline. # Make sure that there is additionally a blank line between categories. - if not body.endswith(b'\n\n'): - body += b'\n' - return title + b'\n' + body + if not body.endswith('\n\n'): + body += '\n' + return title + '\n' + body class ChangeLog: """An Mbed TLS changelog. @@ -199,10 +199,10 @@ class ChangeLog: # Only accept dotted version numbers (e.g. "3.1", not "3"). # Refuse ".x" in a version number where x is a letter: this indicates # a version that is not yet released. Something like "3.1a" is accepted. - _version_number_re = re.compile(br'[0-9]+\.[0-9A-Za-z.]+') - _incomplete_version_number_re = re.compile(br'.*\.[A-Za-z]') - _only_url_re = re.compile(br'^\s*\w+://\S+\s*$') - _has_url_re = re.compile(br'.*://.*') + _version_number_re = re.compile(r'[0-9]+\.[0-9A-Za-z.]+') + _incomplete_version_number_re = re.compile(r'.*\.[A-Za-z]') + _only_url_re = re.compile(r'^\s*\w+://\S+\s*$') + _has_url_re = re.compile(r'.*://.*') def add_categories_from_text(self, filename, line_offset, text, allow_unknown_category): @@ -218,7 +218,7 @@ class ChangeLog: raise InputFormatError(filename, line_offset + category.title_line, 'Unknown category: "{}"', - category.name.decode('utf8')) + category.name) body_split = category.body.splitlines() @@ -250,8 +250,8 @@ class ChangeLog: # Split the top version section into categories. self.categories = OrderedDict() for category in STANDARD_CATEGORIES: - self.categories[category] = b'' - offset = (self.header + self.top_version_title).count(b'\n') + 1 + self.categories[category] = '' + offset = (self.header + self.top_version_title).count('\n') + 1 self.add_categories_from_text(input_stream.name, offset, top_version_body, True) @@ -264,7 +264,7 @@ class ChangeLog: def write(self, filename): """Write the changelog to the specified file. """ - with open(filename, 'wb') as out: + with open(filename, 'w') as out: out.write(self.header) out.write(self.top_version_title) for title, body in self.categories.items(): @@ -303,7 +303,7 @@ class EntryFileSortKey: hashes = subprocess.check_output(['git', 'log', '--format=%H', '--follow', '--', filename]) - m = re.search(b'(.+)$', hashes) + m = re.search('(.+)$', hashes.decode('ascii')) if not m: # The git output is empty. This means that the file was # never checked in. @@ -320,8 +320,8 @@ class EntryFileSortKey: """ text = subprocess.check_output(['git', 'rev-list', '--merges', *options, - b'..'.join([some_hash, target])]) - return text.rstrip(b'\n').split(b'\n') + '..'.join([some_hash, target])]) + return text.decode('ascii').rstrip('\n').split('\n') @classmethod def merge_hash(cls, some_hash): @@ -329,7 +329,7 @@ class EntryFileSortKey: Return None if the given commit was never merged. """ - target = b'HEAD' + target = 'HEAD' # List the merges from some_hash to the target in two ways. # The ancestry list is the ones that are both descendants of # some_hash and ancestors of the target. @@ -407,12 +407,12 @@ def check_output(generated_output_file, main_input_file, merged_files): is also present in an output file. This is not perfect but good enough for now. """ - generated_output = set(open(generated_output_file, 'rb')) - for line in open(main_input_file, 'rb'): + generated_output = set(open(generated_output_file, 'r')) + for line in open(main_input_file, 'r'): if line not in generated_output: raise LostContent('original file', line) for merged_file in merged_files: - for line in open(merged_file, 'rb'): + for line in open(merged_file, 'r'): if line not in generated_output: raise LostContent(merged_file, line) @@ -455,14 +455,14 @@ def merge_entries(options): Write the new changelog to options.output. Remove the merged entries if options.keep_entries is false. """ - with open(options.input, 'rb') as input_file: + with open(options.input, 'r') as input_file: changelog = ChangeLog(input_file, TextChangelogFormat) files_to_merge = list_files_to_merge(options) if not files_to_merge: sys.stderr.write('There are no pending changelog entries.\n') return for filename in files_to_merge: - with open(filename, 'rb') as input_file: + with open(filename, 'r') as input_file: changelog.add_file(input_file) finish_output(changelog, options.output, options.input, files_to_merge) if not options.keep_entries: From e151e21ae34c3031b6b79b00d86f5d987c1eb2d8 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 14:49:02 +0200 Subject: [PATCH 194/271] Explicitly use UTF-8 in assemble_changelog Changelog contents should be UTF-8 text files. So explicitly open all files as UTF-8. This makes the script independent of the ambient locale (except with respect to exception messages, but we can live with that). Signed-off-by: Gilles Peskine --- scripts/assemble_changelog.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/assemble_changelog.py b/scripts/assemble_changelog.py index 1699955235..b8a63c9e93 100755 --- a/scripts/assemble_changelog.py +++ b/scripts/assemble_changelog.py @@ -264,7 +264,7 @@ class ChangeLog: def write(self, filename): """Write the changelog to the specified file. """ - with open(filename, 'w') as out: + with open(filename, 'w', encoding='utf-8') as out: out.write(self.header) out.write(self.top_version_title) for title, body in self.categories.items(): @@ -407,12 +407,12 @@ def check_output(generated_output_file, main_input_file, merged_files): is also present in an output file. This is not perfect but good enough for now. """ - generated_output = set(open(generated_output_file, 'r')) - for line in open(main_input_file, 'r'): + generated_output = set(open(generated_output_file, 'r', encoding='utf-8')) + for line in open(main_input_file, 'r', encoding='utf-8'): if line not in generated_output: raise LostContent('original file', line) for merged_file in merged_files: - for line in open(merged_file, 'r'): + for line in open(merged_file, 'r', encoding='utf-8'): if line not in generated_output: raise LostContent(merged_file, line) @@ -455,14 +455,14 @@ def merge_entries(options): Write the new changelog to options.output. Remove the merged entries if options.keep_entries is false. """ - with open(options.input, 'r') as input_file: + with open(options.input, 'r', encoding='utf-8') as input_file: changelog = ChangeLog(input_file, TextChangelogFormat) files_to_merge = list_files_to_merge(options) if not files_to_merge: sys.stderr.write('There are no pending changelog entries.\n') return for filename in files_to_merge: - with open(filename, 'r') as input_file: + with open(filename, 'r', encoding='utf-8') as input_file: changelog.add_file(input_file) finish_output(changelog, options.output, options.input, files_to_merge) if not options.keep_entries: From b32966dd92cf9bf7ada5d4700570cbf55cef5243 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 14:58:09 +0200 Subject: [PATCH 195/271] In update mode, create the files if they don't exist `check-generated-files -u` aborted if one of the generated files didn't exist. Now it treats a missing file as an out-of-date file. Signed-off-by: Gilles Peskine --- tests/scripts/check-generated-files.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 23b3148a35..ea0aadd110 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -60,7 +60,11 @@ check() fi for FILE in $FILES; do - cp $FILE $FILE.bak + if [ -e "$FILE" ]; then + cp "$FILE" "$FILE.bak" + else + rm -f "$FILE.bak" + fi done $SCRIPT @@ -76,7 +80,7 @@ check() if [ -z "$UPDATE" ]; then mv $FILE.bak $FILE else - rm $FILE.bak + rm -f "$FILE.bak" fi if [ -d $TO_CHECK ]; then From fa6bf1e588377cfe77b025a3613cbbf6772bc70d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 10 May 2021 20:50:07 +0200 Subject: [PATCH 196/271] Detect MSVC without relying on compiler filename MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index e9e65c30ac..569ebf064a 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -89,6 +89,7 @@ int main(void) } ''') +_cc_is_msvc = None #pylint: disable=invalid-name def get_c_expression_values( cast_to, printf_format, expressions, @@ -128,11 +129,20 @@ def get_c_expression_values( ) c_file.close() cc = os.getenv('CC', 'cc') - cc_is_msvc = os.path.split(cc)[1].lower() in ('cl', 'cl.exe') cmd = [cc] + + global _cc_is_msvc #pylint: disable=global-statement,invalid-name + if _cc_is_msvc is None: + proc = subprocess.Popen(cmd, + stdout=subprocess.DEVNULL, + stderr=subprocess.PIPE, + universal_newlines=True) + _cc_is_msvc = 'Microsoft (R) C/C++ Optimizing Compiler' in \ + proc.communicate()[1] + cmd += ['-I' + dir for dir in include_path] # MSVC has deprecated using -o to specify the output file. - output_opt = '-Fe' if cc_is_msvc else '-o' + output_opt = '-Fe' if _cc_is_msvc else '-o' cmd += [output_opt + exe_name] subprocess.check_call(cmd + [c_name]) if keep_c: From 24c29fe7c3a8f5c32902ed0722bb97e1ddd50903 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Mon, 10 May 2021 23:56:29 +0200 Subject: [PATCH 197/271] Clean up object files produced by MSVC MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 569ebf064a..4ce96ebfaa 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -45,9 +45,11 @@ def create_c_file(file_label): suffix='.c') exe_suffix = '.exe' if platform.system() == 'Windows' else '' exe_name = c_name[:-2] + exe_suffix + obj_name = c_name[:-2] + '.obj' remove_file_if_exists(exe_name) + remove_file_if_exists(obj_name) c_file = os.fdopen(c_fd, 'w', encoding='ascii') - return c_file, c_name, exe_name + return c_file, c_name, exe_name, obj_name def generate_c_printf_expressions(c_file, cast_to, printf_format, expressions): """Generate C instructions to print the value of ``expressions``. @@ -120,7 +122,7 @@ def get_c_expression_values( c_name = None exe_name = None try: - c_file, c_name, exe_name = create_c_file(file_label) + c_file, c_name, exe_name, obj_name = create_c_file(file_label) generate_c_file( c_file, caller, header, lambda c_file: generate_c_printf_expressions(c_file, @@ -141,15 +143,20 @@ def get_c_expression_values( proc.communicate()[1] cmd += ['-I' + dir for dir in include_path] - # MSVC has deprecated using -o to specify the output file. - output_opt = '-Fe' if _cc_is_msvc else '-o' - cmd += [output_opt + exe_name] + if _cc_is_msvc: + # MSVC has deprecated using -o to specify the output file, + # and produces an object file in the working directory by default. + cmd += ['-Fe' + exe_name, '-Fo' + obj_name] + else: + cmd += ['-o' + exe_name] subprocess.check_call(cmd + [c_name]) if keep_c: sys.stderr.write('List of {} tests kept at {}\n' .format(caller, c_name)) else: os.remove(c_name) + if _cc_is_msvc: + os.remove(obj_name) output = subprocess.check_output([exe_name]) return output.decode('ascii').strip().split('\n') finally: From 0671dd31074e232bb8de05c9a5da357d71cd394f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 12 May 2021 09:49:45 +0200 Subject: [PATCH 198/271] Add notice of caching whether the compiler is MSVC MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 4ce96ebfaa..d02deb35a4 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -115,6 +115,9 @@ def get_c_expression_values( to ``cc``. If ``CC`` looks like MSVC, use its command line syntax, otherwise assume the compiler supports Unix traditional ``-I`` and ``-o``. + NOTE: This function only checks the identity of the compiler referred to by + ``CC`` on its first invocation, and caches the result. + Return the list of values of the ``expressions``. """ if include_path is None: From 46d894925dfa4f06fbae719dc43d2eddf4aeed1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 12 May 2021 10:11:53 +0200 Subject: [PATCH 199/271] Move object file handling out of create_c_file() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index d02deb35a4..54c4e93d11 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -45,11 +45,9 @@ def create_c_file(file_label): suffix='.c') exe_suffix = '.exe' if platform.system() == 'Windows' else '' exe_name = c_name[:-2] + exe_suffix - obj_name = c_name[:-2] + '.obj' remove_file_if_exists(exe_name) - remove_file_if_exists(obj_name) c_file = os.fdopen(c_fd, 'w', encoding='ascii') - return c_file, c_name, exe_name, obj_name + return c_file, c_name, exe_name def generate_c_printf_expressions(c_file, cast_to, printf_format, expressions): """Generate C instructions to print the value of ``expressions``. @@ -124,8 +122,9 @@ def get_c_expression_values( include_path = [] c_name = None exe_name = None + obj_name = None try: - c_file, c_name, exe_name, obj_name = create_c_file(file_label) + c_file, c_name, exe_name = create_c_file(file_label) generate_c_file( c_file, caller, header, lambda c_file: generate_c_printf_expressions(c_file, @@ -149,6 +148,7 @@ def get_c_expression_values( if _cc_is_msvc: # MSVC has deprecated using -o to specify the output file, # and produces an object file in the working directory by default. + obj_name = exe_name[:-4] + '.obj' cmd += ['-Fe' + exe_name, '-Fo' + obj_name] else: cmd += ['-o' + exe_name] From 7c185503836057fc70af296d58572fd8143a9004 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 12 May 2021 10:21:39 +0200 Subject: [PATCH 200/271] Remove object file in finally MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 54c4e93d11..833db465f2 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -158,9 +158,8 @@ def get_c_expression_values( .format(caller, c_name)) else: os.remove(c_name) - if _cc_is_msvc: - os.remove(obj_name) output = subprocess.check_output([exe_name]) return output.decode('ascii').strip().split('\n') finally: remove_file_if_exists(exe_name) + remove_file_if_exists(obj_name) From 539f1432cdc301e2f7b9c8109bcc25f5c38cad78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bence=20Sz=C3=A9pk=C3=BAti?= Date: Wed, 12 May 2021 10:28:30 +0200 Subject: [PATCH 201/271] Remove caching of cc_is_msvc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Bence Szépkúti --- scripts/mbedtls_dev/c_build_helper.py | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/scripts/mbedtls_dev/c_build_helper.py b/scripts/mbedtls_dev/c_build_helper.py index 833db465f2..18c1e76067 100644 --- a/scripts/mbedtls_dev/c_build_helper.py +++ b/scripts/mbedtls_dev/c_build_helper.py @@ -89,7 +89,6 @@ int main(void) } ''') -_cc_is_msvc = None #pylint: disable=invalid-name def get_c_expression_values( cast_to, printf_format, expressions, @@ -113,9 +112,6 @@ def get_c_expression_values( to ``cc``. If ``CC`` looks like MSVC, use its command line syntax, otherwise assume the compiler supports Unix traditional ``-I`` and ``-o``. - NOTE: This function only checks the identity of the compiler referred to by - ``CC`` on its first invocation, and caches the result. - Return the list of values of the ``expressions``. """ if include_path is None: @@ -135,17 +131,15 @@ def get_c_expression_values( cc = os.getenv('CC', 'cc') cmd = [cc] - global _cc_is_msvc #pylint: disable=global-statement,invalid-name - if _cc_is_msvc is None: - proc = subprocess.Popen(cmd, - stdout=subprocess.DEVNULL, - stderr=subprocess.PIPE, - universal_newlines=True) - _cc_is_msvc = 'Microsoft (R) C/C++ Optimizing Compiler' in \ - proc.communicate()[1] + proc = subprocess.Popen(cmd, + stdout=subprocess.DEVNULL, + stderr=subprocess.PIPE, + universal_newlines=True) + cc_is_msvc = 'Microsoft (R) C/C++ Optimizing Compiler' in \ + proc.communicate()[1] cmd += ['-I' + dir for dir in include_path] - if _cc_is_msvc: + if cc_is_msvc: # MSVC has deprecated using -o to specify the output file, # and produces an object file in the working directory by default. obj_name = exe_name[:-4] + '.obj' From e2f476e0fd1563e151c38da15b5bc71105d4d07e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 15:47:55 +0200 Subject: [PATCH 202/271] Avoid creating visualc/VS2010/*.bak.bak files This could happen if a previous run of check-generated-files failed. Signed-off-by: Gilles Peskine --- tests/scripts/check-generated-files.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index ea0aadd110..07974a23e2 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -52,6 +52,7 @@ check() FILES="" if [ -d $TO_CHECK ]; then + rm -f "$TO_CHECK"/*.bak for FILE in $TO_CHECK/*; do FILES="$FILE $FILES" done From 94230eaf4153dfac761d2dcabe81ab80017e2ab1 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 15:48:56 +0200 Subject: [PATCH 203/271] Fix `make generated_files` generating broken visualc files Ensure that the .c files that generate_visualc_files.pl enumerates are present before it runs. Otherwise, depending on the order in which make builds targets, running `make generated_files` from a fresh checkout could end up missing `library/error.c` and `library/version_features.c`. Signed-off-by: Gilles Peskine --- Makefile | 6 ++++++ tests/scripts/check-generated-files.sh | 3 +++ 2 files changed, 9 insertions(+) diff --git a/Makefile b/Makefile index a0c4386764..786ad86faf 100644 --- a/Makefile +++ b/Makefile @@ -40,6 +40,12 @@ generated_files: visualc_files VISUALC_FILES = visualc/VS2010/mbedTLS.sln visualc/VS2010/mbedTLS.vcxproj # TODO: $(app).vcxproj for each $(app) in programs/ visualc_files: $(VISUALC_FILES) + +# Ensure that the .c files that generate_visualc_files.pl enumerates are +# present before it runs. List the files explicitly, not via the +# library/generated_files indirection, because otherwise running +# make visualc_files would always consider the visualc files out of date. +$(VISUALC_FILES): library/error.c library/version_features.c $(VISUALC_FILES): scripts/generate_visualc_files.pl $(VISUALC_FILES): scripts/data_files/vs2010-app-template.vcxproj $(VISUALC_FILES): scripts/data_files/vs2010-main-template.vcxproj diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index 07974a23e2..b480837866 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -109,6 +109,9 @@ check() check scripts/generate_errors.pl library/error.c check scripts/generate_query_config.pl programs/test/query_config.c check scripts/generate_features.pl library/version_features.c +# generate_visualc_files enumerates source files (library/*.c). It doesn't +# care about their content, but the files must exist. So it must run after +# the step that creates or updates these files. check scripts/generate_visualc_files.pl visualc/VS2010 check scripts/generate_psa_constants.py programs/psa/psa_constant_names_generated.c check tests/scripts/generate_psa_tests.py $(tests/scripts/generate_psa_tests.py --list) From 67debb616103c68f259857909062804623a4bf0a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 16:09:50 +0200 Subject: [PATCH 204/271] Test check-generated-files.sh Re-create a component check_generated_files. Unlike the old one, which checked that the generated files were up-to-date, the job of the new one is to check that tests/scripts/check-generated-files.sh works (at least to the extent of not errorring out). Signed-off-by: Gilles Peskine --- tests/scripts/all.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 30ecd315bc..3cd945656d 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -676,6 +676,26 @@ component_check_recursion () { record_status tests/scripts/recursion.pl library/*.c } +component_check_generated_files () { + msg "Check: check-generated-files, files generated with make" # 2s + make generated_files + record_status tests/scripts/check-generated-files.sh + + msg "Check: check-generated-files -u, files present" # 2s + record_status tests/scripts/check-generated-files.sh -u + # Check that the generated files are considered up to date. + record_status tests/scripts/check-generated-files.sh + + msg "Check: check-generated-files -u, files absent" # 2s + command make neat + record_status tests/scripts/check-generated-files.sh -u + # Check that the generated files are considered up to date. + record_status tests/scripts/check-generated-files.sh + + # This component ends with the generated files present in the source tree. + # This is necessary for subsequent components! +} + component_check_doxy_blocks () { msg "Check: doxygen markup outside doxygen blocks" # < 1s record_status tests/scripts/check-doxy-blocks.pl From 7ca4ff677d78baba9c13bf34be4691eb9c9e85d9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 18 May 2021 16:14:28 +0200 Subject: [PATCH 205/271] Remove Git pre-commit hook Since generated files are no longer stored in the repository, they don't need to be up-to-date before committing. Signed-off-by: Gilles Peskine --- tests/git-scripts/pre-commit.sh | 34 --------------------------------- 1 file changed, 34 deletions(-) delete mode 100755 tests/git-scripts/pre-commit.sh diff --git a/tests/git-scripts/pre-commit.sh b/tests/git-scripts/pre-commit.sh deleted file mode 100755 index fb28dad91f..0000000000 --- a/tests/git-scripts/pre-commit.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh - -# pre-commit.sh -# -# Copyright The Mbed TLS Contributors -# SPDX-License-Identifier: Apache-2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Purpose -# -# This script does quick sanity checks before commiting: -# - check that generated files are up-to-date. -# -# It is meant to be called as a git pre-commit hook, see README.md. -# -# From the git sample pre-commit hook: -# Called by "git commit" with no arguments. The hook should -# exit with non-zero status after issuing an appropriate message if -# it wants to stop the commit. - -set -eu - -tests/scripts/check-generated-files.sh From a13deaf98610c1d3c24549fb9d30476171501143 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 19 May 2021 14:26:37 +0200 Subject: [PATCH 206/271] Use an order-only dependency the presence matters but not the content Signed-off-by: Gilles Peskine --- Makefile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 786ad86faf..ad82c0fbde 100644 --- a/Makefile +++ b/Makefile @@ -42,10 +42,9 @@ VISUALC_FILES = visualc/VS2010/mbedTLS.sln visualc/VS2010/mbedTLS.vcxproj visualc_files: $(VISUALC_FILES) # Ensure that the .c files that generate_visualc_files.pl enumerates are -# present before it runs. List the files explicitly, not via the -# library/generated_files indirection, because otherwise running -# make visualc_files would always consider the visualc files out of date. -$(VISUALC_FILES): library/error.c library/version_features.c +# present before it runs. It doesn't matter if the files aren't up-to-date, +# they just need to be present. +$(VISUALC_FILES): | library/generated_files $(VISUALC_FILES): scripts/generate_visualc_files.pl $(VISUALC_FILES): scripts/data_files/vs2010-app-template.vcxproj $(VISUALC_FILES): scripts/data_files/vs2010-main-template.vcxproj From 425e23ed645f3932ff821388385259badacc98de Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 20 May 2021 11:15:13 +0200 Subject: [PATCH 207/271] Fix notes for is384 parameter Signed-off-by: Mateusz Starzyk --- include/mbedtls/sha512.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h index a348fc1b53..c10794814c 100644 --- a/include/mbedtls/sha512.h +++ b/include/mbedtls/sha512.h @@ -101,8 +101,8 @@ void mbedtls_sha512_clone( mbedtls_sha512_context *dst, * \param is384 Determines which function to use. This must be * either \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is defined, - * \p is384 must be \c 1, or the function will return + * \note When \c MBEDTLS_SHA384_C is not defined, + * \p is384 must be \c 0, or the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. @@ -175,8 +175,8 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, * \param is384 Determines which function to use. This must be either * \c 0 for SHA-512, or \c 1 for SHA-384. * - * \note When \c MBEDTLS_SHA384_C is defined, \p is384 must - * be \c 1, or the function will return + * \note When \c MBEDTLS_SHA384_C is not defined, \p is384 must + * be \c 0, or the function will return * #MBEDTLS_ERR_SHA512_BAD_INPUT_DATA. * * \return \c 0 on success. From 4b3dfd0a96c81a7a927146c635fb9cd8ce7ea96b Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 20 May 2021 11:16:59 +0200 Subject: [PATCH 208/271] Fix test data description Signed-off-by: Mateusz Starzyk --- tests/suites/test_suite_ssl.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index c5390b2b1a..ab001306df 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -9264,7 +9264,7 @@ SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.X not enabled depends_on:!MBEDTLS_SSL_PROTO_TLS1:!MBEDTLS_SSL_PROTO_TLS1_1 ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 SHA-512 not enabled +SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 SHA-384 not enabled depends_on:!MBEDTLS_SHA384_C ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE From 7f312c811b6a3f3889c0c24cf8edf46e27318f36 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 May 2021 11:51:46 +0200 Subject: [PATCH 209/271] Add migration guides for GCM Signed-off-by: Gilles Peskine --- docs/3.0-migration-guide.d/gcm-alt.md | 10 ++++++++++ docs/3.0-migration-guide.d/gcm-multipart.md | 15 +++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 docs/3.0-migration-guide.d/gcm-alt.md create mode 100644 docs/3.0-migration-guide.d/gcm-multipart.md diff --git a/docs/3.0-migration-guide.d/gcm-alt.md b/docs/3.0-migration-guide.d/gcm-alt.md new file mode 100644 index 0000000000..388e2bedd5 --- /dev/null +++ b/docs/3.0-migration-guide.d/gcm-alt.md @@ -0,0 +1,10 @@ +GCM interface changes: impact for alternative implementations +------------------------------------------------------------- + +The GCM multipart interface has changed as described in [“GCM multipart interface: application changes”](#gcm-multipart-interface:-application-changes). The consequences for an alternative implementation of GCM (`MBEDTLS_GCM_ALT`) are as follows: + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). The new function `mbedtls_gcm_update_ad()` receives the associated data. It may be called multiple times. +* `mbedtls_gcm_update()` now allows arbitrary-length inputs, takes an extra parameter to indicate the actual output length. Alternative implementations may choose between two modes: + * Always return the partial output immediately, even if it does not consist of a whole number of blocks. + * Buffer the data for the last partial block, to be returned in the next call to `mbedtls_gcm_update()` or `mbedtls_gcm_finish()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block if needed. diff --git a/docs/3.0-migration-guide.d/gcm-multipart.md b/docs/3.0-migration-guide.d/gcm-multipart.md new file mode 100644 index 0000000000..f37f7e8e01 --- /dev/null +++ b/docs/3.0-migration-guide.d/gcm-multipart.md @@ -0,0 +1,15 @@ +GCM multipart interface: application changes +-------------------------------------------- + +The GCM module now supports arbitrary chunked input in the multipart interface. + +For applications using GCM for multipart operations, this means the following changes: + +* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. +* The current implementation has a limitation that `mbedtls_gcm_update_ad()` may only be called once. This limitation will be lifted shortly; watch https://github.com/ARMmbed/mbedtls/issues/4351 for updates. +* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case: + * As long as the input remains block-aligned, the output length is exactly the input length, as before. + * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. +* `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. + +Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. From 15c7b40ab71e49e50a8bb82667b3794c884fcd9c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 May 2021 12:11:19 +0200 Subject: [PATCH 210/271] Reorder the text to say who is affected first Signed-off-by: Gilles Peskine --- docs/3.0-migration-guide.d/gcm-multipart.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/docs/3.0-migration-guide.d/gcm-multipart.md b/docs/3.0-migration-guide.d/gcm-multipart.md index f37f7e8e01..98e9fad2e1 100644 --- a/docs/3.0-migration-guide.d/gcm-multipart.md +++ b/docs/3.0-migration-guide.d/gcm-multipart.md @@ -2,8 +2,8 @@ GCM multipart interface: application changes -------------------------------------------- The GCM module now supports arbitrary chunked input in the multipart interface. - -For applications using GCM for multipart operations, this means the following changes: +This changes the interface for applications using the GCM module directly for multipart operations. +Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. * `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data. * The current implementation has a limitation that `mbedtls_gcm_update_ad()` may only be called once. This limitation will be lifted shortly; watch https://github.com/ARMmbed/mbedtls/issues/4351 for updates. @@ -11,5 +11,3 @@ For applications using GCM for multipart operations, this means the following ch * As long as the input remains block-aligned, the output length is exactly the input length, as before. * If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`. * `mbedtls_gcm_finish()` now takes an extra output buffer for the last partial block. This is needed for alternative implementations that can only process a whole block at a time. - -Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes. From f505b0e30717172ec1abcebcf4c4eeadfa9e8878 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 20 May 2021 12:20:55 +0100 Subject: [PATCH 211/271] Removes unused variables in test_suite_rsa.function CI was failing on check_params due to MBEDTLS_RSA_PRIVATE being assigned to a now superfluous variable. The variable has been as well as another superfluous variable. This should correct the CI issue. Signed-off-by: Thomas Daubney --- tests/suites/test_suite_rsa.function | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function index 442e857ed7..efea5c169a 100644 --- a/tests/suites/test_suite_rsa.function +++ b/tests/suites/test_suite_rsa.function @@ -23,8 +23,6 @@ void rsa_invalid_param( ) mbedtls_rsa_context ctx; const int valid_padding = MBEDTLS_RSA_PKCS_V21; const int invalid_padding = 42; - const int valid_mode = MBEDTLS_RSA_PRIVATE; - const int invalid_mode = 42; unsigned char buf[42] = { 0 }; size_t olen; From 3489cc14333e023bfe55a0f0cc08e47f7b6ac75b Mon Sep 17 00:00:00 2001 From: Mateusz Starzyk Date: Thu, 20 May 2021 13:52:48 +0200 Subject: [PATCH 212/271] Improve migration guide for SHA384 option Signed-off-by: Mateusz Starzyk --- .../modify_SHA384_option_behaviour.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md index 0efe14aa71..fe6c75ec9e 100644 --- a/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md +++ b/docs/3.0-migration-guide.d/modify_SHA384_option_behaviour.md @@ -5,5 +5,8 @@ This does not affect users who use the default `config.h`. MBEDTLS_SHA512_NO_SHA384 was disabled by default, now MBEDTLS_SHA384_C is enabled by default. -If you were using a config file with MBEDTLS_SHA512_NO_SHA384 enabled, -then just remove it (don't define MBEDTLS_SHA384_C). +If you were using a config file with both MBEDTLS_SHA512_C and +MBEDTLS_SHA512_NO_SHA384, then just remove the MBEDTLS_SHA512_NO_SHA384. +If you were using a config file with MBEDTLS_SHA512_C and without +MBEDTLS_SHA512_NO_SHA384 and you need the SHA-384 algorithm, then add +`#define MBEDTLS_SHA384_C` to your config file. From 03412787e16c1e248501286764b4f690ef21d6cf Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 20 May 2021 15:31:17 +0100 Subject: [PATCH 213/271] Modifies documentation in rsa.h Changes to documentation to show that f_rng is no longer going to be optional in 3.0. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 31 +++++++++++-------------------- 1 file changed, 11 insertions(+), 20 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index ecf345e64a..9b5c1db1a5 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -542,11 +542,9 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * of a PRNG. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function, used for blinding. It is discouraged - * and deprecated to pass \c NULL here, in which case - * blinding will be omitted. + * \param f_rng The RNG function, used for blinding. * \param p_rng The RNG context to pass to \p f_rng. This may be \c NULL - * if \p f_rng is \c NULL or if \p f_rng doesn't need a context. + * if \p f_rng doesn't need a context. * \param input The input buffer. This must be a readable buffer * of length \c ctx->len Bytes. For example, \c 256 Bytes * for an 2048-bit RSA modulus. @@ -572,11 +570,9 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * operation. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG to use. It is mandatory for PKCS#1 v2.1 padding - * encoding, and for PKCS#1 v1.5 padding encoding. + * \param f_rng The RNG to use. It is needed for padding generation. * \param p_rng The RNG context to be passed to \p f_rng. May be - * \c NULL if \p f_rng is \c NULL or if \p f_rng doesn't - * need a context argument. + * \c NULL if \p f_rng doesn't need a context argument. * \param ilen The length of the plaintext in Bytes. * \param input The input data to encrypt. This must be a readable * buffer of size \p ilen Bytes. It may be \c NULL if @@ -602,8 +598,7 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * \param ctx The initialized RSA context to use. * \param f_rng The RNG function to use. It is needed for padding generation. * \param p_rng The RNG context to be passed to \p f_rng. This may - * be \c NULL if \p f_rng is \c NULL or if \p f_rng - * doesn't need a context argument. + * be \c NULL if \p f_rng doesn't need a context argument. * \param ilen The length of the plaintext in Bytes. * \param input The input data to encrypt. This must be a readable * buffer of size \p ilen Bytes. It may be \c NULL if @@ -675,7 +670,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * \param f_rng The RNG function. This is used for blinding and should * be provided; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \c NULL if \p f_rng doesn't need a context. * \param olen The address at which to store the length of * the plaintext. This must not be \c NULL. * \param input The ciphertext buffer. This must be a readable buffer @@ -711,7 +706,7 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * \param f_rng The RNG function. This is used for blinding and should * be provided; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \c NULL if \p f_rng doesn't need a context. * \param olen The address at which to store the length of * the plaintext. This must not be \c NULL. * \param input The ciphertext buffer. This must be a readable buffer @@ -746,10 +741,9 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. This is used for blinding and should - * be provided; see mbedtls_rsa_private() for more. + * \param f_rng The RNG function. This is used for blinding. * \param p_rng The RNG context to be passed to \p f_rng. This may be - * \c NULL if \p f_rng is \c NULL or doesn't need a context. + * \c NULL if \p f_rng doesn't need a context. * \param label The buffer holding the custom label to use. * This must be a readable buffer of length \p label_len * Bytes. It may be \c NULL if \p label_len is \c 0. @@ -790,12 +784,9 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * \p md_alg and \p hash_id. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function to use. If the padding mode is PKCS#1 v2.1, - * this must be provided. If the padding mode is PKCS#1 v1.5 - * it is used for blinding and should be provided; - * see mbedtls_rsa_private() for more. + * \param f_rng The RNG function to use. This must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL - * if \p f_rng is \c NULL or doesn't need a context argument. + * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. From ff143c0a348e3ffc603009bb4c1c3b73038c2dd5 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Thu, 20 May 2021 15:56:59 +0100 Subject: [PATCH 214/271] psa: Add missing RSA test dependency The test "PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256)" had a dependency on MBEDTLS_GENPRIME, but this was not listed in the dependencies. Add MBEDTLS_GENPRIME to the test's dependencies to ensure it has what it needs to run. Signed-off-by: Jaeden Amero --- tests/suites/test_suite_psa_crypto.data | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index 7b86185b9b..6fa25d35e0 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -3097,7 +3097,7 @@ depends_on:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTL generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:512:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_PKCS1V15_CRYPT:PSA_SUCCESS:0 PSA generate key: RSA, 1024 bits, good, encrypt (OAEP SHA-256) -depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_MD_C +depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_GENPRIME:MBEDTLS_MD_C generate_key:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):PSA_SUCCESS:0 PSA generate key: RSA, 0 bits: invalid From 424fa93efdd8ef1efb2d459f3ca99f88f8ef4e43 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 14 May 2021 08:34:32 +0100 Subject: [PATCH 215/271] psa: Support RSA signature without MBEDTLS_GENPRIME On space-constrained platforms, it is a useful configuration to be able to import/export and perform RSA key pair operations, but to exclude RSA key generation, potentially saving flash space. It is not possible to express this with the PSA_WANT_ configuration system at the present time. However, in previous versions of Mbed TLS (v2.24.0 and earlier) it was possible to configure a software PSA implementation which was capable of making RSA signatures but not capable of generating RSA keys. To do this, one unset MBEDTLS_GENPRIME. Since the addition of MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR, this expressivity was lost. Expressing that you wanted to work with RSA key pairs forced you to include the ability to generate key pairs as well. Change psa_crypto_rsa.c to only call mbedtls_rsa_gen_key() if MBEDTLS_GENPRIME is also set. This restores the configuration behavior present in Mbed TLS v2.24.0 and earlier versions. It left as a future exercise to add the ability to PSA to be able to express a desire for a software or accelerator configuration that includes RSA key pair operations, like signature, but excludes key pair generation. Without this change, linker errors will occur when attempts to call, which doesn't exist when MBEDTLS_GENPRIME is unset. psa_crypto_rsa.c.obj: in function `rsa_generate_key': psa_crypto_rsa.c:320: undefined reference to `mbedtls_rsa_gen_key' Fixes #4512 Signed-off-by: Jaeden Amero --- ChangeLog.d/psa-without-genprime-fix.txt | 5 +++++ library/psa_crypto.c | 6 ++++-- library/psa_crypto_rsa.c | 12 ++++++++---- tests/scripts/all.sh | 9 +++++++++ 4 files changed, 26 insertions(+), 6 deletions(-) create mode 100644 ChangeLog.d/psa-without-genprime-fix.txt diff --git a/ChangeLog.d/psa-without-genprime-fix.txt b/ChangeLog.d/psa-without-genprime-fix.txt new file mode 100644 index 0000000000..8a7153a9cd --- /dev/null +++ b/ChangeLog.d/psa-without-genprime-fix.txt @@ -0,0 +1,5 @@ +Bugfix + * Restore the ability to configure PSA via Mbed TLS options to support RSA + key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME + is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key(). + Fixes #4512. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 2583735fe9..b887bbd749 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4637,7 +4637,8 @@ psa_status_t psa_generate_key_internal( } else -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ + defined(MBEDTLS_GENPRIME) if ( type == PSA_KEY_TYPE_RSA_KEY_PAIR ) { return( mbedtls_psa_rsa_generate_key( attributes, @@ -4646,7 +4647,8 @@ psa_status_t psa_generate_key_internal( key_buffer_length ) ); } else -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + * defined(MBEDTLS_GENPRIME) */ #if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) if ( PSA_KEY_TYPE_IS_ECC( type ) && PSA_KEY_TYPE_IS_KEY_PAIR( type ) ) diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c index 686f07d334..c62294a9af 100644 --- a/library/psa_crypto_rsa.c +++ b/library/psa_crypto_rsa.c @@ -274,7 +274,8 @@ static psa_status_t rsa_export_public_key( #endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) +#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ + defined(MBEDTLS_GENPRIME) static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters, size_t domain_parameters_size, int *exponent ) @@ -332,7 +333,8 @@ static psa_status_t rsa_generate_key( return( status ); } -#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */ +#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + * defined(MBEDTLS_GENPRIME) */ /****************************************************************/ /* Sign/verify hashes */ @@ -565,7 +567,8 @@ psa_status_t mbedtls_psa_rsa_export_public_key( #endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */ -#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) +#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \ + defined(MBEDTLS_GENPRIME) psa_status_t mbedtls_psa_rsa_generate_key( const psa_key_attributes_t *attributes, uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length ) @@ -573,7 +576,8 @@ psa_status_t mbedtls_psa_rsa_generate_key( return( rsa_generate_key( attributes, key_buffer, key_buffer_size, key_buffer_length ) ); } -#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) */ +#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) + * defined(MBEDTLS_GENPRIME) */ #if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 8b9d7d172d..a012c0f8d0 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -809,6 +809,15 @@ component_test_psa_crypto_client () { make test } +component_test_psa_crypto_rsa_no_genprime() { + msg "build: default config minus MBEDTLS_GENPRIME" + scripts/config.py unset MBEDTLS_GENPRIME + make + + msg "test: default config minus MBEDTLS_GENPRIME" + make test +} + component_test_ref_configs () { msg "test/build: ref-configs (ASan build)" # ~ 6 min 20s CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . From 2c65db96553e15438b8a7c43ea3d76aaa68f5643 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 21 May 2021 10:58:28 +0100 Subject: [PATCH 216/271] Corrects documentation in rsa.h Some documentation in rsa.h was still incorrect regarding f_rng being mandatory. This has now been corrected. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 9b5c1db1a5..494e2f2c22 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -421,7 +421,7 @@ size_t mbedtls_rsa_get_len( const mbedtls_rsa_context *ctx ); * * \param ctx The initialized RSA context used to hold the key. * \param f_rng The RNG function to be used for key generation. - * This must not be \c NULL. + * This is mandatory and must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. * This may be \c NULL if \p f_rng doesn't need a context. * \param nbits The size of the public key in bits. @@ -542,7 +542,7 @@ int mbedtls_rsa_public( mbedtls_rsa_context *ctx, * of a PRNG. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function, used for blinding. + * \param f_rng The RNG function, used for blinding. It is mandatory. * \param p_rng The RNG context to pass to \p f_rng. This may be \c NULL * if \p f_rng doesn't need a context. * \param input The input buffer. This must be a readable buffer @@ -570,7 +570,8 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * operation. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG to use. It is needed for padding generation. + * \param f_rng The RNG to use. It used for padding generation + * and it is mandatory. * \param p_rng The RNG context to be passed to \p f_rng. May be * \c NULL if \p f_rng doesn't need a context argument. * \param ilen The length of the plaintext in Bytes. @@ -596,7 +597,8 @@ int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx, * (RSAES-PKCS1-v1_5-ENCRYPT). * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function to use. It is needed for padding generation. + * \param f_rng The RNG function to use. It is mandatory and used for + * padding generation. * \param p_rng The RNG context to be passed to \p f_rng. This may * be \c NULL if \p f_rng doesn't need a context argument. * \param ilen The length of the plaintext in Bytes. @@ -626,7 +628,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx, * * \param ctx The initnialized RSA context to use. * \param f_rng The RNG function to use. This is needed for padding - * generation and must be provided. + * generation and is mandatory. * \param p_rng The RNG context to be passed to \p f_rng. This may * be \c NULL if \p f_rng doesn't need a context argument. * \param label The buffer holding the custom label to use. @@ -667,8 +669,8 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx, * the function returns \c MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. This is used for blinding and should - * be provided; see mbedtls_rsa_private() for more. + * \param f_rng The RNG function. This is used for blinding and is + * mandatory; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng doesn't need a context. * \param olen The address at which to store the length of @@ -703,8 +705,8 @@ int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx, * the function returns #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. This is used for blinding and should - * be provided; see mbedtls_rsa_private() for more. + * \param f_rng The RNG function. This is used for blinding and is + * mandatory; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng doesn't need a context. * \param olen The address at which to store the length of @@ -741,7 +743,8 @@ int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx, * #MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. This is used for blinding. + * \param f_rng The RNG function. This is used for blinding and is + * mandatory. * \param p_rng The RNG context to be passed to \p f_rng. This may be * \c NULL if \p f_rng doesn't need a context. * \param label The buffer holding the custom label to use. @@ -784,7 +787,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx, * \p md_alg and \p hash_id. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function to use. This must not be \c NULL. + * \param f_rng The RNG function to use. This is mandatory and + * must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. @@ -817,10 +821,10 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx, * operation (RSASSA-PKCS1-v1_5-SIGN). * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. This is used for blinding and should be - * provided; see mbedtls_rsa_private() for more. + * \param f_rng The RNG function. This is used for blinding and is + * mandatory; see mbedtls_rsa_private() for more. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL - * if \p f_rng is \c NULL or doesn't need a context argument. + * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. * Use #MBEDTLS_MD_NONE for signing raw data. * \param hashlen The length of the message digest. @@ -865,7 +869,7 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, * #MBEDTLS_ERR_RSA_BAD_INPUT_DATA. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. It must not be \c NULL. + * \param f_rng The RNG function. It is mandatory and must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. @@ -921,7 +925,7 @@ int mbedtls_rsa_rsassa_pss_sign_ext( mbedtls_rsa_context *ctx, * #MBEDTLS_ERR_RSA_BAD_INPUT_DATA. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG function. It must not be \c NULL. + * \param f_rng The RNG function. It is mandatory and must not be \c NULL. * \param p_rng The RNG context to be passed to \p f_rng. This may be \c NULL * if \p f_rng doesn't need a context argument. * \param md_alg The message-digest algorithm used to hash the original data. From d58ed587fda2059fc30a56e140de2d654b4d5637 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 21 May 2021 11:50:39 +0100 Subject: [PATCH 217/271] Restores erroneously removed checks Some padding checks in rsa.c were erroneously removed in a previous commit and are restored in this commit. Signed-off-by: Thomas Daubney --- library/rsa.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/library/rsa.c b/library/rsa.c index c3b54afda2..36424bd193 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -1764,6 +1764,9 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx, hash != NULL ); RSA_VALIDATE_RET( sig != NULL ); + if( ctx->padding != MBEDTLS_RSA_PKCS_V21 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + if( f_rng == NULL ) return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); @@ -2054,6 +2057,9 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx, hash != NULL ); RSA_VALIDATE_RET( sig != NULL ); + if( ctx->padding != MBEDTLS_RSA_PKCS_V15 ) + return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); + /* * Prepare PKCS1-v1.5 encoding (padding and hash identifier) */ From 62b0d1dbc83fa49d8b84f9eeacd37d6f637093b1 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 21 May 2021 16:55:03 +0100 Subject: [PATCH 218/271] Adds ChangeLog and Migration guide entry Commit adds relevant entry to the ChangeLog and to the Migration guide. Signed-off-by: Thomas Daubney --- ChangeLog.d/remove-rsa-mode-parameter.txt | 6 ++++++ .../remove-rsa-mode-parameter.md | 20 +++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 ChangeLog.d/remove-rsa-mode-parameter.txt create mode 100644 docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt new file mode 100644 index 0000000000..7ee3adb957 --- /dev/null +++ b/ChangeLog.d/remove-rsa-mode-parameter.txt @@ -0,0 +1,6 @@ +API changes + * Remove mode parameter from RSA functions. All encryption, + decryption, sign and verify functions are affected. Also + removes the RNG parameters from the RSA verify functions. + Existing user code which utilises these RSA functions must + remove the mode parameter. diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md new file mode 100644 index 0000000000..61100d3f30 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md @@ -0,0 +1,20 @@ +Remove the mode parameter from RSA functions +-------------------------------------------- + +This affects all users who use the RSA encryption, decryption, sign and +verify APIs. + +If you were using the mode parameter to specify the wrong mode then +this behaviour is no longer supported. You must delete the mode +parameter from your RSA function calls. + + +Remove the RNG parameter from RSA functions +-------------------------------------------- + +This affects all users who use the RSA verify functions. + +If you were using the RNG parameters then you must remove +them from your function calls. Since usiong the wrong mode +is no longer supported, the RNG parameters namely f_rng +and p_rng are no longer needed. From f54c5c5547483789f06c6337b5f4f52dec76dc61 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 21 May 2021 17:00:30 +0100 Subject: [PATCH 219/271] Fixes typo Commit fixes typo in rsa.h found in review. Signed-off-by: Thomas Daubney --- include/mbedtls/rsa.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/rsa.h b/include/mbedtls/rsa.h index 494e2f2c22..ba00bff31b 100644 --- a/include/mbedtls/rsa.h +++ b/include/mbedtls/rsa.h @@ -570,7 +570,7 @@ int mbedtls_rsa_private( mbedtls_rsa_context *ctx, * operation. * * \param ctx The initialized RSA context to use. - * \param f_rng The RNG to use. It used for padding generation + * \param f_rng The RNG to use. It is used for padding generation * and it is mandatory. * \param p_rng The RNG context to be passed to \p f_rng. May be * \c NULL if \p f_rng doesn't need a context argument. From c49d15fdedb40ff3948a946221eb4e3121f0b058 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Sun, 23 May 2021 05:41:21 +0100 Subject: [PATCH 220/271] Use 'version-specific' instead of 'implementation-defined' in API Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f9a5970e15..57d2085e63 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2696,6 +2696,18 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * \brief Configure one or more pre-shared keys (PSKs) and their * identities to be used in PSK-based ciphersuites. * + * This function may be called multiple times to attempt + * to register multiple PSKs. The number of supported PSKs + * is version-specific (see below for the current limit). + * Once the limit is reached, this function fails, maintaining + * the PSKs previously configured and ignoring the excess request. + * This behavior is in contrast to Mbed TLS 2.x, where later + * invocations would overwrite the effect of earlier calls. + * + * \note Currently, the library supports only support a single PSK, + * but this limit is not part of the API and may change in + * future minor versions. + * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. * @@ -2713,15 +2725,6 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * hence need not be preserved by the caller for the lifetime * of the SSL configuration. * - * \note While this function may be called multiple times to - * register multiple PSKs, the number of supported PSKs - * is implementation-defined. Once the limit is reached, - * this function fails, maintaining the PSKs previously - * configured and ignoring the excess request. - * This behavior is in contrast to Mbed TLS 2.x, where - * later invocations would overwrite the effect of earlier - * calls. - * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs * can be configured. In this case, the SSL configuration @@ -2737,6 +2740,18 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \brief Configure one or more opaque pre-shared keys (PSKs) and * their identities to be used in PSK-based ciphersuites. * + * This function may be called multiple times to attempt + * to register multiple PSKs. The number of supported PSKs + * is version-specific (see below for the current limit). + * Once the limit is reached, this function fails, maintaining + * the PSKs previously configured and ignoring the excess request. + * This behavior is in contrast to Mbed TLS 2.x, where later + * invocations would overwrite the effect of earlier calls. + * + * \note Currently, the library supports only support a single PSK, + * but this limit is not part of the API and may change in + * future minor versions. + * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. * @@ -2759,15 +2774,6 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * not be preserved by the caller for the lifetime of the * SSL configuration. * - * \note While this function may be called multiple times to - * register multiple PSKs, the number of supported PSKs - * is implementation-defined. Once the limit is reached, - * this function fails, maintaining the PSKs previously - * configured and ignoring the excess request. - * This behavior is in contrast to Mbed TLS 2.x, where - * later invocations would overwrite the effect of earlier - * calls. - * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs * can be configured. In this case, the SSL configuration From 2fbbe1d2fe395ff7d9aa20f7101168ffb9b82404 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 24 May 2021 10:53:57 +0100 Subject: [PATCH 221/271] Corrections to ChangeLog and Migration guide This commit fixes typos and re-words the migration guide. It also adds the issue number to the ChangeLog. Signed-off-by: Thomas Daubney --- ChangeLog.d/remove-rsa-mode-parameter.txt | 2 +- .../remove-rsa-mode-parameter.md | 13 ++++++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt index 7ee3adb957..b7c6f327f8 100644 --- a/ChangeLog.d/remove-rsa-mode-parameter.txt +++ b/ChangeLog.d/remove-rsa-mode-parameter.txt @@ -3,4 +3,4 @@ API changes decryption, sign and verify functions are affected. Also removes the RNG parameters from the RSA verify functions. Existing user code which utilises these RSA functions must - remove the mode parameter. + remove the mode parameter. Fixes #4278. diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md index 61100d3f30..406004f45d 100644 --- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md +++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md @@ -4,10 +4,13 @@ Remove the mode parameter from RSA functions This affects all users who use the RSA encryption, decryption, sign and verify APIs. -If you were using the mode parameter to specify the wrong mode then -this behaviour is no longer supported. You must delete the mode -parameter from your RSA function calls. - +You must delete the mode parameter from your RSA function calls. +Using the correct modes are now the default and only behaviour, and this +cannot be changed. If you were using the mode parameter to specify the +wrong mode then this behaviour is no longer supported. For reference the +correct, supported modes are: Public keys for encryption and verification +functions and private keys for decryption and signing functions, but the +user does not have to specify this. Remove the RNG parameter from RSA functions -------------------------------------------- @@ -15,6 +18,6 @@ Remove the RNG parameter from RSA functions This affects all users who use the RSA verify functions. If you were using the RNG parameters then you must remove -them from your function calls. Since usiong the wrong mode +them from your function calls. Since using the wrong mode is no longer supported, the RNG parameters namely f_rng and p_rng are no longer needed. From 0f82ec67409aea9516795e301492a6ab240b4de7 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 12 May 2021 17:49:18 +0200 Subject: [PATCH 222/271] Remove the TLS 1.0 and 1.1 support Signed-off-by: TRodziewicz --- configs/config-mini-tls1_1.h | 79 ---- include/mbedtls/check_config.h | 37 +- include/mbedtls/config.h | 51 +-- include/mbedtls/ssl.h | 30 +- library/ssl_cli.c | 66 +-- library/ssl_cookie.c | 3 +- library/ssl_misc.h | 39 +- library/ssl_msg.c | 84 ++-- library/ssl_srv.c | 45 +- library/ssl_tls.c | 393 +--------------- programs/ssl/ssl_client2.c | 40 +- programs/ssl/ssl_server2.c | 34 +- tests/compat.sh | 18 +- tests/scripts/basic-build-test.sh | 2 +- tests/scripts/test-ref-configs.pl | 3 - tests/ssl-opt.sh | 719 ------------------------------ 16 files changed, 84 insertions(+), 1559 deletions(-) delete mode 100644 configs/config-mini-tls1_1.h diff --git a/configs/config-mini-tls1_1.h b/configs/config-mini-tls1_1.h deleted file mode 100644 index 83d1ab713c..0000000000 --- a/configs/config-mini-tls1_1.h +++ /dev/null @@ -1,79 +0,0 @@ -/** - * \file config-mini-tls1_1.h - * - * \brief Minimal configuration for TLS 1.1 (RFC 4346) - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the - * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA - * - * See README.txt for usage instructions. - */ - -#ifndef MBEDTLS_CONFIG_H -#define MBEDTLS_CONFIG_H - -/* System support */ -#define MBEDTLS_HAVE_ASM -#define MBEDTLS_HAVE_TIME - -/* mbed TLS feature support */ -#define MBEDTLS_CIPHER_MODE_CBC -#define MBEDTLS_PKCS1_V15 -#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED -#define MBEDTLS_SSL_PROTO_TLS1_1 - -/* mbed TLS modules */ -#define MBEDTLS_AES_C -#define MBEDTLS_ASN1_PARSE_C -#define MBEDTLS_ASN1_WRITE_C -#define MBEDTLS_BIGNUM_C -#define MBEDTLS_CIPHER_C -#define MBEDTLS_CTR_DRBG_C -#define MBEDTLS_DES_C -#define MBEDTLS_ENTROPY_C -#define MBEDTLS_MD_C -#define MBEDTLS_MD5_C -#define MBEDTLS_NET_C -#define MBEDTLS_OID_C -#define MBEDTLS_PK_C -#define MBEDTLS_PK_PARSE_C -#define MBEDTLS_RSA_C -#define MBEDTLS_SHA1_C -/* The library does not currently support enabling SHA-224 without SHA-256. - * A future version of the library will have this option disabled - * by default. */ -#define MBEDTLS_SHA224_C -#define MBEDTLS_SHA256_C -#define MBEDTLS_SSL_CLI_C -#define MBEDTLS_SSL_SRV_C -#define MBEDTLS_SSL_TLS_C -#define MBEDTLS_X509_CRT_PARSE_C -#define MBEDTLS_X509_USE_C - -/* For test certificates */ -#define MBEDTLS_BASE64_C -#define MBEDTLS_PEM_PARSE_C - -/* For testing with compat.sh */ -#define MBEDTLS_FS_IO - -#include "mbedtls/check_config.h" - -#endif /* MBEDTLS_CONFIG_H */ diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 7cb6967b23..389ae2a718 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -621,16 +621,6 @@ #error "MBEDTLS_SHA256_C defined without MBEDTLS_SHA224_C" #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \ - !defined(MBEDTLS_SHA1_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) && ( !defined(MBEDTLS_MD5_C) || \ - !defined(MBEDTLS_SHA1_C) ) -#error "MBEDTLS_SSL_PROTO_TLS1_1 defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && ( !defined(MBEDTLS_SHA1_C) && \ !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) ) #error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" @@ -641,8 +631,7 @@ #error "MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL defined, but not all prerequisites" #endif -#if (defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) ||\ - defined(MBEDTLS_SSL_PROTO_TLS1_2)) && \ +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ !(defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ @@ -659,7 +648,6 @@ #endif #if defined(MBEDTLS_SSL_PROTO_DTLS) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) #error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites" #endif @@ -677,16 +665,10 @@ #error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_TLS_C) && (!defined(MBEDTLS_SSL_PROTO_TLS1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1_2)) +#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_SSL_PROTO_TLS1_2) #error "MBEDTLS_SSL_TLS_C defined, but no protocols are active" #endif -#if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_TLS1) && \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_SSL_PROTO_TLS1_1)) -#error "Illegal protocol selection" -#endif - #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && !defined(MBEDTLS_SSL_PROTO_DTLS) #error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites" #endif @@ -724,15 +706,11 @@ #endif #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) #error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" #endif #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1) && \ - !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) #error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" #endif @@ -741,10 +719,6 @@ #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && !defined(MBEDTLS_SSL_PROTO_TLS1) -#error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ !defined(MBEDTLS_X509_CRT_PARSE_C) #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" @@ -859,6 +833,13 @@ #error "MBEDTLS_ZLIB_SUPPORT was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4031" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1) //no-check-names +#error "MBEDTLS_SSL_PROTO_TLS1 (TLS v1.0 support) was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4286" +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) //no-check-names +#error "MBEDTLS_SSL_PROTO_TLS1_1 (TLS v1.1 support) was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4286" +#endif /* * Avoid warning from -pedantic. This is a convenient place for this diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2c6ae3d1d3..4905b92430 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1530,9 +1530,7 @@ * * This only affects CBC ciphersuites, and is useless if none is defined. * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 + * Requires: MBEDTLS_SSL_PROTO_TLS1_2 * * Comment this macro to disable support for Encrypt-then-MAC */ @@ -1548,9 +1546,7 @@ * renegotiation), since it actually fixes a more fundamental issue in the * original SSL/TLS design, and has implications beyond Triple Handshake. * - * Requires: MBEDTLS_SSL_PROTO_TLS1 or - * MBEDTLS_SSL_PROTO_TLS1_1 or - * MBEDTLS_SSL_PROTO_TLS1_2 + * Requires: MBEDTLS_SSL_PROTO_TLS1_2 * * Comment this macro to disable support for Extended Master Secret. */ @@ -1599,7 +1595,7 @@ /** * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING * - * Enable 1/n-1 record splitting for CBC mode in TLS 1.0. + * Enable 1/n-1 record splitting for CBC mode in TLS. * * This is a countermeasure to the BEAST attack, which also minimizes the risk * of interoperability issues compared to sending 0-length records. @@ -1649,30 +1645,6 @@ */ #define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH -/** - * \def MBEDTLS_SSL_PROTO_TLS1 - * - * Enable support for TLS 1.0. - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1 - -/** - * \def MBEDTLS_SSL_PROTO_TLS1_1 - * - * Enable support for TLS 1.1 (and DTLS 1.0 if DTLS is enabled). - * - * Requires: MBEDTLS_MD5_C - * MBEDTLS_SHA1_C - * - * Comment this macro to disable support for TLS 1.1 / DTLS 1.0 - */ -#define MBEDTLS_SSL_PROTO_TLS1_1 - /** * \def MBEDTLS_SSL_PROTO_TLS1_2 * @@ -1709,11 +1681,9 @@ * * Enable support for DTLS (all available versions). * - * Enable this and MBEDTLS_SSL_PROTO_TLS1_1 to enable DTLS 1.0, - * and/or this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. + * Enable this and MBEDTLS_SSL_PROTO_TLS1_2 to enable DTLS 1.2. * - * Requires: MBEDTLS_SSL_PROTO_TLS1_1 - * or MBEDTLS_SSL_PROTO_TLS1_2 + * Requires: MBEDTLS_SSL_PROTO_TLS1_2 * * Comment this macro to disable support for DTLS */ @@ -2738,10 +2708,9 @@ * library/pem.c * library/ssl_tls.c * - * This module is required for SSL/TLS up to version 1.1, and for TLS 1.2 - * depending on the handshake parameters. Further, it is used for checking - * MD5-signed certificates, and for PBKDF1 when decrypting PEM-encoded - * encrypted keys. + * This module is required for TLS 1.2 depending on the handshake parameters. + * Further, it is used for checking MD5-signed certificates, and for PBKDF1 + * when decrypting PEM-encoded encrypted keys. * * \warning MD5 is considered a weak message digest and its use constitutes a * security risk. If possible, we recommend avoiding dependencies on @@ -3061,8 +3030,8 @@ * library/ssl_tls.c * library/x509write_crt.c * - * This module is required for SSL/TLS up to version 1.1, for TLS 1.2 - * depending on the handshake parameters, and for SHA1-signed certificates. + * This module is required for TLS 1.2 depending on the handshake parameters, + * and for SHA1-signed certificates. * * \warning SHA-1 is considered a weak message digest and its use constitutes * a security risk. If possible, we recommend avoiding dependencies diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 88a599c18c..39661cbac2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -131,8 +131,8 @@ * - RFC 8446: see section 4.2.1 */ #define MBEDTLS_SSL_MAJOR_VERSION_3 3 -#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ -#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ +#define MBEDTLS_SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 deprecated */ +#define MBEDTLS_SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 deprecated */ #define MBEDTLS_SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ #define MBEDTLS_SSL_MINOR_VERSION_4 4 /*!< TLS v1.3 (experimental) */ @@ -2602,8 +2602,7 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, * MBEDTLS_SSL_MINOR_VERSION_2, * MBEDTLS_SSL_MINOR_VERSION_3 supported) * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 - * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 */ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, const int *ciphersuites, @@ -3253,8 +3252,7 @@ void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ss * * \note This ignores ciphersuites from higher versions. * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and - * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 * * \param conf SSL configuration * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) @@ -3265,13 +3263,12 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino /** * \brief Set the minimum accepted SSL/TLS protocol version - * (Default: TLS 1.0) + * (Default: TLS 1.2) * * \note Input outside of the SSL_MAX_XXXXX_VERSION and * SSL_MIN_XXXXX_VERSION range is ignored. * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 and - * MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * \note With DTLS, MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 * * \param conf SSL configuration * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) @@ -3398,21 +3395,6 @@ int mbedtls_ssl_conf_max_frag_len( mbedtls_ssl_config *conf, unsigned char mfl_c void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ); #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -/** - * \brief Enable / Disable 1/n-1 record splitting - * (Default: MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED) - * - * \note Only affects TLS 1.0, not higher versions. - * Does not affect non-CBC ciphersuites in any version. - * - * \param conf SSL configuration - * \param split MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED or - * MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED - */ -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ); -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) /** * \brief Enable / Disable session tickets (client only). diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0bb9592707..3f7f684746 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1951,12 +1951,8 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); p += 2; - /* - * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) - * even is lower than our min version. - */ if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || - minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || + minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 || major_ver > ssl->conf->max_major_ver || minor_ver > ssl->conf->max_minor_ver ) { @@ -2843,8 +2839,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, return( ret ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( len_bytes == 2 ) { ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); @@ -3238,17 +3233,6 @@ start_processing: } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { - pk_alg = mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); - - /* Default hash for ECDSA is SHA-1 */ - if( pk_alg == MBEDTLS_PK_ECDSA && md_alg == MBEDTLS_MD_NONE ) - md_alg = MBEDTLS_MD_SHA1; - } - else -#endif { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -3285,19 +3269,7 @@ start_processing: /* * Compute the hash that has been signed */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { - hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, params, - params_len ); - if( ret != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( md_alg != MBEDTLS_MD_NONE ) { ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, @@ -3307,8 +3279,7 @@ start_processing: return( ret ); } else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -4113,35 +4084,6 @@ sign: ssl->handshake->calc_verify( ssl, hash, &hashlen ); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - /* - * digitally-signed struct { - * opaque md5_hash[16]; - * opaque sha_hash[20]; - * }; - * - * md5_hash - * MD5(handshake_messages); - * - * sha_hash - * SHA(handshake_messages); - */ - md_alg = MBEDTLS_MD_NONE; - - /* - * For ECDSA, default hash is SHA-1 only - */ - if( mbedtls_pk_can_do( mbedtls_ssl_own_key( ssl ), MBEDTLS_PK_ECDSA ) ) - { - hash_start += 16; - hashlen -= 16; - md_alg = MBEDTLS_MD_SHA1; - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index b0b2eb303d..40b8913b8b 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -41,8 +41,7 @@ /* * If DTLS is in use, then at least one of SHA-1, SHA-256, SHA-512 is - * available. Try SHA-256 first, 512 wastes resources since we need to stay - * with max 32 bytes of cookie for DTLS 1.0 + * available. Try SHA-256 first, 512 wastes resources */ #if defined(MBEDTLS_SHA224_C) #define COOKIE_MD MBEDTLS_MD_SHA224 diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 180f4d8dc8..a5a12ceb20 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -68,17 +68,9 @@ /* Determine minimum supported version */ #define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 -#if defined(MBEDTLS_SSL_PROTO_TLS1) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 -#else #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ #define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 #define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 @@ -88,15 +80,6 @@ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_2 -#else -#if defined(MBEDTLS_SSL_PROTO_TLS1) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 -#else -#endif /* MBEDTLS_SSL_PROTO_TLS1 */ -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 */ #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* Shorthand for restartable ECC */ @@ -153,11 +136,9 @@ #define MBEDTLS_SSL_SOME_SUITES_USE_STREAM #endif -/* This macro determines whether the CBC construct used in TLS 1.0-1.2 is supported. */ +/* This macro determines whether the CBC construct used in TLS 1.2 is supported. */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) ) + defined(MBEDTLS_SSL_PROTO_TLS1_2) #define MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC #endif @@ -550,10 +531,6 @@ struct mbedtls_ssl_handshake_params /* * Checksum contexts */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_context fin_md5; - mbedtls_sha1_context fin_sha1; -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1202,21 +1179,13 @@ static inline int mbedtls_ssl_safer_memcmp( const void *a, const void *b, size_t return( diff ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* The hash buffer must have at least MBEDTLS_MD_MAX_SIZE bytes of length. */ int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, unsigned char *hash, size_t *hashlen, unsigned char *data, size_t data_len, mbedtls_md_type_t md_alg ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #ifdef __cplusplus } diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 609aa98641..540d5d1f64 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -519,9 +519,9 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, #endif /* The PRNG is used for dynamic IV generation that's used - * for CBC transformations in TLS 1.1 and TLS 1.2. */ + * for CBC transformations in TLS 1.2. */ #if !( defined(MBEDTLS_SSL_SOME_SUITES_USE_CBC) && \ - ( defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) ) ) + defined(MBEDTLS_SSL_PROTO_TLS1_2) ) ((void) f_rng); ((void) p_rng); #endif @@ -644,8 +644,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "Buffer provided for encrypted record not large enough" ) ); return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { unsigned char mac[MBEDTLS_SSL_MAC_ADD]; @@ -835,12 +834,12 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, rec->data_len += padlen + 1; post_avail -= padlen + 1; -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* - * Prepend per-record IV for block cipher in TLS v1.1 and up as per + * Prepend per-record IV for block cipher in TLS v1.2 * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) { if( f_rng == NULL ) { @@ -865,7 +864,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, transform->ivlen ); } -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %" MBEDTLS_PRINTF_SIZET ", " "including %" MBEDTLS_PRINTF_SIZET @@ -889,22 +888,9 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1) - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { - /* - * Save IV in TLS1 - */ - memcpy( transform->iv_enc, transform->cipher_ctx_enc.iv, - transform->ivlen ); - } - else -#endif - { - data -= transform->ivlen; - rec->data_offset -= transform->ivlen; - rec->data_len += transform->ivlen; - } + data -= transform->ivlen; + rec->data_offset -= transform->ivlen; + rec->data_len += transform->ivlen; #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) if( auth_done == 0 ) @@ -1381,8 +1367,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* * Check immediate ciphertext sanity */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) { /* The ciphertext is prefixed with the CBC IV. */ minlen += transform->ivlen; @@ -1487,11 +1473,11 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, return( MBEDTLS_ERR_SSL_INVALID_MAC ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* - * Initialize for prepended IV for block cipher in TLS v1.1 and up + * Initialize for prepended IV for block cipher in TLS v1.2 */ - if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) + if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) { /* Safe because data_len >= minlen + ivlen = 2 * ivlen. */ memcpy( transform->iv_dec, data, transform->ivlen ); @@ -1500,7 +1486,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, rec->data_offset += transform->ivlen; rec->data_len -= transform->ivlen; } -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* We still have data_len % ivlen == 0 and data_len >= ivlen here. */ @@ -1519,20 +1505,6 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1) - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) - { - /* - * Save IV in TLS1, where CBC decryption of consecutive - * records is equivalent to CBC decryption of the concatenation - * of the records; in other words, IVs are maintained across - * record decryptions. - */ - memcpy( transform->iv_dec, transform->cipher_ctx_dec.iv, - transform->ivlen ); - } -#endif - /* Safe since data_len >= minlen + maclen + 1, so after having * subtracted at most minlen and maclen up to this point, * data_len > 0 (because of data_len % ivlen == 0, it's actually @@ -1573,8 +1545,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, /* Regardless of the validity of the padding, * we have data_len >= padlen here. */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* The padding check involves a series of up to 256 * consecutive memory reads at the end of the record * plaintext buffer. In order to hide the length and @@ -1609,8 +1580,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, #endif padlen &= mbedtls_ssl_cf_mask_from_bit( correct ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ /* If the padding was found to be invalid, padlen == 0 * and the subtraction is safe. If the padding was found valid, @@ -1657,8 +1627,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, ssl_extract_add_data_from_record( add_data, &add_data_len, rec, transform->minor_ver ); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* * The next two sizes are the minimum and maximum values of * data_len over all padlen values. @@ -1686,8 +1655,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl, rec->data_len, min_len, max_len, transform->maclen ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_DEBUG_ALL) MBEDTLS_SSL_DEBUG_BUF( 4, "expected mac", mac_expect, transform->maclen ); @@ -5058,10 +5026,10 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) /* For TLS 1.1 or higher, an explicit IV is added * after the record header. */ -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_2 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) transform_expansion += block_size; -#endif /* MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ break; @@ -5201,8 +5169,7 @@ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { if( ( ret = mbedtls_ssl_send_alert_message( ssl, @@ -5213,8 +5180,7 @@ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) } } else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 73b79daf8c..fb7ba975f9 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3199,14 +3199,6 @@ curve_matching_done: } else #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) - { - /* B: Default hash SHA1 */ - md_alg = MBEDTLS_MD_SHA1; - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ { /* C: MD5 + SHA1 */ md_alg = MBEDTLS_MD_NONE; @@ -3217,20 +3209,7 @@ curve_matching_done: /* * 2.2: Compute the hash to be signed */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( md_alg == MBEDTLS_MD_NONE ) - { - hashlen = 36; - ret = mbedtls_ssl_get_key_exchange_md_ssl_tls( ssl, hash, - dig_signed, - dig_signed_len ); - if( ret != 0 ) - return( ret ); - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( md_alg != MBEDTLS_MD_NONE ) { ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen, @@ -3241,8 +3220,7 @@ curve_matching_done: return( ret ); } else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -3556,8 +3534,7 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, /* * Prepare to decrypt the premaster using own private RSA key */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if ( p + 2 > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); @@ -4177,22 +4154,6 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) * opaque signature<0..2^16-1>; * } DigitallySigned; */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 ) - { - md_alg = MBEDTLS_MD_NONE; - hashlen = 36; - - /* For ECDSA, use SHA-1, not MD-5 + SHA-1 */ - if( mbedtls_pk_can_do( peer_pk, MBEDTLS_PK_ECDSA ) ) - { - hash_start += 16; - hashlen -= 16; - md_alg = MBEDTLS_MD_SHA1; - } - } - else -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 170d563bdb..58675dbede 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -324,122 +324,6 @@ static void handle_buffer_resizing( mbedtls_ssl_context *ssl, int downsizing, } #endif /* MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static int tls1_prf( const unsigned char *secret, size_t slen, - const char *label, - const unsigned char *random, size_t rlen, - unsigned char *dstbuf, size_t dlen ) -{ - size_t nb, hs; - size_t i, j, k; - const unsigned char *S1, *S2; - unsigned char *tmp; - size_t tmp_len = 0; - unsigned char h_i[20]; - const mbedtls_md_info_t *md_info; - mbedtls_md_context_t md_ctx; - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - mbedtls_md_init( &md_ctx ); - - tmp_len = 20 + strlen( label ) + rlen; - tmp = mbedtls_calloc( 1, tmp_len ); - if( tmp == NULL ) - { - ret = MBEDTLS_ERR_SSL_ALLOC_FAILED; - goto exit; - } - - hs = ( slen + 1 ) / 2; - S1 = secret; - S2 = secret + slen - hs; - - nb = strlen( label ); - memcpy( tmp + 20, label, nb ); - memcpy( tmp + 20 + nb, random, rlen ); - nb += rlen; - - /* - * First compute P_md5(secret,label+random)[0..dlen] - */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_MD5 ) ) == NULL ) - { - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto exit; - } - - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - { - goto exit; - } - - mbedtls_md_hmac_starts( &md_ctx, S1, hs ); - mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - - for( i = 0; i < dlen; i += 16 ) - { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); - - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, 4 + tmp, 16 ); - mbedtls_md_hmac_finish( &md_ctx, 4 + tmp ); - - k = ( i + 16 > dlen ) ? dlen % 16 : 16; - - for( j = 0; j < k; j++ ) - dstbuf[i + j] = h_i[j]; - } - - mbedtls_md_free( &md_ctx ); - - /* - * XOR out with P_sha1(secret,label+random)[0..dlen] - */ - if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL ) - { - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto exit; - } - - if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 ) - { - goto exit; - } - - mbedtls_md_hmac_starts( &md_ctx, S2, hs ); - mbedtls_md_hmac_update( &md_ctx, tmp + 20, nb ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); - - for( i = 0; i < dlen; i += 20 ) - { - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, 20 + nb ); - mbedtls_md_hmac_finish( &md_ctx, h_i ); - - mbedtls_md_hmac_reset ( &md_ctx ); - mbedtls_md_hmac_update( &md_ctx, tmp, 20 ); - mbedtls_md_hmac_finish( &md_ctx, tmp ); - - k = ( i + 20 > dlen ) ? dlen % 20 : 20; - - for( j = 0; j < k; j++ ) - dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); - } - -exit: - mbedtls_md_free( &md_ctx ); - - mbedtls_platform_zeroize( tmp, tmp_len ); - mbedtls_platform_zeroize( h_i, sizeof( h_i ) ); - - mbedtls_free( tmp ); - return( ret ); -} -#endif /* MBEDTLS_SSL_PROTO_TLS1) || MBEDTLS_SSL_PROTO_TLS1_1 */ - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -667,15 +551,6 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen, static void ssl_update_checksum_start( mbedtls_ssl_context *, const unsigned char *, size_t ); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *, const unsigned char *, size_t ); -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char*, size_t * ); -static void ssl_calc_finished_tls( mbedtls_ssl_context *, unsigned char *, int ); -#endif - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) static void ssl_update_checksum_sha256( mbedtls_ssl_context *, const unsigned char *, size_t ); @@ -715,13 +590,6 @@ static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl ) #if defined(MBEDTLS_SSL_EXPORT_KEYS) static mbedtls_tls_prf_types tls_prf_get_type( mbedtls_ssl_tls_prf_cb *tls_prf ) { -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( tls_prf == tls1_prf ) - { - return( MBEDTLS_SSL_TLS_PRF_TLS1 ); - } - else -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA384_C) if( tls_prf == tls_prf_sha384 ) @@ -752,12 +620,6 @@ int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types prf, switch( prf ) { -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - case MBEDTLS_SSL_TLS_PRF_TLS1: - tls_prf = tls1_prf; - break; -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_TLS_PRF_SHA384: @@ -1023,14 +885,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, - transform->maclen % cipher_info->block_size; } -#if defined(MBEDTLS_SSL_PROTO_TLS1) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_1 ) - ; /* No need to adjust minlen */ - else -#endif -#if defined(MBEDTLS_SSL_PROTO_TLS1_1) || defined(MBEDTLS_SSL_PROTO_TLS1_2) - if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_2 || - minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) + if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { transform->minlen += transform->ivlen; } @@ -1105,9 +961,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, goto end; } -#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { /* For HMAC-based ciphersuites, initialize the HMAC transforms. @@ -1280,7 +1135,7 @@ end: } /* - * Set appropriate PRF function and other SSL / TLS 1.0/1.1 / TLS1.2 functions + * Set appropriate PRF function and other SSL / TLS1.2 functions * * Inputs: * - SSL/TLS minor version @@ -1297,15 +1152,6 @@ static int ssl_set_handshake_prfs( mbedtls_ssl_handshake_params *handshake, (void) hash; #endif -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - { - handshake->tls_prf = tls1_prf; - handshake->calc_verify = ssl_calc_verify_tls; - handshake->calc_finished = ssl_calc_finished_tls; - } - else -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA384_C) if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 && @@ -1546,37 +1392,6 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) return( 0 ); } -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -void ssl_calc_verify_tls( const mbedtls_ssl_context *ssl, - unsigned char *hash, - size_t *hlen ) -{ - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - - mbedtls_md5_finish_ret( &md5, hash ); - mbedtls_sha1_finish_ret( &sha1, hash + 16 ); - - *hlen = 36; - - MBEDTLS_SSL_DEBUG_BUF( 3, "calculated verify result", hash, *hlen ); - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); - - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - return; -} -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *ssl, @@ -2203,8 +2018,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ) return( -1 ); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->in_hslen == 3 + mbedtls_ssl_hs_hdr_len( ssl ) && ssl->in_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE && ssl->in_msg[0] == MBEDTLS_SSL_HS_CERTIFICATE && @@ -2215,8 +2029,7 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) } return( -1 ); -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } #endif /* MBEDTLS_SSL_SRV_C */ @@ -2651,11 +2464,6 @@ void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, { ((void) ciphersuite_info); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ssl->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) - ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; - else -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA384_C) if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) @@ -2676,10 +2484,6 @@ void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) { -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_starts_ret( &ssl->handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &ssl->handshake->fin_sha1 ); -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -2703,10 +2507,6 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl ) static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len ) { -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -2725,15 +2525,6 @@ static void ssl_update_checksum_start( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_update_checksum_md5sha1( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - mbedtls_md5_update_ret( &ssl->handshake->fin_md5 , buf, len ); - mbedtls_sha1_update_ret( &ssl->handshake->fin_sha1, buf, len ); -} -#endif - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) static void ssl_update_checksum_sha256( mbedtls_ssl_context *ssl, @@ -2760,65 +2551,6 @@ static void ssl_update_checksum_sha384( mbedtls_ssl_context *ssl, #endif #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -static void ssl_calc_finished_tls( - mbedtls_ssl_context *ssl, unsigned char *buf, int from ) -{ - int len = 12; - const char *sender; - mbedtls_md5_context md5; - mbedtls_sha1_context sha1; - unsigned char padbuf[36]; - - mbedtls_ssl_session *session = ssl->session_negotiate; - if( !session ) - session = ssl->session; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); - - mbedtls_md5_init( &md5 ); - mbedtls_sha1_init( &sha1 ); - - mbedtls_md5_clone( &md5, &ssl->handshake->fin_md5 ); - mbedtls_sha1_clone( &sha1, &ssl->handshake->fin_sha1 ); - - /* - * TLSv1: - * hash = PRF( master, finished_label, - * MD5( handshake ) + SHA1( handshake ) )[0..11] - */ - -#if !defined(MBEDTLS_MD5_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) - md5.state, sizeof( md5.state ) ); -#endif - -#if !defined(MBEDTLS_SHA1_ALT) - MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) - sha1.state, sizeof( sha1.state ) ); -#endif - - sender = ( from == MBEDTLS_SSL_IS_CLIENT ) - ? "client finished" - : "server finished"; - - mbedtls_md5_finish_ret( &md5, padbuf ); - mbedtls_sha1_finish_ret( &sha1, padbuf + 16 ); - - ssl->handshake->tls_prf( session->master, 48, sender, - padbuf, 36, buf, len ); - - MBEDTLS_SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); - - mbedtls_md5_free( &md5 ); - mbedtls_sha1_free( &sha1 ); - - mbedtls_platform_zeroize( padbuf, sizeof( padbuf ) ); - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); -} -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) static void ssl_calc_finished_tls_sha256( @@ -3249,12 +2981,6 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake ) { memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) ); -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_init( &handshake->fin_md5 ); - mbedtls_sha1_init( &handshake->fin_sha1 ); - mbedtls_md5_starts_ret( &handshake->fin_md5 ); - mbedtls_sha1_starts_ret( &handshake->fin_sha1 ); -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -5583,10 +5309,6 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) - mbedtls_md5_free( &handshake->fin_md5 ); - mbedtls_sha1_free( &handshake->fin_sha1 ); -#endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA256_C) #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -6985,17 +6707,6 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) switch( md ) { -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -#if defined(MBEDTLS_MD5_C) - case MBEDTLS_SSL_HASH_MD5: - return( -1 ); -#endif -#if defined(MBEDTLS_SHA1_C) - case MBEDTLS_SSL_HASH_SHA1: - ssl->handshake->calc_verify = ssl_calc_verify_tls; - break; -#endif -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ #if defined(MBEDTLS_SHA384_C) case MBEDTLS_SSL_HASH_SHA384: ssl->handshake->calc_verify = ssl_calc_verify_tls_sha384; @@ -7019,92 +6730,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md ) #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ } -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) -int mbedtls_ssl_get_key_exchange_md_ssl_tls( mbedtls_ssl_context *ssl, - unsigned char *output, - unsigned char *data, size_t data_len ) -{ - int ret = 0; - mbedtls_md5_context mbedtls_md5; - mbedtls_sha1_context mbedtls_sha1; - - mbedtls_md5_init( &mbedtls_md5 ); - mbedtls_sha1_init( &mbedtls_sha1 ); - - /* - * digitally-signed struct { - * opaque md5_hash[16]; - * opaque sha_hash[20]; - * }; - * - * md5_hash - * MD5(ClientHello.random + ServerHello.random - * + ServerParams); - * sha_hash - * SHA(ClientHello.random + ServerHello.random - * + ServerParams); - */ - if( ( ret = mbedtls_md5_starts_ret( &mbedtls_md5 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_starts_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_md5_update_ret( &mbedtls_md5, data, data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_md5_finish_ret( &mbedtls_md5, output ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_md5_finish_ret", ret ); - goto exit; - } - - if( ( ret = mbedtls_sha1_starts_ret( &mbedtls_sha1 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_starts_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, - ssl->handshake->randbytes, 64 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_sha1_update_ret( &mbedtls_sha1, data, - data_len ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_update_ret", ret ); - goto exit; - } - if( ( ret = mbedtls_sha1_finish_ret( &mbedtls_sha1, - output + 16 ) ) != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_sha1_finish_ret", ret ); - goto exit; - } - -exit: - mbedtls_md5_free( &mbedtls_md5 ); - mbedtls_sha1_free( &mbedtls_sha1 ); - - if( ret != 0 ) - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - - return( ret ); - -} -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 */ - -#if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_USE_PSA_CRYPTO) int mbedtls_ssl_get_key_exchange_md_tls1_2( mbedtls_ssl_context *ssl, @@ -7227,7 +6853,6 @@ exit: } #endif /* MBEDTLS_USE_PSA_CRYPTO */ -#endif /* MBEDTLS_SSL_PROTO_TLS1 || MBEDTLS_SSL_PROTO_TLS1_1 || \ - MBEDTLS_SSL_PROTO_TLS1_2 */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #endif /* MBEDTLS_SSL_TLS_C */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 2ce8588373..fb3cce19f2 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -422,7 +422,7 @@ int main( void ) " min_version=%%s default: (library default: tls1)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ + " options: tls1_2, dtls1_2\n" \ "\n" \ " force_ciphersuite= default: all enabled\n"\ " query_config= return 0 if the specified\n" \ @@ -1098,12 +1098,7 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "min_version" ) == 0 ) { - if( strcmp( q, "tls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || + if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; else @@ -1111,12 +1106,7 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "max_version" ) == 0 ) { - if( strcmp( q, "tls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || + if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; else @@ -1133,27 +1123,11 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "force_version" ) == 0 ) { - if( strcmp( q, "tls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls1_2" ) == 0 ) + if( strcmp( q, "tls1_2" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; } - else if( strcmp( q, "dtls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } else if( strcmp( q, "dtls1_2" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; @@ -1375,10 +1349,10 @@ int main( int argc, char *argv[] ) if( opt.min_version < ciphersuite_info->min_minor_ver ) { opt.min_version = ciphersuite_info->min_minor_ver; - /* DTLS starts with TLS 1.1 */ + /* for DTLS 1.2 */ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; + opt.min_version < MBEDTLS_SSL_MINOR_VERSION_3 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; } #if defined(MBEDTLS_USE_PSA_CRYPTO) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1ff27fb8b0..70421b9859 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -503,7 +503,7 @@ int main( void ) " min_version=%%s default: (library default: tls1)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1, tls1_1, tls1_2, dtls1, dtls1_2\n" \ + " options: tls1, dtls1_2\n" \ "\n" \ " version_suites=a,b,c per-version ciphersuites\n" \ " in order from tls1 to tls1_2\n" \ @@ -1726,12 +1726,7 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "min_version" ) == 0 ) { - if( strcmp( q, "tls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || + if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; else @@ -1739,12 +1734,7 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "max_version" ) == 0 ) { - if( strcmp( q, "tls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - else if( strcmp( q, "tls1_1" ) == 0 || - strcmp( q, "dtls1" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - else if( strcmp( q, "tls1_2" ) == 0 || + if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; else @@ -1761,27 +1751,11 @@ int main( int argc, char *argv[] ) } else if( strcmp( p, "force_version" ) == 0 ) { - if( strcmp( q, "tls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_1; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_1; - } - else if( strcmp( q, "tls1_1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - } - else if( strcmp( q, "tls1_2" ) == 0 ) + if( strcmp( q, "tls1_2" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; } - else if( strcmp( q, "dtls1" ) == 0 ) - { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_2; - opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; - } else if( strcmp( q, "dtls1_2" ) == 0 ) { opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; diff --git a/tests/compat.sh b/tests/compat.sh index 6a2bbb270c..c57ec4fdcb 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -67,7 +67,7 @@ else fi # default values for options -MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2" +MODES="tls1_2 dtls1_2" VERIFIES="NO YES" TYPES="ECDSA RSA PSK" FILTER="" @@ -162,12 +162,6 @@ is_dtls() minor_ver() { case "$1" in - tls1) - echo 1 - ;; - tls1_1|dtls1) - echo 2 - ;; tls1_2|dtls1_2) echo 3 ;; @@ -841,19 +835,9 @@ setup_arguments() { G_MODE="" case "$MODE" in - "tls1") - G_PRIO_MODE="+VERS-TLS1.0" - ;; - "tls1_1") - G_PRIO_MODE="+VERS-TLS1.1" - ;; "tls1_2") G_PRIO_MODE="+VERS-TLS1.2" ;; - "dtls1") - G_PRIO_MODE="+VERS-DTLS1.0" - G_MODE="-u" - ;; "dtls1_2") G_PRIO_MODE="+VERS-DTLS1.2" G_MODE="-u" diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh index 5f13b22492..93b7e1dd52 100755 --- a/tests/scripts/basic-build-test.sh +++ b/tests/scripts/basic-build-test.sh @@ -115,7 +115,7 @@ echo echo '################ compat.sh ################' { echo '#### compat.sh: Default versions' - sh compat.sh -m 'tls1 tls1_1 tls1_2 dtls1 dtls1_2' + sh compat.sh -m 'tls1_2 dtls1_2' echo echo '#### compat.sh: legacy (null, DES, RC4)' diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl index 57263a334e..a79604e9ff 100755 --- a/tests/scripts/test-ref-configs.pl +++ b/tests/scripts/test-ref-configs.pl @@ -31,9 +31,6 @@ my %configs = ( 'config-ccm-psk-tls1_2.h' => { 'compat' => '-m tls1_2 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'', }, - 'config-mini-tls1_1.h' => { - 'compat' => '-m tls1_1 -f \'^DES-CBC3-SHA$\|^TLS-RSA-WITH-3DES-EDE-CBC-SHA$\'', #' - }, 'config-no-entropy.h' => { }, 'config-suite-b.h' => { diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 1041c87d4f..13db30b448 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1402,22 +1402,6 @@ run_test "Context-specific CRT verification callback" \ -C "Use configuration-specific verification callback" \ -C "error" -# Test empty CA list in CertificateRequest in TLS 1.1 and earlier - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \ - "$G_SRV"\ - "$P_CLI force_version=tls1_1" \ - 0 - -requires_gnutls -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 -run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \ - "$G_SRV"\ - "$P_CLI force_version=tls1" \ - 0 - # Tests for SHA-1 support run_test "SHA-1 forbidden by default in server certificate" \ "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \ @@ -2460,33 +2444,6 @@ run_test "Extended Master Secret: client disabled, server enabled" \ # Tests for FALLBACK_SCSV -run_test "Fallback SCSV: default" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 force_version=tls1_1" \ - 0 \ - -C "adding FALLBACK_SCSV" \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" \ - -C "is a fatal alert message (msg 86)" - -run_test "Fallback SCSV: explicitly disabled" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ - 0 \ - -C "adding FALLBACK_SCSV" \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" \ - -C "is a fatal alert message (msg 86)" - -run_test "Fallback SCSV: enabled" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ - 1 \ - -c "adding FALLBACK_SCSV" \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" \ - -c "is a fatal alert message (msg 86)" - run_test "Fallback SCSV: enabled, max version" \ "$P_SRV debug_level=2" \ "$P_CLI debug_level=3 fallback=1" \ @@ -2496,38 +2453,6 @@ run_test "Fallback SCSV: enabled, max version" \ -S "inapropriate fallback" \ -C "is a fatal alert message (msg 86)" -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: default, openssl server" \ - "$O_SRV" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \ - 0 \ - -C "adding FALLBACK_SCSV" \ - -C "is a fatal alert message (msg 86)" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: enabled, openssl server" \ - "$O_SRV" \ - "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \ - 1 \ - -c "adding FALLBACK_SCSV" \ - -c "is a fatal alert message (msg 86)" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: disabled, openssl client" \ - "$P_SRV debug_level=2" \ - "$O_CLI -tls1_1" \ - 0 \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: enabled, openssl client" \ - "$P_SRV debug_level=2" \ - "$O_CLI -tls1_1 -fallback_scsv" \ - 1 \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" - requires_openssl_with_fallback_scsv run_test "Fallback SCSV: enabled, max version, openssl client" \ "$P_SRV debug_level=2" \ @@ -2568,37 +2493,6 @@ run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \ -s "dumping 'input payload after decrypt' (0 bytes)" \ -c "0 bytes written in 1 fragments" -## ClientHello generated with -## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..." -## then manually twiddling the ciphersuite list. -## The ClientHello content is spelled out below as a hex string as -## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix". -## The expected response is an inappropriate_fallback alert. -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: beginning of list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \ - 0 \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: end of list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \ - 0 \ - -s "received FALLBACK_SCSV" \ - -s "inapropriate fallback" - -## Here the expected response is a valid ServerHello prefix, up to the random. -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: not in list" \ - "$P_SRV debug_level=2" \ - "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \ - 0 \ - -S "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - # Tests for CBC 1/n-1 record splitting run_test "CBC Record splitting: TLS 1.2, no splitting" \ @@ -2610,42 +2504,6 @@ run_test "CBC Record splitting: TLS 1.2, no splitting" \ -S "Read from client: 1 bytes read" \ -S "122 bytes read" -run_test "CBC Record splitting: TLS 1.1, no splitting" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1_1" \ - 0 \ - -s "Read from client: 123 bytes read" \ - -S "Read from client: 1 bytes read" \ - -S "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0, splitting" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1" \ - 0 \ - -S "Read from client: 123 bytes read" \ - -s "Read from client: 1 bytes read" \ - -s "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0, splitting disabled" \ - "$P_SRV" \ - "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1 recsplit=0" \ - 0 \ - -s "Read from client: 123 bytes read" \ - -S "Read from client: 1 bytes read" \ - -S "122 bytes read" - -run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \ - "$P_SRV nbio=2" \ - "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ - request_size=123 force_version=tls1" \ - 0 \ - -S "Read from client: 123 bytes read" \ - -s "Read from client: 1 bytes read" \ - -s "122 bytes read" - # Tests for Session Tickets run_test "Session resume using tickets: basic" \ @@ -4464,52 +4322,6 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ -c "signed using.*ECDSA with SHA256" \ -C "signed using.*ECDSA with SHA1" -requires_config_disabled MBEDTLS_X509_REMOVE_INFO -run_test "Certificate hash: client TLS 1.1 -> SHA-1" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server5-sha1.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -C "signed using.*ECDSA with SHA256" \ - -c "signed using.*ECDSA with SHA1" - -requires_config_disabled MBEDTLS_X509_REMOVE_INFO -run_test "Certificate hash: client TLS 1.0 -> SHA-1" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server5-sha1.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1" \ - 0 \ - -C "signed using.*ECDSA with SHA256" \ - -c "signed using.*ECDSA with SHA1" - -requires_config_disabled MBEDTLS_X509_REMOVE_INFO -run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \ - "$P_SRV crt_file=data_files/server5.crt \ - key_file=data_files/server5.key \ - crt_file2=data_files/server6.crt \ - key_file2=data_files/server6.key" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -c "serial number.*09" \ - -c "signed using.*ECDSA with SHA256" \ - -C "signed using.*ECDSA with SHA1" - -requires_config_disabled MBEDTLS_X509_REMOVE_INFO -run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \ - "$P_SRV crt_file=data_files/server6.crt \ - key_file=data_files/server6.key \ - crt_file2=data_files/server5.crt \ - key_file2=data_files/server5.key" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -c "serial number.*0A" \ - -c "signed using.*ECDSA with SHA256" \ - -C "signed using.*ECDSA with SHA1" - # tests for SNI requires_config_disabled MBEDTLS_X509_REMOVE_INFO @@ -4970,67 +4782,6 @@ run_test "Version check: all -> 1.2" \ -s "Protocol is TLSv1.2" \ -c "Protocol is TLSv1.2" -run_test "Version check: cli max 1.1 -> 1.1" \ - "$P_SRV" \ - "$P_CLI max_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: srv max 1.1 -> 1.1" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli+srv max 1.1 -> 1.1" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI max_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \ - "$P_SRV min_version=tls1_1" \ - "$P_CLI max_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI min_version=tls1_1" \ - 0 \ - -S "mbedtls_ssl_handshake returned" \ - -C "mbedtls_ssl_handshake returned" \ - -s "Protocol is TLSv1.1" \ - -c "Protocol is TLSv1.1" - -run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \ - "$P_SRV max_version=tls1_1" \ - "$P_CLI min_version=tls1_2" \ - 1 \ - -s "mbedtls_ssl_handshake returned" \ - -c "mbedtls_ssl_handshake returned" \ - -c "SSL - Handshake protocol not within min/max boundaries" - -run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \ - "$P_SRV min_version=tls1_2" \ - "$P_CLI max_version=tls1_1" \ - 1 \ - -s "mbedtls_ssl_handshake returned" \ - -c "mbedtls_ssl_handshake returned" \ - -s "SSL - Handshake protocol not within min/max boundaries" - # Tests for ALPN extension run_test "ALPN: none" \ @@ -5884,24 +5635,6 @@ run_test "ECJPAKE: working, DTLS, nolog" \ # Tests for ciphersuites per version -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: TLS 1.0" \ - "$P_SRV version_suites=TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA" - -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -requires_config_enabled MBEDTLS_CAMELLIA_C -requires_config_enabled MBEDTLS_AES_C -run_test "Per-version suites: TLS 1.1" \ - "$P_SRV version_suites=TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA" - requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_CAMELLIA_C requires_config_enabled MBEDTLS_AES_C @@ -5936,66 +5669,6 @@ run_test "mbedtls_ssl_get_bytes_avail: extra data" \ # Tests for small client packets -run_test "Small client packet TLS 1.0 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.1 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=1 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: 1 bytes read" - run_test "Small client packet TLS 1.2 BlockCipher" \ "$P_SRV" \ "$P_CLI request_size=1 force_version=tls1_2 \ @@ -6049,40 +5722,6 @@ run_test "Small client packet TLS 1.2 AEAD shorter tag" \ # Tests for small client packets in DTLS -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small client packet DTLS 1.0" \ - "$P_SRV dtls=1 force_version=dtls1" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small client packet DTLS 1.0, without EtM" \ - "$P_SRV dtls=1 force_version=dtls1 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.0, truncated hmac" \ - "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \ - "$P_CLI dtls=1 request_size=1 trunc_hmac=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \ - "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 request_size=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -s "Read from client: 1 bytes read" - requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small client packet DTLS 1.2" \ "$P_SRV dtls=1 force_version=dtls1_2" \ @@ -6119,66 +5758,6 @@ run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \ # Tests for small server packets -run_test "Small server packet TLS 1.0 BlockCipher" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.1 BlockCipher" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV response_size=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=1 trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -c "Read from server: 1 bytes read" - run_test "Small server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=1" \ "$P_CLI force_version=tls1_2 \ @@ -6232,40 +5811,6 @@ run_test "Small server packet TLS 1.2 AEAD shorter tag" \ # Tests for small server packets in DTLS -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small server packet DTLS 1.0" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -run_test "Small server packet DTLS 1.0, without EtM" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.0, truncated hmac" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \ - "$P_CLI dtls=1 trunc_hmac=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read" - -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \ - "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \ - "$P_CLI dtls=1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\ - 0 \ - -c "Read from server: 1 bytes read" - requires_config_enabled MBEDTLS_SSL_PROTO_DTLS run_test "Small server packet DTLS 1.2" \ "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \ @@ -6307,69 +5852,6 @@ fragments_for_write() { echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))" } -run_test "Large client packet TLS 1.0 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.1 BlockCipher" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV" \ - "$P_CLI request_size=16384 force_version=tls1_1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV trunc_hmac=1" \ - "$P_CLI request_size=16384 force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "Read from client: $MAX_CONTENT_LEN bytes read" - run_test "Large client packet TLS 1.2 BlockCipher" \ "$P_SRV" \ "$P_CLI request_size=16384 force_version=tls1_2 \ @@ -6426,69 +5908,6 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \ -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ -s "Read from client: $MAX_CONTENT_LEN bytes read" -# Checking next 3 tests logs for 1n-1 split against BEAST too -run_test "Large server packet TLS 1.0 BlockCipher" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1 etm=0 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1 recsplit=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 1 bytes read"\ - -c "16383 bytes read"\ - -C "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 BlockCipher" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -c "Read from server: 16384 bytes read" - -run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_1 etm=0 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \ - "$P_SRV response_size=16384" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \ - trunc_hmac=1" \ - 0 \ - -c "Read from server: 16384 bytes read" - -requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC -run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \ - "$P_SRV response_size=16384 trunc_hmac=1" \ - "$P_CLI force_version=tls1_1 \ - force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ - 0 \ - -s "16384 bytes written in 1 fragments" \ - -c "Read from server: 16384 bytes read" - run_test "Large server packet TLS 1.2 BlockCipher" \ "$P_SRV response_size=16384" \ "$P_CLI force_version=tls1_2 \ @@ -6710,18 +6129,6 @@ run_test "SSL async private: sign, delay=2" \ -s "Async resume (slot [0-9]): call 0 more times." \ -s "Async resume (slot [0-9]): sign done, status=0" -# Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1 -# with RSA PKCS#1v1.5 as used in TLS 1.0/1.1. -requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "SSL async private: sign, RSA, TLS 1.1" \ - "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \ - async_operations=s async_private_delay1=0 async_private_delay2=0" \ - "$P_CLI force_version=tls1_1" \ - 0 \ - -s "Async sign callback: using key slot " \ - -s "Async resume (slot [0-9]): sign done, status=0" - requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE requires_config_disabled MBEDTLS_X509_REMOVE_INFO run_test "SSL async private: sign, SNI" \ @@ -7999,21 +7406,6 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ -c "fragmenting handshake message" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -requires_gnutls -run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \ - "$G_SRV -u" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - # We use --insecure for the GnuTLS client because it expects # the hostname / IP it connects to to be the name used in the # certificate obtained from the server. Here, however, it @@ -8036,22 +7428,6 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ 0 \ -s "fragmenting handshake message" -# See previous test for the reason to use --insecure -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -requires_gnutls -requires_not_i686 -run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - mtu=512 force_version=dtls1" \ - "$G_CLI -u --insecure 127.0.0.1" \ - 0 \ - -s "fragmenting handshake message" - requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C @@ -8066,20 +7442,6 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ -c "fragmenting handshake message" \ -C "error" -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "DTLS fragmenting: openssl server, DTLS 1.0" \ - "$O_SRV -dtls1 -verify 10" \ - "$P_CLI dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C @@ -8093,19 +7455,6 @@ run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ 0 \ -s "fragmenting handshake message" -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -run_test "DTLS fragmenting: openssl client, DTLS 1.0" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - mtu=512 force_version=dtls1" \ - "$O_CLI -dtls1" \ - 0 \ - -s "fragmenting handshake message" - # interop tests for DTLS fragmentating with unreliable connection # # again we just want to test that the we fragment in a way that @@ -8127,23 +7476,6 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ -c "fragmenting handshake message" \ -C "error" -requires_gnutls_next -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$G_NEXT_SRV -u" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - requires_gnutls_next requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C @@ -8160,22 +7492,6 @@ run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ 0 \ -s "fragmenting handshake message" -requires_gnutls_next -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$P_SRV dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - "$G_NEXT_CLI -u --insecure 127.0.0.1" \ - 0 \ - -s "fragmenting handshake message" - ## Interop test with OpenSSL might trigger a bug in recent versions (including ## all versions installed on the CI machines), reported here: ## Bug report: https://github.com/openssl/openssl/issues/6902 @@ -8198,23 +7514,6 @@ run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ -c "fragmenting handshake message" \ -C "error" -skip_next_test -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$O_SRV -dtls1 -verify 10" \ - "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server8_int-ca2.crt \ - key_file=data_files/server8.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - 0 \ - -c "fragmenting handshake message" \ - -C "error" - skip_next_test requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C @@ -8231,24 +7530,6 @@ run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ 0 \ -s "fragmenting handshake message" -# -nbio is added to prevent s_client from blocking in case of duplicated -# messages at the end of the handshake -skip_next_test -requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -requires_config_enabled MBEDTLS_RSA_C -requires_config_enabled MBEDTLS_ECDSA_C -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -client_needs_more_time 4 -run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \ - -p "$P_PXY drop=8 delay=8 duplicate=8" \ - "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \ - crt_file=data_files/server7_int-ca.crt \ - key_file=data_files/server7.key \ - hs_timeout=250-60000 mtu=512 force_version=dtls1" \ - "$O_CLI -nbio -dtls1" \ - 0 \ - -s "fragmenting handshake message" - # Tests for DTLS-SRTP (RFC 5764) requires_config_enabled MBEDTLS_SSL_DTLS_SRTP run_test "DTLS-SRTP all profiles supported" \ From 28126050f2937ff69e02c35ca50ee30af6a0ad14 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 10:34:48 +0200 Subject: [PATCH 223/271] Removal of constants and functions and a new ChangeLog file Signed-off-by: TRodziewicz --- ChangeLog.d/issue4286.txt | 9 ++++++++ include/mbedtls/config.h | 12 ----------- include/mbedtls/ssl.h | 10 --------- library/ssl_msg.c | 42 ------------------------------------- library/ssl_tls.c | 15 ------------- programs/fuzz/fuzz_client.c | 3 --- programs/ssl/ssl_client2.c | 15 ------------- tests/scripts/all.sh | 18 ---------------- 8 files changed, 9 insertions(+), 115 deletions(-) create mode 100644 ChangeLog.d/issue4286.txt diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt new file mode 100644 index 0000000000..3fb9585634 --- /dev/null +++ b/ChangeLog.d/issue4286.txt @@ -0,0 +1,9 @@ +Removals + * Remove the following deprecated library constants + MBEDTLS_SSL_PROTO_TLS1, MBEDTLS_SSL_PROTO_TLS1_1, + MBEDTLS_SSL_CBC_RECORD_SPLITTING, + MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED, + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED and functions + ssl_write_split(), mbedtls_ssl_conf_cbc_record_splitting() as well as test + function component_test_variable_ssl_in_out_buffer_len_record_splitting(). + Fixes #4286. diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 4905b92430..993b90ff66 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1592,18 +1592,6 @@ */ #define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE -/** - * \def MBEDTLS_SSL_CBC_RECORD_SPLITTING - * - * Enable 1/n-1 record splitting for CBC mode in TLS. - * - * This is a countermeasure to the BEAST attack, which also minimizes the risk - * of interoperability issues compared to sending 0-length records. - * - * Comment this macro to disable 1/n-1 record splitting. - */ -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING - /** * \def MBEDTLS_SSL_RENEGOTIATION * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 39661cbac2..b5200426f7 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -198,9 +198,6 @@ #define MBEDTLS_SSL_SESSION_TICKETS_DISABLED 0 #define MBEDTLS_SSL_SESSION_TICKETS_ENABLED 1 -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED 0 -#define MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED 1 - #define MBEDTLS_SSL_PRESET_DEFAULT 0 #define MBEDTLS_SSL_PRESET_SUITEB 2 @@ -1192,9 +1189,6 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) unsigned int anti_replay : 1; /*!< detect and prevent replay? */ #endif -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - unsigned int cbc_record_splitting : 1; /*!< do cbc record splitting */ -#endif #if defined(MBEDTLS_SSL_RENEGOTIATION) unsigned int disable_renegotiation : 1; /*!< disable renegotiation? */ #endif @@ -1356,10 +1350,6 @@ struct mbedtls_ssl_context uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */ #endif /* MBEDTLS_SSL_PROTO_DTLS */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - signed char split_done; /*!< current record already splitted? */ -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - /* * PKI layer */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 540d5d1f64..081a0b2b97 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5475,44 +5475,6 @@ static int ssl_write_real( mbedtls_ssl_context *ssl, return( (int) len ); } -/* - * Write application data, doing 1/n-1 splitting if necessary. - * - * With non-blocking I/O, ssl_write_real() may return WANT_WRITE, - * then the caller will call us again with the same arguments, so - * remember whether we already did the split or not. - */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -static int ssl_write_split( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - if( ssl->conf->cbc_record_splitting == - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED || - len <= 1 || - ssl->minor_ver > MBEDTLS_SSL_MINOR_VERSION_1 || - mbedtls_cipher_get_cipher_mode( &ssl->transform_out->cipher_ctx_enc ) - != MBEDTLS_MODE_CBC ) - { - return( ssl_write_real( ssl, buf, len ) ); - } - - if( ssl->split_done == 0 ) - { - if( ( ret = ssl_write_real( ssl, buf, 1 ) ) <= 0 ) - return( ret ); - ssl->split_done = 1; - } - - if( ( ret = ssl_write_real( ssl, buf + 1, len - 1 ) ) <= 0 ) - return( ret ); - ssl->split_done = 0; - - return( ret + 1 ); -} -#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ - /* * Write application data (public-facing wrapper) */ @@ -5542,11 +5504,7 @@ int mbedtls_ssl_write( mbedtls_ssl_context *ssl, const unsigned char *buf, size_ } } -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - ret = ssl_write_split( ssl, buf, len ); -#else ret = ssl_write_real( ssl, buf, len ); -#endif MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write" ) ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 58675dbede..771e01a2a3 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3307,10 +3307,6 @@ int mbedtls_ssl_session_reset_int( mbedtls_ssl_context *ssl, int partial ) ssl->out_msgtype = 0; ssl->out_msglen = 0; ssl->out_left = 0; -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( ssl->split_done != MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ) - ssl->split_done = 0; -#endif memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) ); @@ -4202,13 +4198,6 @@ void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate ) } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -void mbedtls_ssl_conf_cbc_record_splitting( mbedtls_ssl_config *conf, char split ) -{ - conf->cbc_record_splitting = split; -} -#endif - void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy ) { conf->allow_legacy_renegotiation = allow_legacy; @@ -6234,10 +6223,6 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->extended_ms = MBEDTLS_SSL_EXTENDED_MS_ENABLED; #endif -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED; -#endif - #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) conf->f_cookie_write = ssl_cookie_write_dummy; conf->f_cookie_check = ssl_cookie_check_dummy; diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c index 618eda2656..a6371736b3 100644 --- a/programs/fuzz/fuzz_client.c +++ b/programs/fuzz/fuzz_client.c @@ -109,9 +109,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) { #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) mbedtls_ssl_conf_encrypt_then_mac( &conf, (options & 0x20) ? MBEDTLS_SSL_ETM_DISABLED : MBEDTLS_SSL_ETM_ENABLED); #endif -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - mbedtls_ssl_conf_cbc_record_splitting( &conf, (options & 0x40) ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); -#endif #if defined(MBEDTLS_SSL_RENEGOTIATION) mbedtls_ssl_conf_renegotiation( &conf, (options & 0x80) ? MBEDTLS_SSL_RENEGOTIATION_ENABLED : MBEDTLS_SSL_RENEGOTIATION_DISABLED ); #endif diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index fb3cce19f2..a643900b95 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -248,13 +248,6 @@ int main( void ) #define USAGE_MAX_FRAG_LEN "" #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) -#define USAGE_RECSPLIT \ - " recsplit=0/1 default: (library default: on)\n" -#else -#define USAGE_RECSPLIT -#endif - #if defined(MBEDTLS_DHM_C) #define USAGE_DHMLEN \ " dhmlen=%%d default: (library default: 1024 bits)\n" @@ -414,7 +407,6 @@ int main( void ) USAGE_ETM \ USAGE_REPRODUCIBLE \ USAGE_CURVES \ - USAGE_RECSPLIT \ USAGE_DHMLEN \ "\n" #define USAGE4 \ @@ -1780,13 +1772,6 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */ -#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - if( opt.recsplit != DFL_RECSPLIT ) - mbedtls_ssl_conf_cbc_record_splitting( &conf, opt.recsplit - ? MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED - : MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED ); -#endif - #if defined(MBEDTLS_DHM_C) if( opt.dhmlen != DFL_DHMLEN ) mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen ); diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 1653ad8b3a..ef2b6363bb 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -2043,24 +2043,6 @@ component_test_variable_ssl_in_out_buffer_len_CID () { if_build_succeeded tests/compat.sh } -component_test_variable_ssl_in_out_buffer_len_record_splitting () { - msg "build: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled (ASan build)" - scripts/config.py set MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH - scripts/config.py set MBEDTLS_SSL_CBC_RECORD_SPLITTING - - CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . - make - - msg "test: MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING" - make test - - msg "test: ssl-opt.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled" - if_build_succeeded tests/ssl-opt.sh - - msg "test: compat.sh, MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH and MBEDTLS_SSL_CBC_RECORD_SPLITTING enabled" - if_build_succeeded tests/compat.sh -} - component_test_ssl_alloc_buffer_and_mfl () { msg "build: default config with memory buffer allocator and MFL extension" scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C From 55bd84bebc9b038b30eb807c3f55d335a1003ec4 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 11:40:46 +0200 Subject: [PATCH 224/271] Correction to the ssl client/server usage comment. Signed-off-by: TRodziewicz --- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index a643900b95..3de9665f59 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -411,7 +411,7 @@ int main( void ) "\n" #define USAGE4 \ " allow_sha1=%%d default: 0\n" \ - " min_version=%%s default: (library default: tls1)\n" \ + " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ " options: tls1_2, dtls1_2\n" \ diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 70421b9859..2cf2d73be7 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -500,10 +500,10 @@ int main( void ) USAGE_SSL_ASYNC \ USAGE_SNI \ " allow_sha1=%%d default: 0\n" \ - " min_version=%%s default: (library default: tls1)\n" \ + " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1, dtls1_2\n" \ + " options: tls1_2, dtls1_2\n" \ "\n" \ " version_suites=a,b,c per-version ciphersuites\n" \ " in order from tls1 to tls1_2\n" \ From ef73f01927d755066c995f265d7643af55b5d3fa Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 14:53:36 +0200 Subject: [PATCH 225/271] Removing strayed dtls1 after doing tests Signed-off-by: TRodziewicz --- library/ssl_msg.c | 2 +- library/ssl_tls.c | 4 +- tests/ssl-opt.sh | 255 ---------------------------------------------- 3 files changed, 3 insertions(+), 258 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 081a0b2b97..8c9caa9ef5 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -4811,7 +4811,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) static size_t ssl_transform_get_explicit_iv_len( mbedtls_ssl_transform const *transform ) { - if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ) + if( transform->minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 ) return( 0 ); return( transform->ivlen - transform->fixed_ivlen ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 771e01a2a3..2fcd99d5e6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3579,7 +3579,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, if( major != MBEDTLS_SSL_MAJOR_VERSION_3 ) return; - if( minor < MBEDTLS_SSL_MINOR_VERSION_1 || minor > MBEDTLS_SSL_MINOR_VERSION_3 ) + if( minor != MBEDTLS_SSL_MINOR_VERSION_3 ) return; set_protocol_version_ciphersuites(conf, minor, ciphersuites); @@ -6315,7 +6315,7 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, #if defined(MBEDTLS_SSL_PROTO_DTLS) if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; + conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; #endif const int* default_ciphersuites = mbedtls_ssl_list_ciphersuites(); set_protocol_version_ciphersuites(conf, MBEDTLS_SSL_MINOR_VERSION_1, diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 13db30b448..f107938c8c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2641,27 +2641,6 @@ run_test "Session resume using tickets, DTLS: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" -run_test "Session resume using tickets, DTLS: openssl server" \ - "$O_SRV -dtls1" \ - "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ - 0 \ - -c "client hello, adding session ticket extension" \ - -c "found session_ticket extension" \ - -c "parse new session ticket" \ - -c "a session has been resumed" - -run_test "Session resume using tickets, DTLS: openssl client" \ - "$P_SRV dtls=1 debug_level=3 tickets=1" \ - "( $O_CLI -dtls1 -sess_out $SESSION; \ - $O_CLI -dtls1 -sess_in $SESSION; \ - rm -f $SESSION )" \ - 0 \ - -s "found session ticket extension" \ - -s "server hello, adding session ticket extension" \ - -S "session successfully restored from cache" \ - -s "session successfully restored from ticket" \ - -s "a session has been resumed" - # Tests for Session Resume based on session-ID and cache run_test "Session resume using cache: tickets enabled on client" \ @@ -2850,26 +2829,6 @@ run_test "Session resume using cache, DTLS: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" -run_test "Session resume using cache, DTLS: openssl client" \ - "$P_SRV dtls=1 debug_level=3 tickets=0" \ - "( $O_CLI -dtls1 -sess_out $SESSION; \ - $O_CLI -dtls1 -sess_in $SESSION; \ - rm -f $SESSION )" \ - 0 \ - -s "found session ticket extension" \ - -S "server hello, adding session ticket extension" \ - -s "session successfully restored from cache" \ - -S "session successfully restored from ticket" \ - -s "a session has been resumed" - -run_test "Session resume using cache, DTLS: openssl server" \ - "$O_SRV -dtls1" \ - "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ - 0 \ - -C "found session_ticket extension" \ - -C "parse new session ticket" \ - -c "a session has been resumed" - # Tests for Max Fragment Length extension if [ "$MAX_IN_LEN" -lt "4096" ]; then @@ -6683,34 +6642,6 @@ run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ -C "error" \ -s "Extra-header:" -run_test "DTLS reassembly: no fragmentation (openssl server)" \ - "$O_SRV -dtls1 -mtu 2048" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -C "found fragmented DTLS handshake message" \ - -C "error" - -run_test "DTLS reassembly: some fragmentation (openssl server)" \ - "$O_SRV -dtls1 -mtu 768" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -run_test "DTLS reassembly: more fragmentation (openssl server)" \ - "$O_SRV -dtls1 -mtu 256" \ - "$P_CLI dtls=1 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - -run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ - "$O_SRV -dtls1 -mtu 256" \ - "$P_CLI dtls=1 nbio=2 debug_level=2" \ - 0 \ - -c "found fragmented DTLS handshake message" \ - -C "error" - # Tests for sending fragmented handshake messages with DTLS # # Use client auth when we need the client to send large messages, @@ -7681,192 +7612,6 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \ -C "dumping 'received mki' (8 bytes)" \ -C "error" -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP all profiles supported. openssl client." \ - "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -s "found srtp profile" \ - -s "selected srtp profile" \ - -s "server hello, adding use_srtp extension" \ - -s "DTLS-SRTP key material is"\ - -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ - -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl client." \ - "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -s "found srtp profile" \ - -s "selected srtp profile" \ - -s "server hello, adding use_srtp extension" \ - -s "DTLS-SRTP key material is"\ - -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ - -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \ - "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -s "found srtp profile" \ - -s "selected srtp profile" \ - -s "server hello, adding use_srtp extension" \ - -s "DTLS-SRTP key material is"\ - -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ - -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \ - "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -s "found srtp profile" \ - -s "selected srtp profile" \ - -s "server hello, adding use_srtp extension" \ - -s "DTLS-SRTP key material is"\ - -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ - -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \ - "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -s "found srtp profile" \ - -s "selected srtp profile" \ - -s "server hello, adding use_srtp extension" \ - -s "DTLS-SRTP key material is"\ - -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ - -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \ - "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -s "found srtp profile" \ - -S "selected srtp profile" \ - -S "server hello, adding use_srtp extension" \ - -S "DTLS-SRTP key material is"\ - -C "SRTP Extension negotiated, profile" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \ - "$P_SRV dtls=1 debug_level=3" \ - "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - 0 \ - -s "found use_srtp extension" \ - -S "server hello, adding use_srtp extension" \ - -S "DTLS-SRTP key material is"\ - -C "SRTP Extension negotiated, profile" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP all profiles supported. openssl server" \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -c "found use_srtp extension" \ - -c "found srtp profile" \ - -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \ - -c "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl server." \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -c "found use_srtp extension" \ - -c "found srtp profile" \ - -c "selected srtp profile" \ - -c "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -c "found use_srtp extension" \ - -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ - -c "selected srtp profile" \ - -c "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -c "found use_srtp extension" \ - -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ - -c "selected srtp profile" \ - -c "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -c "found use_srtp extension" \ - -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ - -c "selected srtp profile" \ - -c "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -C "found use_srtp extension" \ - -C "found srtp profile" \ - -C "selected srtp profile" \ - -C "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \ - "$O_SRV -dtls1" \ - "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -C "found use_srtp extension" \ - -C "found srtp profile" \ - -C "selected srtp profile" \ - -C "DTLS-SRTP key material is"\ - -C "error" - -requires_config_enabled MBEDTLS_SSL_DTLS_SRTP -run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \ - "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ - "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \ - 0 \ - -c "client hello, adding use_srtp extension" \ - -c "found use_srtp extension" \ - -c "found srtp profile" \ - -c "selected srtp profile" \ - -c "DTLS-SRTP key material is"\ - -c "DTLS-SRTP no mki value negotiated"\ - -c "dumping 'sending mki' (8 bytes)" \ - -C "dumping 'received mki' (8 bytes)" \ - -C "error" - requires_config_enabled MBEDTLS_SSL_DTLS_SRTP requires_gnutls run_test "DTLS-SRTP all profiles supported. gnutls client." \ From b5850c52166351c43eb65bc71266c6c6984dd992 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 17:11:23 +0200 Subject: [PATCH 226/271] Correction of too restrictive ssl cli minor check Signed-off-by: TRodziewicz --- library/ssl_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 3f7f684746..b0285d7ab4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1952,7 +1952,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) p += 2; if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || - minor_ver < MBEDTLS_SSL_MINOR_VERSION_3 || + minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || major_ver > ssl->conf->max_major_ver || minor_ver > ssl->conf->max_minor_ver ) { From 2d8800e2278bcf7a39a14a88bc7a36724ad26f79 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 19:14:19 +0200 Subject: [PATCH 227/271] Small corrections in the comments Signed-off-by: TRodziewicz --- library/ssl_cli.c | 4 ++++ library/ssl_msg.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index b0285d7ab4..81c0d6b085 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1951,6 +1951,10 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); p += 2; + /* + * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) + * even is lower than our min version. + */ if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || major_ver > ssl->conf->max_major_ver || diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 8c9caa9ef5..9896ad0149 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -836,7 +836,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* - * Prepend per-record IV for block cipher in TLS v1.2 + * Prepend per-record IV for block cipher in TLS v1.2 as per * Method 1 (6.2.3.2. in RFC4346 and RFC5246) */ if( transform->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) From 6370dbeb1dd1c8d9278025388cc9acb810accff2 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 22:56:31 +0200 Subject: [PATCH 228/271] Remove the _SSL_FALLBACK_ parts Signed-off-by: TRodziewicz --- include/mbedtls/config.h | 18 --------- include/mbedtls/ssl.h | 78 -------------------------------------- library/ssl_cli.c | 13 ------- library/ssl_msg.c | 64 ------------------------------- library/ssl_srv.c | 23 ----------- library/ssl_tls.c | 7 ---- programs/ssl/ssl_client2.c | 22 ----------- tests/compat.sh | 2 +- 8 files changed, 1 insertion(+), 226 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 993b90ff66..715c73ada0 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1552,24 +1552,6 @@ */ #define MBEDTLS_SSL_EXTENDED_MASTER_SECRET -/** - * \def MBEDTLS_SSL_FALLBACK_SCSV - * - * Enable support for RFC 7507: Fallback Signaling Cipher Suite Value (SCSV) - * for Preventing Protocol Downgrade Attacks. - * - * For servers, it is recommended to always enable this, unless you support - * only one version of TLS, or know for sure that none of your clients - * implements a fallback strategy. - * - * For clients, you only need this if you're using a fallback strategy, which - * is not recommended in the first place, unless you absolutely need it to - * interoperate with buggy (version-intolerant) servers. - * - * Comment this macro to disable support for FALLBACK_SCSV - */ -#define MBEDTLS_SSL_FALLBACK_SCSV - /** * \def MBEDTLS_SSL_KEEP_PEER_CERTIFICATE * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b5200426f7..8e6c1ee135 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -156,9 +156,6 @@ #define MBEDTLS_SSL_IS_CLIENT 0 #define MBEDTLS_SSL_IS_SERVER 1 -#define MBEDTLS_SSL_IS_NOT_FALLBACK 0 -#define MBEDTLS_SSL_IS_FALLBACK 1 - #define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 #define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 @@ -279,7 +276,6 @@ * Signaling ciphersuite values (SCSV) */ #define MBEDTLS_SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ -#define MBEDTLS_SSL_FALLBACK_SCSV_VALUE 0x5600 /**< RFC 7507 section 2 */ /* * Supported Signature and Hash algorithms (For TLS 1.2) @@ -1198,9 +1194,6 @@ struct mbedtls_ssl_config #if defined(MBEDTLS_SSL_SESSION_TICKETS) unsigned int session_tickets : 1; /*!< use session tickets? */ #endif -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) - unsigned int fallback : 1; /*!< is this a fallback? */ -#endif #if defined(MBEDTLS_SSL_SRV_C) unsigned int cert_req_ca_list : 1; /*!< enable sending CA list in Certificate Request messages? */ @@ -1832,54 +1825,6 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, */ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); -/** - * \brief Check whether a buffer contains a valid and authentic record - * that has not been seen before. (DTLS only). - * - * This function does not change the user-visible state - * of the SSL context. Its sole purpose is to provide - * an indication of the legitimacy of an incoming record. - * - * This can be useful e.g. in distributed server environments - * using the DTLS Connection ID feature, in which connections - * might need to be passed between service instances on a change - * of peer address, but where such disruptive operations should - * only happen after the validity of incoming records has been - * confirmed. - * - * \param ssl The SSL context to use. - * \param buf The address of the buffer holding the record to be checked. - * This must be a read/write buffer of length \p buflen Bytes. - * \param buflen The length of \p buf in Bytes. - * - * \note This routine only checks whether the provided buffer begins - * with a valid and authentic record that has not been seen - * before, but does not check potential data following the - * initial record. In particular, it is possible to pass DTLS - * datagrams containing multiple records, in which case only - * the first record is checked. - * - * \note This function modifies the input buffer \p buf. If you need - * to preserve the original record, you have to maintain a copy. - * - * \return \c 0 if the record is valid and authentic and has not been - * seen before. - * \return MBEDTLS_ERR_SSL_INVALID_MAC if the check completed - * successfully but the record was found to be not authentic. - * \return MBEDTLS_ERR_SSL_INVALID_RECORD if the check completed - * successfully but the record was found to be invalid for - * a reason different from authenticity checking. - * \return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD if the check completed - * successfully but the record was found to be unexpected - * in the state of the SSL context, including replayed records. - * \return Another negative error code on different kinds of failure. - * In this case, the SSL context becomes unusable and needs - * to be freed or reset before reuse. - */ -int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t buflen ); - /** * \brief Set the timer callbacks (Mandatory for DTLS.) * @@ -3268,29 +3213,6 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino */ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int minor ); -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) -/** - * \brief Set the fallback flag (client-side only). - * (Default: MBEDTLS_SSL_IS_NOT_FALLBACK). - * - * \note Set to MBEDTLS_SSL_IS_FALLBACK when preparing a fallback - * connection, that is a connection with max_version set to a - * lower value than the value you're willing to use. Such - * fallback connections are not recommended but are sometimes - * necessary to interoperate with buggy (version-intolerant) - * servers. - * - * \warning You should NOT set this to MBEDTLS_SSL_IS_FALLBACK for - * non-fallback connections! This would appear to work for a - * while, then cause failures when the server is upgraded to - * support a newer TLS version. - * - * \param conf SSL configuration - * \param fallback MBEDTLS_SSL_IS_NOT_FALLBACK or MBEDTLS_SSL_IS_FALLBACK - */ -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ); -#endif /* MBEDTLS_SSL_FALLBACK_SCSV && MBEDTLS_SSL_CLI_C */ - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) /** * \brief Enable or disable Encrypt-then-MAC diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 81c0d6b085..6cf283e1db 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1206,19 +1206,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) n++; } - /* Some versions of OpenSSL don't handle it correctly if not at end */ -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( ssl->conf->fallback == MBEDTLS_SSL_IS_FALLBACK ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding FALLBACK_SCSV" ) ); - - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ); - *p++ = (unsigned char)( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ); - n++; - } -#endif - *q++ = (unsigned char)( n >> 7 ); *q++ = (unsigned char)( n << 1 ); diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 9896ad0149..b629d79cb6 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -86,70 +86,6 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) return( 0 ); } -static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t len, - mbedtls_record *rec ); - -int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, - unsigned char *buf, - size_t buflen ) -{ - int ret = 0; - MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) ); - MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen ); - - /* We don't support record checking in TLS because - * (a) there doesn't seem to be a usecase for it, and - * (b) In TLS 1.0, CBC record decryption has state - * and we'd need to backup the transform here. - */ - if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) - { - ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - goto exit; - } -#if defined(MBEDTLS_SSL_PROTO_DTLS) - else - { - mbedtls_record rec; - - ret = ssl_parse_record_header( ssl, buf, buflen, &rec ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret ); - goto exit; - } - - if( ssl->transform_in != NULL ) - { - ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec ); - if( ret != 0 ) - { - MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret ); - goto exit; - } - } - } -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - -exit: - /* On success, we have decrypted the buffer in-place, so make - * sure we don't leak any plaintext data. */ - mbedtls_platform_zeroize( buf, buflen ); - - /* For the purpose of this API, treat messages with unexpected CID - * as well as such from future epochs as unexpected. */ - if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID || - ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) - { - ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; - } - - MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) ); - return( ret ); -} - #define SSL_DONT_FORCE_FLUSH 0 #define SSL_FORCE_FLUSH 1 diff --git a/library/ssl_srv.c b/library/ssl_srv.c index fb7ba975f9..e2b2757d67 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1781,29 +1781,6 @@ read_record_header: ext += 4 + ext_size; } -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - for( i = 0, p = buf + ciph_offset + 2; i < ciph_len; i += 2, p += 2 ) - { - if( p[0] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE >> 8 ) & 0xff ) && - p[1] == (unsigned char)( ( MBEDTLS_SSL_FALLBACK_SCSV_VALUE ) & 0xff ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "received FALLBACK_SCSV" ) ); - - if( ssl->minor_ver < ssl->conf->max_minor_ver ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "inapropriate fallback" ) ); - - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK ); - - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); - } - - break; - } - } -#endif /* MBEDTLS_SSL_FALLBACK_SCSV */ - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2fcd99d5e6..edb41efecc 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4147,13 +4147,6 @@ void mbedtls_ssl_conf_min_version( mbedtls_ssl_config *conf, int major, int mino conf->min_minor_ver = minor; } -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) && defined(MBEDTLS_SSL_CLI_C) -void mbedtls_ssl_conf_fallback( mbedtls_ssl_config *conf, char fallback ) -{ - conf->fallback = fallback; -} -#endif - #if defined(MBEDTLS_SSL_SRV_C) void mbedtls_ssl_conf_cert_req_ca_list( mbedtls_ssl_config *conf, char cert_req_ca_list ) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 3de9665f59..af86838e91 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -287,13 +287,6 @@ int main( void ) #define USAGE_DTLS "" #endif -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) -#define USAGE_FALLBACK \ - " fallback=0/1 default: (library default: off)\n" -#else -#define USAGE_FALLBACK "" -#endif - #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) #define USAGE_EMS \ " extended_ms=0/1 default: (library default: on)\n" @@ -402,7 +395,6 @@ int main( void ) USAGE_TRUNC_HMAC \ USAGE_CONTEXT_CRT_CB \ USAGE_ALPN \ - USAGE_FALLBACK \ USAGE_EMS \ USAGE_ETM \ USAGE_REPRODUCIBLE \ @@ -1055,15 +1047,6 @@ int main( int argc, char *argv[] ) { opt.alpn_string = q; } - else if( strcmp( p, "fallback" ) == 0 ) - { - switch( atoi( q ) ) - { - case 0: opt.fallback = MBEDTLS_SSL_IS_NOT_FALLBACK; break; - case 1: opt.fallback = MBEDTLS_SSL_IS_FALLBACK; break; - default: goto usage; - } - } else if( strcmp( p, "extended_ms" ) == 0 ) { switch( atoi( q ) ) @@ -1894,11 +1877,6 @@ int main( int argc, char *argv[] ) mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); -#if defined(MBEDTLS_SSL_FALLBACK_SCSV) - if( opt.fallback != DFL_FALLBACK ) - mbedtls_ssl_conf_fallback( &conf, opt.fallback ); -#endif - if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_ssl_setup returned -0x%x\n\n", diff --git a/tests/compat.sh b/tests/compat.sh index c57ec4fdcb..6c1e0d4dac 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -155,7 +155,7 @@ log() { # is_dtls is_dtls() { - test "$1" = "dtls1" -o "$1" = "dtls1_2" + test "$1" = "dtls1_2" } # minor_ver From 97e41723fa876eba6445efffe2e57488e7a8ddb4 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 13 May 2021 23:20:17 +0200 Subject: [PATCH 229/271] Remove the _SSL_FALLBACK_ tests Signed-off-by: TRodziewicz --- tests/ssl-opt.sh | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f107938c8c..59cb834bad 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2442,25 +2442,6 @@ run_test "Extended Master Secret: client disabled, server enabled" \ -C "session hash for extended master secret" \ -S "session hash for extended master secret" -# Tests for FALLBACK_SCSV - -run_test "Fallback SCSV: enabled, max version" \ - "$P_SRV debug_level=2" \ - "$P_CLI debug_level=3 fallback=1" \ - 0 \ - -c "adding FALLBACK_SCSV" \ - -s "received FALLBACK_SCSV" \ - -S "inapropriate fallback" \ - -C "is a fatal alert message (msg 86)" - -requires_openssl_with_fallback_scsv -run_test "Fallback SCSV: enabled, max version, openssl client" \ - "$P_SRV debug_level=2" \ - "$O_CLI -fallback_scsv" \ - 0 \ - -s "received FALLBACK_SCSV" \ - -S "inapropriate fallback" - # Test sending and receiving empty application data records run_test "Encrypt then MAC: empty application data record" \ From d807060e0a2528547c278ed9cea9e184e52c5b0d Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Fri, 14 May 2021 11:09:44 +0200 Subject: [PATCH 230/271] Addition of migration guide and corrections to the ChangeLog file Signed-off-by: TRodziewicz --- ChangeLog.d/issue4286.txt | 15 ++++++++++----- ...remove_support_for_tls_1.0_1.1_and_dtls_1.0.md | 11 +++++++++++ 2 files changed, 21 insertions(+), 5 deletions(-) create mode 100644 docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt index 3fb9585634..f2f2be2184 100644 --- a/ChangeLog.d/issue4286.txt +++ b/ChangeLog.d/issue4286.txt @@ -1,9 +1,14 @@ Removals - * Remove the following deprecated library constants - MBEDTLS_SSL_PROTO_TLS1, MBEDTLS_SSL_PROTO_TLS1_1, - MBEDTLS_SSL_CBC_RECORD_SPLITTING, + * Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following + deprecated library constants: MBEDTLS_SSL_PROTO_TLS1, + MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING, MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED, - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED and functions - ssl_write_split(), mbedtls_ssl_conf_cbc_record_splitting() as well as test + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_RECORD_CHECKING, + MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, + MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions: + ssl_write_split(), mbedtls_ssl_conf_cbc_record_splitting(), tls1_prf(), + ssl_update_checksum_md5sha1(), mbedtls_ssl_get_key_exchange_md_ssl_tls(), + mbedtls_ssl_check_record(), ssl_check_record(), ssl_calc_verify_tls(), + ssl_calc_finished_tls(), mbedtls_ssl_conf_fallback() as well as test function component_test_variable_ssl_in_out_buffer_len_record_splitting(). Fixes #4286. diff --git a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md new file mode 100644 index 0000000000..899f79aa08 --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md @@ -0,0 +1,11 @@ +Remove suport for TLS 1.0, 1.1 and DLTS 1.0 +------------------------------------------- + +This change affects users of the TLS 1.0, 1.1 and DTLS 1.0. + +The versions of (D)TLS that are being removed are not as secure as the latest +versions. Keeping them in the library creates opportunities for misconfiguration +and possibly downgrade attacks. More generally, more code means a larger attack +surface, even if the code is supposedly not used. + +The migration path is to adopt the latest versions of the protocol. From 4ca18aae38a307a0c88262db74715c9c07f953b5 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Thu, 20 May 2021 14:46:20 +0200 Subject: [PATCH 231/271] Corrections after the code review Signed-off-by: TRodziewicz --- ChangeLog.d/issue4286.txt | 9 +- ...ve_support_for_tls_1.0_1.1_and_dtls_1.0.md | 4 +- include/mbedtls/ssl.h | 7 +- library/ssl_misc.h | 12 +- library/ssl_msg.c | 66 ++++- library/ssl_srv.c | 15 +- library/ssl_tls.c | 2 +- programs/ssl/ssl_client2.c | 2 +- tests/ssl-opt.sh | 255 ++++++++++++++++++ 9 files changed, 339 insertions(+), 33 deletions(-) diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt index f2f2be2184..8fc1af266d 100644 --- a/ChangeLog.d/issue4286.txt +++ b/ChangeLog.d/issue4286.txt @@ -6,9 +6,6 @@ Removals MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_RECORD_CHECKING, MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions: - ssl_write_split(), mbedtls_ssl_conf_cbc_record_splitting(), tls1_prf(), - ssl_update_checksum_md5sha1(), mbedtls_ssl_get_key_exchange_md_ssl_tls(), - mbedtls_ssl_check_record(), ssl_check_record(), ssl_calc_verify_tls(), - ssl_calc_finished_tls(), mbedtls_ssl_conf_fallback() as well as test - function component_test_variable_ssl_in_out_buffer_len_record_splitting(). - Fixes #4286. + mbedtls_ssl_conf_cbc_record_splitting(), + mbedtls_ssl_get_key_exchange_md_ssl_tls(), + mbedtls_ssl_check_record(), mbedtls_ssl_conf_fallback(). Fixes #4286. diff --git a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md index 899f79aa08..4beebe240d 100644 --- a/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md +++ b/docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md @@ -1,7 +1,7 @@ -Remove suport for TLS 1.0, 1.1 and DLTS 1.0 +Remove suport for TLS 1.0, 1.1 and DTLS 1.0 ------------------------------------------- -This change affects users of the TLS 1.0, 1.1 and DTLS 1.0. +This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols. The versions of (D)TLS that are being removed are not as secure as the latest versions. Keeping them in the library creates opportunities for misconfiguration diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 8e6c1ee135..66cbd48e16 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2533,9 +2533,8 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, * \param ciphersuites 0-terminated list of allowed ciphersuites * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 * supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_1, - * MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) + * \param minor Minor version number (only MBEDTLS_SSL_MINOR_VERSION_3 + * supported) * * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 */ @@ -3203,7 +3202,7 @@ void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int mino * \note Input outside of the SSL_MAX_XXXXX_VERSION and * SSL_MIN_XXXXX_VERSION range is ignored. * - * \note With DTLS, MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 * * \param conf SSL configuration * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 supported) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index a5a12ceb20..1f1de2bfdf 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -72,7 +72,7 @@ #define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ -#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_1 +#define MBEDTLS_SSL_MIN_VALID_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 #define MBEDTLS_SSL_MIN_VALID_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 /* Determine maximum supported version */ @@ -113,13 +113,7 @@ * counter (8) + header (5) + IV(16) + MAC (16-48) + padding (0-256). */ -#if defined(MBEDTLS_SSL_PROTO_TLS1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_1) || \ - defined(MBEDTLS_SSL_PROTO_TLS1_2) -#define MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER -#endif - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER) +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) /* This macro determines whether CBC is supported. */ #if defined(MBEDTLS_CIPHER_MODE_CBC) && \ @@ -147,7 +141,7 @@ #define MBEDTLS_SSL_SOME_SUITES_USE_MAC #endif -#endif /* MBEDTLS_SSL_PROTO_TLS1_2_OR_EARLIER */ +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) /* Ciphersuites using HMAC */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index b629d79cb6..a75b9190ba 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -86,6 +86,70 @@ int mbedtls_ssl_check_timer( mbedtls_ssl_context *ssl ) return( 0 ); } +static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t len, + mbedtls_record *rec ); + +int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t buflen ) +{ + int ret = 0; + MBEDTLS_SSL_DEBUG_MSG( 1, ( "=> mbedtls_ssl_check_record" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "record buffer", buf, buflen ); + + /* We don't support record checking in TLS because + * (a) there doesn't seem to be a usecase for it, and + * (b) In TLS 1.0, CBC record decryption has state + * and we'd need to backup the transform here. + */ + if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_STREAM ) + { + ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; + goto exit; + } +#if defined(MBEDTLS_SSL_PROTO_DTLS) + else + { + mbedtls_record rec; + + ret = ssl_parse_record_header( ssl, buf, buflen, &rec ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 3, "ssl_parse_record_header", ret ); + goto exit; + } + + if( ssl->transform_in != NULL ) + { + ret = mbedtls_ssl_decrypt_buf( ssl, ssl->transform_in, &rec ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( 3, "mbedtls_ssl_decrypt_buf", ret ); + goto exit; + } + } + } +#endif /* MBEDTLS_SSL_PROTO_DTLS */ + +exit: + /* On success, we have decrypted the buffer in-place, so make + * sure we don't leak any plaintext data. */ + mbedtls_platform_zeroize( buf, buflen ); + + /* For the purpose of this API, treat messages with unexpected CID + * as well as such from future epochs as unexpected. */ + if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_CID || + ret == MBEDTLS_ERR_SSL_EARLY_MESSAGE ) + { + ret = MBEDTLS_ERR_SSL_UNEXPECTED_RECORD; + } + + MBEDTLS_SSL_DEBUG_MSG( 1, ( "<= mbedtls_ssl_check_record" ) ); + return( ret ); +} + #define SSL_DONT_FORCE_FLUSH 0 #define SSL_FORCE_FLUSH 1 @@ -4960,7 +5024,7 @@ int mbedtls_ssl_get_record_expansion( const mbedtls_ssl_context *ssl ) * more than the block size of the underlying cipher. */ transform_expansion += block_size; - /* For TLS 1.1 or higher, an explicit IV is added + /* For TLS 1.2 or higher, an explicit IV is added * after the record header. */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( ssl->minor_ver >= MBEDTLS_SSL_MINOR_VERSION_3 ) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index e2b2757d67..8f13a2cec0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3148,11 +3148,8 @@ curve_matching_done: /* * 2.1: Choose hash algorithm: - * A: For TLS 1.2, obey signature-hash-algorithm extension - * to choose appropriate hash. - * B: For TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1 - * (RFC 4492, Sec. 5.4) - * C: Otherwise, use MD5 + SHA1 (RFC 4346, Sec. 7.4.3) + * For TLS 1.2, obey signature-hash-algorithm extension + * to choose appropriate hash. */ mbedtls_md_type_t md_alg; @@ -3162,7 +3159,7 @@ curve_matching_done: mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ); if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { - /* A: For TLS 1.2, obey signature-hash-algorithm extension + /* For TLS 1.2, obey signature-hash-algorithm extension * (RFC 5246, Sec. 7.4.1.4.1). */ if( sig_alg == MBEDTLS_PK_NONE || ( md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, @@ -3175,11 +3172,11 @@ curve_matching_done: } } else -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ { - /* C: MD5 + SHA1 */ - md_alg = MBEDTLS_MD_NONE; + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } +#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %u for signing", (unsigned) md_alg ) ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index edb41efecc..e60c0726fc 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -961,7 +961,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, goto end; } -#if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) +#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC) #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if( minor_ver >= MBEDTLS_SSL_MINOR_VERSION_1 ) { diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index af86838e91..12b4bdf7e6 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1324,7 +1324,7 @@ int main( int argc, char *argv[] ) if( opt.min_version < ciphersuite_info->min_minor_ver ) { opt.min_version = ciphersuite_info->min_minor_ver; - /* for DTLS 1.2 */ + /* DTLS starts with TLS 1.2 */ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && opt.min_version < MBEDTLS_SSL_MINOR_VERSION_3 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 59cb834bad..1d49dc5cbf 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -2622,6 +2622,27 @@ run_test "Session resume using tickets, DTLS: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +run_test "Session resume using tickets, DTLS: openssl server" \ + "$O_SRV -dtls" \ + "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ + 0 \ + -c "client hello, adding session ticket extension" \ + -c "found session_ticket extension" \ + -c "parse new session ticket" \ + -c "a session has been resumed" + +run_test "Session resume using tickets, DTLS: openssl client" \ + "$P_SRV dtls=1 debug_level=3 tickets=1" \ + "( $O_CLI -dtls -sess_out $SESSION; \ + $O_CLI -dtls -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -s "server hello, adding session ticket extension" \ + -S "session successfully restored from cache" \ + -s "session successfully restored from ticket" \ + -s "a session has been resumed" + # Tests for Session Resume based on session-ID and cache run_test "Session resume using cache: tickets enabled on client" \ @@ -2810,6 +2831,26 @@ run_test "Session resume using cache, DTLS: session copy" \ -s "a session has been resumed" \ -c "a session has been resumed" +run_test "Session resume using cache, DTLS: openssl client" \ + "$P_SRV dtls=1 debug_level=3 tickets=0" \ + "( $O_CLI -dtls -sess_out $SESSION; \ + $O_CLI -dtls -sess_in $SESSION; \ + rm -f $SESSION )" \ + 0 \ + -s "found session ticket extension" \ + -S "server hello, adding session ticket extension" \ + -s "session successfully restored from cache" \ + -S "session successfully restored from ticket" \ + -s "a session has been resumed" + +run_test "Session resume using cache, DTLS: openssl server" \ + "$O_SRV -dtls" \ + "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ + 0 \ + -C "found session_ticket extension" \ + -C "parse new session ticket" \ + -c "a session has been resumed" + # Tests for Max Fragment Length extension if [ "$MAX_IN_LEN" -lt "4096" ]; then @@ -6623,6 +6664,34 @@ run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ -C "error" \ -s "Extra-header:" +run_test "DTLS reassembly: no fragmentation (openssl server)" \ + "$O_SRV -dtls -mtu 2048" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -C "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: some fragmentation (openssl server)" \ + "$O_SRV -dtls -mtu 768" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: more fragmentation (openssl server)" \ + "$O_SRV -dtls -mtu 256" \ + "$P_CLI dtls=1 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + +run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ + "$O_SRV -dtls -mtu 256" \ + "$P_CLI dtls=1 nbio=2 debug_level=2" \ + 0 \ + -c "found fragmented DTLS handshake message" \ + -C "error" + # Tests for sending fragmented handshake messages with DTLS # # Use client auth when we need the client to send large messages, @@ -7593,6 +7662,192 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \ -C "dumping 'received mki' (8 bytes)" \ -C "error" +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP all profiles supported. openssl client." \ + "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -s "found srtp profile" \ + -s "selected srtp profile" \ + -s "server hello, adding use_srtp extension" \ + -s "DTLS-SRTP key material is"\ + -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ + -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl client." \ + "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -s "found srtp profile" \ + -s "selected srtp profile" \ + -s "server hello, adding use_srtp extension" \ + -s "DTLS-SRTP key material is"\ + -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ + -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \ + "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -s "found srtp profile" \ + -s "selected srtp profile" \ + -s "server hello, adding use_srtp extension" \ + -s "DTLS-SRTP key material is"\ + -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ + -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \ + "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -s "found srtp profile" \ + -s "selected srtp profile" \ + -s "server hello, adding use_srtp extension" \ + -s "DTLS-SRTP key material is"\ + -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ + -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \ + "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -s "found srtp profile" \ + -s "selected srtp profile" \ + -s "server hello, adding use_srtp extension" \ + -s "DTLS-SRTP key material is"\ + -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ + -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \ + "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -s "found srtp profile" \ + -S "selected srtp profile" \ + -S "server hello, adding use_srtp extension" \ + -S "DTLS-SRTP key material is"\ + -C "SRTP Extension negotiated, profile" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \ + "$P_SRV dtls=1 debug_level=3" \ + "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + 0 \ + -s "found use_srtp extension" \ + -S "server hello, adding use_srtp extension" \ + -S "DTLS-SRTP key material is"\ + -C "SRTP Extension negotiated, profile" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP all profiles supported. openssl server" \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -c "found use_srtp extension" \ + -c "found srtp profile" \ + -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \ + -c "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl server." \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -c "found use_srtp extension" \ + -c "found srtp profile" \ + -c "selected srtp profile" \ + -c "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -c "found use_srtp extension" \ + -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ + -c "selected srtp profile" \ + -c "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -c "found use_srtp extension" \ + -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ + -c "selected srtp profile" \ + -c "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -c "found use_srtp extension" \ + -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ + -c "selected srtp profile" \ + -c "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -C "found use_srtp extension" \ + -C "found srtp profile" \ + -C "selected srtp profile" \ + -C "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \ + "$O_SRV -dtls" \ + "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -C "found use_srtp extension" \ + -C "found srtp profile" \ + -C "selected srtp profile" \ + -C "DTLS-SRTP key material is"\ + -C "error" + +requires_config_enabled MBEDTLS_SSL_DTLS_SRTP +run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \ + "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ + "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \ + 0 \ + -c "client hello, adding use_srtp extension" \ + -c "found use_srtp extension" \ + -c "found srtp profile" \ + -c "selected srtp profile" \ + -c "DTLS-SRTP key material is"\ + -c "DTLS-SRTP no mki value negotiated"\ + -c "dumping 'sending mki' (8 bytes)" \ + -C "dumping 'received mki' (8 bytes)" \ + -C "error" + requires_config_enabled MBEDTLS_SSL_DTLS_SRTP requires_gnutls run_test "DTLS-SRTP all profiles supported. gnutls client." \ From 9d1ce40898ec514533369f9ab0b12f69f197542d Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Mon, 24 May 2021 14:07:17 +0200 Subject: [PATCH 232/271] Additional corrections Signed-off-by: TRodziewicz --- ChangeLog.d/issue4286.txt | 4 ++-- include/mbedtls/ssl.h | 48 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt index 8fc1af266d..68eb66764f 100644 --- a/ChangeLog.d/issue4286.txt +++ b/ChangeLog.d/issue4286.txt @@ -7,5 +7,5 @@ Removals MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions: mbedtls_ssl_conf_cbc_record_splitting(), - mbedtls_ssl_get_key_exchange_md_ssl_tls(), - mbedtls_ssl_check_record(), mbedtls_ssl_conf_fallback(). Fixes #4286. + mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(). + Fixes #4286. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 66cbd48e16..bdc2b4797a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1825,6 +1825,54 @@ void mbedtls_ssl_set_verify( mbedtls_ssl_context *ssl, */ void mbedtls_ssl_conf_read_timeout( mbedtls_ssl_config *conf, uint32_t timeout ); +/** + * \brief Check whether a buffer contains a valid and authentic record + * that has not been seen before. (DTLS only). + * + * This function does not change the user-visible state + * of the SSL context. Its sole purpose is to provide + * an indication of the legitimacy of an incoming record. + * + * This can be useful e.g. in distributed server environments + * using the DTLS Connection ID feature, in which connections + * might need to be passed between service instances on a change + * of peer address, but where such disruptive operations should + * only happen after the validity of incoming records has been + * confirmed. + * + * \param ssl The SSL context to use. + * \param buf The address of the buffer holding the record to be checked. + * This must be a read/write buffer of length \p buflen Bytes. + * \param buflen The length of \p buf in Bytes. + * + * \note This routine only checks whether the provided buffer begins + * with a valid and authentic record that has not been seen + * before, but does not check potential data following the + * initial record. In particular, it is possible to pass DTLS + * datagrams containing multiple records, in which case only + * the first record is checked. + * + * \note This function modifies the input buffer \p buf. If you need + * to preserve the original record, you have to maintain a copy. + * + * \return \c 0 if the record is valid and authentic and has not been + * seen before. + * \return MBEDTLS_ERR_SSL_INVALID_MAC if the check completed + * successfully but the record was found to be not authentic. + * \return MBEDTLS_ERR_SSL_INVALID_RECORD if the check completed + * successfully but the record was found to be invalid for + * a reason different from authenticity checking. + * \return MBEDTLS_ERR_SSL_UNEXPECTED_RECORD if the check completed + * successfully but the record was found to be unexpected + * in the state of the SSL context, including replayed records. + * \return Another negative error code on different kinds of failure. + * In this case, the SSL context becomes unusable and needs + * to be freed or reset before reuse. + */ +int mbedtls_ssl_check_record( mbedtls_ssl_context const *ssl, + unsigned char *buf, + size_t buflen ); + /** * \brief Set the timer callbacks (Mandatory for DTLS.) * From 3ca92b182ce46c630304aafa1448a6863ac0ccb7 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Mon, 24 May 2021 14:11:39 +0100 Subject: [PATCH 233/271] Re-wording of Migration guide entry Commit re-words the migration guide entry as requested in review. Signed-off-by: Thomas Daubney --- .../remove-rsa-mode-parameter.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md index 406004f45d..2a849a30c7 100644 --- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md +++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md @@ -5,12 +5,12 @@ This affects all users who use the RSA encryption, decryption, sign and verify APIs. You must delete the mode parameter from your RSA function calls. -Using the correct modes are now the default and only behaviour, and this -cannot be changed. If you were using the mode parameter to specify the -wrong mode then this behaviour is no longer supported. For reference the -correct, supported modes are: Public keys for encryption and verification -functions and private keys for decryption and signing functions, but the -user does not have to specify this. +Using the correct mode is now the default behaviour. Encryption +and verification functions are now equivalent to their 2.x +counterparts with mode=MBEDTLS_RSA_PUBLIC. Decryption and signing +functions are now equivalent to their 2.x counterparts with +mode=MBEDTLS_RSA_PRIVATE. Note that the constants +MBEDTLS_RSA_PUBLIC and MBEDTLS_RSA_PRIVATE have been removed in 3.0. Remove the RNG parameter from RSA functions -------------------------------------------- From 59392b0075c7ad79572c04a51cca621fae8cab16 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 24 May 2021 22:58:37 +0200 Subject: [PATCH 234/271] Fix misplaced extern "C" affecting MBEDTLS_ARIA_ALT Reported via Mbed OS: https://github.com/ARMmbed/mbed-os/issues/14694 Signed-off-by: Gilles Peskine --- include/mbedtls/aria.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/aria.h b/include/mbedtls/aria.h index 7dd960f29a..e98414760d 100644 --- a/include/mbedtls/aria.h +++ b/include/mbedtls/aria.h @@ -51,14 +51,14 @@ #define MBEDTLS_ERR_ARIA_INVALID_INPUT_LENGTH -0x005E /**< Invalid data input length. */ -#if !defined(MBEDTLS_ARIA_ALT) -// Regular implementation -// - #ifdef __cplusplus extern "C" { #endif +#if !defined(MBEDTLS_ARIA_ALT) +// Regular implementation +// + /** * \brief The ARIA context-type definition. */ From be89fea1a7b2046c97a85a8328bc840616026a52 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 May 2021 09:17:22 +0200 Subject: [PATCH 235/271] ARIA: add missing context init/free This fixes the self-test with alternative implementations. Signed-off-by: Gilles Peskine --- library/aria.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/library/aria.c b/library/aria.c index 1875635522..a5786b37ab 100644 --- a/library/aria.c +++ b/library/aria.c @@ -921,7 +921,7 @@ static const uint8_t aria_test2_ctr_ct[3][48] = // CTR ciphertext { \ if( verbose ) \ mbedtls_printf( "failed\n" ); \ - return( 1 ); \ + goto exit; \ } else { \ if( verbose ) \ mbedtls_printf( "passed\n" ); \ @@ -935,6 +935,7 @@ int mbedtls_aria_self_test( int verbose ) int i; uint8_t blk[MBEDTLS_ARIA_BLOCKSIZE]; mbedtls_aria_context ctx; + int ret = 1; #if (defined(MBEDTLS_CIPHER_MODE_CFB) || defined(MBEDTLS_CIPHER_MODE_CTR)) size_t j; @@ -946,6 +947,8 @@ int mbedtls_aria_self_test( int verbose ) uint8_t buf[48], iv[MBEDTLS_ARIA_BLOCKSIZE]; #endif + mbedtls_aria_init( &ctx ); + /* * Test set 1 */ @@ -1065,7 +1068,11 @@ int mbedtls_aria_self_test( int verbose ) mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CTR */ - return( 0 ); + ret = 0; + +exit: + mbedtls_aria_free( &ctx ); + return( ret ); } #endif /* MBEDTLS_SELF_TEST */ From c537aa83f42f537eeb7dc2818a28849298de2e9e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 May 2021 09:17:46 +0200 Subject: [PATCH 236/271] CAMELLIA: add missing context init/free This fixes the self-test with alternative implementations. Signed-off-by: Gilles Peskine --- library/camellia.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/library/camellia.c b/library/camellia.c index d60f931880..f7e013611b 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -942,9 +942,11 @@ int mbedtls_camellia_self_test( int verbose ) unsigned char nonce_counter[16]; unsigned char stream_block[16]; #endif + int ret = 1; mbedtls_camellia_context ctx; + mbedtls_camellia_init( &ctx ); memset( key, 0, 32 ); for( j = 0; j < 6; j++ ) { @@ -974,8 +976,7 @@ int mbedtls_camellia_self_test( int verbose ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); - - return( 1 ); + goto exit; } } @@ -1027,8 +1028,7 @@ int mbedtls_camellia_self_test( int verbose ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); - - return( 1 ); + goto exit; } } @@ -1071,8 +1071,7 @@ int mbedtls_camellia_self_test( int verbose ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); - - return( 1 ); + goto exit; } } else @@ -1087,8 +1086,7 @@ int mbedtls_camellia_self_test( int verbose ) { if( verbose != 0 ) mbedtls_printf( "failed\n" ); - - return( 1 ); + goto exit; } } @@ -1100,7 +1098,11 @@ int mbedtls_camellia_self_test( int verbose ) mbedtls_printf( "\n" ); #endif /* MBEDTLS_CIPHER_MODE_CTR */ - return( 0 ); + ret = 0; + +exit: + mbedtls_camellia_free( &ctx ); + return( ret ); } #endif /* MBEDTLS_SELF_TEST */ From 0e1f05d34bf8c0bf2729188a32efa8743d0a9a03 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 25 May 2021 09:28:54 +0200 Subject: [PATCH 237/271] Changelog entry for the ARIA_ALT and CAMELLIA_ALT fixes Fix ARMmbed/mbed-os#14694 Signed-off-by: Gilles Peskine --- ChangeLog.d/aria-alt.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/aria-alt.txt diff --git a/ChangeLog.d/aria-alt.txt b/ChangeLog.d/aria-alt.txt new file mode 100644 index 0000000000..20aaa2b71d --- /dev/null +++ b/ChangeLog.d/aria-alt.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix some issues affecting MBEDTLS_ARIA_ALT implementations: a misplaced + directive in a header and a missing initialization in the self-test. + * Fix a missing initialization in the Camellia self-test, affecting + MBEDTLS_CAMELLIA_ALT implementations. From 6f966112c7c90c461cc6646305ef74ebd4c06cfd Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 25 May 2021 15:00:19 +0100 Subject: [PATCH 238/271] Corrections to ChangeLog and Migration guide Corrections to address wording of ChangeLog and Migration guide. Signed-off-by: Thomas Daubney --- ChangeLog.d/remove-rsa-mode-parameter.txt | 11 +++++- .../remove-rsa-mode-parameter.md | 34 +++++++++++-------- 2 files changed, 30 insertions(+), 15 deletions(-) diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt index b7c6f327f8..6b32f65506 100644 --- a/ChangeLog.d/remove-rsa-mode-parameter.txt +++ b/ChangeLog.d/remove-rsa-mode-parameter.txt @@ -1,6 +1,15 @@ +Removals + * The RSA module no longer supports private-key operations with the public + key and vice versa. This change only affects applications which use the + wrong mode. In this case the wrong mode is to use mode=MBEDTLS_RSA_PUBLIC + with decryption and signing functions and mode=MBEDTLS_RSA_PRIVATE with + encryption and verification functions. Addresses issue #4278. API changes * Remove mode parameter from RSA functions. All encryption, decryption, sign and verify functions are affected. Also removes the RNG parameters from the RSA verify functions. Existing user code which utilises these RSA functions must - remove the mode parameter. Fixes #4278. + remove the mode parameter. + * RNG is now mandatory for all private-key RSA operations. Existing user code + which does not use an RNG with private-key RSA functions must now be + updated to do so. diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md index 2a849a30c7..e400650dd0 100644 --- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md +++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md @@ -4,20 +4,26 @@ Remove the mode parameter from RSA functions This affects all users who use the RSA encryption, decryption, sign and verify APIs. -You must delete the mode parameter from your RSA function calls. -Using the correct mode is now the default behaviour. Encryption -and verification functions are now equivalent to their 2.x -counterparts with mode=MBEDTLS_RSA_PUBLIC. Decryption and signing -functions are now equivalent to their 2.x counterparts with -mode=MBEDTLS_RSA_PRIVATE. Note that the constants -MBEDTLS_RSA_PUBLIC and MBEDTLS_RSA_PRIVATE have been removed in 3.0. +The RSA module no longer supports private-key operations with the public key or +vice versa. As a consequence, RSA operation functions no longer have a mode +parameter. If you were calling RSA operations with the normal mode (public key +for verification or encryption, private key for signature or decryption), remove +the `MBEDTLS_MODE_PUBLIC` or `MBEDTLS_MODE_PRIVATE` argument. If you were calling +RSA operations with the wrong mode, which rarely makes sense from a security +perspective, this is no longer supported. -Remove the RNG parameter from RSA functions --------------------------------------------- +Remove the RNG parameter from RSA verify functions +-------------------------------------------------- -This affects all users who use the RSA verify functions. +RSA verification functions also no longer take random generator arguments (this +was only needed when using a private key). This affects all applications using +the RSA verify functions. -If you were using the RNG parameters then you must remove -them from your function calls. Since using the wrong mode -is no longer supported, the RNG parameters namely f_rng -and p_rng are no longer needed. +RNG is now mandatory in all RSA private key operations +------------------------------------------------------ + +The random generator is now mandatory for blinding in all RSA private-key +operations (`mbedtls_rsa_private`, `mbedtls_rsa_xxx_sign`, +`mbedtls_rsa_xxx_decrypt`) as well as for encryption +(`mbedtls_rsa_xxx_encrypt`). This means that passing a null `f_rng` is no longer +supported. From 731b952b692564c23b69ab9284e4981daf222334 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 25 May 2021 16:26:24 +0100 Subject: [PATCH 239/271] Additional corrections to ChangeLog Commit makes further corrections to the wording in the ChangeLog entry. Signed-off-by: Thomas Daubney --- ChangeLog.d/remove-rsa-mode-parameter.txt | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt index 6b32f65506..854dda34b2 100644 --- a/ChangeLog.d/remove-rsa-mode-parameter.txt +++ b/ChangeLog.d/remove-rsa-mode-parameter.txt @@ -1,15 +1,9 @@ Removals * The RSA module no longer supports private-key operations with the public - key and vice versa. This change only affects applications which use the - wrong mode. In this case the wrong mode is to use mode=MBEDTLS_RSA_PUBLIC - with decryption and signing functions and mode=MBEDTLS_RSA_PRIVATE with - encryption and verification functions. Addresses issue #4278. + key and vice versa. API changes - * Remove mode parameter from RSA functions. All encryption, - decryption, sign and verify functions are affected. Also - removes the RNG parameters from the RSA verify functions. - Existing user code which utilises these RSA functions must - remove the mode parameter. - * RNG is now mandatory for all private-key RSA operations. Existing user code - which does not use an RNG with private-key RSA functions must now be - updated to do so. + * Remove the mode parameter from RSA operation functions. Signature and + decryption functions now always use the private key and verification and + encryption use the public key. Verification functions also no longer have + RNG parameters. + * The RNG is now mandatory for all private-key RSA operations. From c893a570a8e65fc6ee3aecae00b1e632d872a96a Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 17 Mar 2021 13:45:32 +0100 Subject: [PATCH 240/271] Fix copypasta in documentation Signed-off-by: Gilles Peskine --- tests/scripts/test_psa_constant_names.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index b3fdb8d994..15b83d8e85 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -365,7 +365,7 @@ def main(): help='Program to test') parser.add_argument('--show', action='store_true', - help='Keep the intermediate C file') + help='Show tested values on stdout') parser.add_argument('--no-show', action='store_false', dest='show', help='Don\'t show tested values (default)') From 95649ed779a17ca630fc01d03e5c26006871b12b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 29 Mar 2021 20:37:40 +0200 Subject: [PATCH 241/271] Add type annotations Prepare to move InputsForTest to macro_collector.py. Signed-off-by: Gilles Peskine --- tests/scripts/test_psa_constant_names.py | 80 ++++++++++++++---------- 1 file changed, 46 insertions(+), 34 deletions(-) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 15b83d8e85..237a344eb1 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -28,13 +28,15 @@ import os import re import subprocess import sys +from typing import Dict, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union import scripts_path # pylint: disable=unused-import from mbedtls_dev import c_build_helper -from mbedtls_dev import macro_collector +from mbedtls_dev.macro_collector import PSAMacroEnumerator +from mbedtls_dev import typing_util class ReadFileLineException(Exception): - def __init__(self, filename, line_number): + def __init__(self, filename: str, line_number: Union[int, str]) -> None: message = 'in {} at {}'.format(filename, line_number) super(ReadFileLineException, self).__init__(message) self.filename = filename @@ -59,36 +61,37 @@ class read_file_lines: except that if process(line) raises an exception, then the read_file_lines snippet annotates the exception with the file name and line number. """ - def __init__(self, filename, binary=False): + def __init__(self, filename: str, binary: bool = False) -> None: self.filename = filename - self.line_number = 'entry' - self.generator = None + self.line_number = 'entry' #type: Union[int, str] + self.generator = None #type: Optional[Iterable[Tuple[int, str]]] self.binary = binary - def __enter__(self): + def __enter__(self) -> 'read_file_lines': self.generator = enumerate(open(self.filename, 'rb' if self.binary else 'r')) return self - def __iter__(self): + def __iter__(self) -> Iterator[str]: + assert self.generator is not None for line_number, content in self.generator: self.line_number = line_number yield content self.line_number = 'exit' - def __exit__(self, exc_type, exc_value, exc_traceback): + def __exit__(self, exc_type, exc_value, exc_traceback) -> None: if exc_type is not None: raise ReadFileLineException(self.filename, self.line_number) \ from exc_value -class InputsForTest(macro_collector.PSAMacroEnumerator): +class InputsForTest(PSAMacroEnumerator): # pylint: disable=too-many-instance-attributes """Accumulate information about macros to test. - +enumerate This includes macro names as well as information about their arguments when applicable. """ - def __init__(self): + def __init__(self) -> None: super().__init__() - self.all_declared = set() + self.all_declared = set() #type: Set[str] # Sets of names per type self.statuses.add('PSA_SUCCESS') self.algorithms.add('0xffffffff') @@ -118,7 +121,7 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): 'DH_GROUP': self.dh_groups, 'KEY_TYPE': self.key_types, 'KEY_USAGE': self.key_usage_flags, - } + } #type: Dict[str, Set[str]] # Test functions self.table_by_test_function = { # Any function ending in _algorithm also gets added to @@ -141,13 +144,13 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): 'asymmetric_signature_wildcard': [self.algorithms], 'asymmetric_encryption_algorithm': [], 'other_algorithm': [], - } + } #type: Dict[str, List[Set[str]]] self.arguments_for['mac_length'] += ['1', '63'] self.arguments_for['min_mac_length'] += ['1', '63'] self.arguments_for['tag_length'] += ['1', '63'] self.arguments_for['min_tag_length'] += ['1', '63'] - def get_names(self, type_word): + def get_names(self, type_word: str) -> Set[str]: """Return the set of known names of values of the given type.""" return { 'status': self.statuses, @@ -176,7 +179,7 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): # auxiliary macros. 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE', ]) - def parse_header_line(self, line): + def parse_header_line(self, line: str) -> None: """Parse a C header line, looking for "#define PSA_xxx".""" m = re.match(self._header_line_re, line) if not m: @@ -193,8 +196,8 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): if m.group(3): self.argspecs[name] = self._argument_split(m.group(3)) - _nonascii_re = re.compile(rb'[^\x00-\x7f]+') - def parse_header(self, filename): + _nonascii_re = re.compile(rb'[^\x00-\x7f]+') #type: Pattern + def parse_header(self, filename: str) -> None: """Parse a C header file, looking for "#define PSA_xxx".""" with read_file_lines(filename, binary=True) as lines: for line in lines: @@ -202,19 +205,19 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): self.parse_header_line(line) _macro_identifier_re = re.compile(r'[A-Z]\w+') - def generate_undeclared_names(self, expr): + def generate_undeclared_names(self, expr: str) -> Iterable[str]: for name in re.findall(self._macro_identifier_re, expr): if name not in self.all_declared: yield name - def accept_test_case_line(self, function, argument): + def accept_test_case_line(self, function: str, argument: str) -> bool: #pylint: disable=unused-argument undeclared = list(self.generate_undeclared_names(argument)) if undeclared: raise Exception('Undeclared names in test case', undeclared) return True - def add_test_case_line(self, function, argument): + def add_test_case_line(self, function: str, argument: str) -> None: """Parse a test case data line, looking for algorithm metadata tests.""" sets = [] if function.endswith('_algorithm'): @@ -234,7 +237,7 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): # its arguments. The actual definition is partly positional, but this # regex is good enough in practice. _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)') - def parse_test_cases(self, filename): + def parse_test_cases(self, filename: str) -> None: """Parse a test case file (*.data), looking for algorithm metadata tests.""" with read_file_lines(filename) as lines: for line in lines: @@ -242,7 +245,9 @@ class InputsForTest(macro_collector.PSAMacroEnumerator): if m: self.add_test_case_line(m.group(1), m.group(2)) -def gather_inputs(headers, test_suites, inputs_class=InputsForTest): +def gather_inputs(headers: Iterable[str], + test_suites: Iterable[str], + inputs_class=InputsForTest) -> PSAMacroEnumerator: """Read the list of inputs to test psa_constant_names with.""" inputs = inputs_class() for header in headers: @@ -252,7 +257,10 @@ def gather_inputs(headers, test_suites, inputs_class=InputsForTest): inputs.gather_arguments() return inputs -def run_c(type_word, expressions, include_path=None, keep_c=False): +def run_c(type_word: str, + expressions: Iterable[str], + include_path: Optional[str] = None, + keep_c: bool = False) -> List[str]: """Generate and run a program to print out numerical values of C expressions.""" if type_word == 'status': cast_to = 'long' @@ -271,14 +279,17 @@ def run_c(type_word, expressions, include_path=None, keep_c=False): ) NORMALIZE_STRIP_RE = re.compile(r'\s+') -def normalize(expr): +def normalize(expr: str) -> str: """Normalize the C expression so as not to care about trivial differences. Currently "trivial differences" means whitespace. """ return re.sub(NORMALIZE_STRIP_RE, '', expr) -def collect_values(inputs, type_word, include_path=None, keep_c=False): +def collect_values(inputs: InputsForTest, + type_word: str, + include_path: Optional[str] = None, + keep_c: bool = False) -> Tuple[List[str], List[str]]: """Generate expressions using known macro names and calculate their values. Return a list of pairs of (expr, value) where expr is an expression and @@ -296,12 +307,12 @@ class Tests: Error = namedtuple('Error', ['type', 'expression', 'value', 'output']) - def __init__(self, options): + def __init__(self, options) -> None: self.options = options self.count = 0 - self.errors = [] + self.errors = [] #type: List[Tests.Error] - def run_one(self, inputs, type_word): + def run_one(self, inputs: InputsForTest, type_word: str) -> None: """Test psa_constant_names for the specified type. Run the program on the names for this type. @@ -311,9 +322,10 @@ class Tests: expressions, values = collect_values(inputs, type_word, include_path=self.options.include, keep_c=self.options.keep_c) - output = subprocess.check_output([self.options.program, type_word] + - values) - outputs = output.decode('ascii').strip().split('\n') + output_bytes = subprocess.check_output([self.options.program, + type_word] + values) + output = output_bytes.decode('ascii') + outputs = output.strip().split('\n') self.count += len(expressions) for expr, value, output in zip(expressions, values, outputs): if self.options.show: @@ -324,13 +336,13 @@ class Tests: value=value, output=output)) - def run_all(self, inputs): + def run_all(self, inputs: InputsForTest) -> None: """Run psa_constant_names on all the gathered inputs.""" for type_word in ['status', 'algorithm', 'ecc_curve', 'dh_group', 'key_type', 'key_usage']: self.run_one(inputs, type_word) - def report(self, out): + def report(self, out: typing_util.Writable) -> None: """Describe each case where the output is not as expected. Write the errors to ``out``. From b4edff9cd8b8ed5ab524bbdd737d53d5d522ceef Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Mar 2021 19:09:05 +0200 Subject: [PATCH 242/271] Move InputsForTest to macro_collector.py This is useful to generate PSA tests for more than constant names. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 215 ++++++++++++++++++++++- tests/scripts/test_psa_constant_names.py | 214 +--------------------- 2 files changed, 216 insertions(+), 213 deletions(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index a2192baf48..0c9a9a5b2e 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -18,7 +18,55 @@ import itertools import re -from typing import Dict, Iterable, Iterator, List, Set +from typing import Dict, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union + + +class ReadFileLineException(Exception): + def __init__(self, filename: str, line_number: Union[int, str]) -> None: + message = 'in {} at {}'.format(filename, line_number) + super(ReadFileLineException, self).__init__(message) + self.filename = filename + self.line_number = line_number + + +class read_file_lines: + # Dear Pylint, conventionally, a context manager class name is lowercase. + # pylint: disable=invalid-name,too-few-public-methods + """Context manager to read a text file line by line. + + ``` + with read_file_lines(filename) as lines: + for line in lines: + process(line) + ``` + is equivalent to + ``` + with open(filename, 'r') as input_file: + for line in input_file: + process(line) + ``` + except that if process(line) raises an exception, then the read_file_lines + snippet annotates the exception with the file name and line number. + """ + def __init__(self, filename: str, binary: bool = False) -> None: + self.filename = filename + self.line_number = 'entry' #type: Union[int, str] + self.generator = None #type: Optional[Iterable[Tuple[int, str]]] + self.binary = binary + def __enter__(self) -> 'read_file_lines': + self.generator = enumerate(open(self.filename, + 'rb' if self.binary else 'r')) + return self + def __iter__(self) -> Iterator[str]: + assert self.generator is not None + for line_number, content in self.generator: + self.line_number = line_number + yield content + self.line_number = 'exit' + def __exit__(self, exc_type, exc_value, exc_traceback) -> None: + if exc_type is not None: + raise ReadFileLineException(self.filename, self.line_number) \ + from exc_value class PSAMacroEnumerator: @@ -251,3 +299,168 @@ class PSAMacroCollector(PSAMacroEnumerator): m = re.search(self._continued_line_re, line) line = re.sub(self._nonascii_re, rb'', line).decode('ascii') self.read_line(line) + + +class InputsForTest(PSAMacroEnumerator): + # pylint: disable=too-many-instance-attributes + """Accumulate information about macros to test. +enumerate + This includes macro names as well as information about their arguments + when applicable. + """ + + def __init__(self) -> None: + super().__init__() + self.all_declared = set() #type: Set[str] + # Sets of names per type + self.statuses.add('PSA_SUCCESS') + self.algorithms.add('0xffffffff') + self.ecc_curves.add('0xff') + self.dh_groups.add('0xff') + self.key_types.add('0xffff') + self.key_usage_flags.add('0x80000000') + + # Hard-coded values for unknown algorithms + # + # These have to have values that are correct for their respective + # PSA_ALG_IS_xxx macros, but are also not currently assigned and are + # not likely to be assigned in the near future. + self.hash_algorithms.add('0x020000fe') # 0x020000ff is PSA_ALG_ANY_HASH + self.mac_algorithms.add('0x03007fff') + self.ka_algorithms.add('0x09fc0000') + self.kdf_algorithms.add('0x080000ff') + # For AEAD algorithms, the only variability is over the tag length, + # and this only applies to known algorithms, so don't test an + # unknown algorithm. + + # Identifier prefixes + self.table_by_prefix = { + 'ERROR': self.statuses, + 'ALG': self.algorithms, + 'ECC_CURVE': self.ecc_curves, + 'DH_GROUP': self.dh_groups, + 'KEY_TYPE': self.key_types, + 'KEY_USAGE': self.key_usage_flags, + } #type: Dict[str, Set[str]] + # Test functions + self.table_by_test_function = { + # Any function ending in _algorithm also gets added to + # self.algorithms. + 'key_type': [self.key_types], + 'block_cipher_key_type': [self.key_types], + 'stream_cipher_key_type': [self.key_types], + 'ecc_key_family': [self.ecc_curves], + 'ecc_key_types': [self.ecc_curves], + 'dh_key_family': [self.dh_groups], + 'dh_key_types': [self.dh_groups], + 'hash_algorithm': [self.hash_algorithms], + 'mac_algorithm': [self.mac_algorithms], + 'cipher_algorithm': [], + 'hmac_algorithm': [self.mac_algorithms], + 'aead_algorithm': [self.aead_algorithms], + 'key_derivation_algorithm': [self.kdf_algorithms], + 'key_agreement_algorithm': [self.ka_algorithms], + 'asymmetric_signature_algorithm': [], + 'asymmetric_signature_wildcard': [self.algorithms], + 'asymmetric_encryption_algorithm': [], + 'other_algorithm': [], + } #type: Dict[str, List[Set[str]]] + self.arguments_for['mac_length'] += ['1', '63'] + self.arguments_for['min_mac_length'] += ['1', '63'] + self.arguments_for['tag_length'] += ['1', '63'] + self.arguments_for['min_tag_length'] += ['1', '63'] + + def get_names(self, type_word: str) -> Set[str]: + """Return the set of known names of values of the given type.""" + return { + 'status': self.statuses, + 'algorithm': self.algorithms, + 'ecc_curve': self.ecc_curves, + 'dh_group': self.dh_groups, + 'key_type': self.key_types, + 'key_usage': self.key_usage_flags, + }[type_word] + + # Regex for interesting header lines. + # Groups: 1=macro name, 2=type, 3=argument list (optional). + _header_line_re = \ + re.compile(r'#define +' + + r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' + + r'(?:\(([^\n()]*)\))?') + # Regex of macro names to exclude. + _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') + # Additional excluded macros. + _excluded_names = set([ + # Macros that provide an alternative way to build the same + # algorithm as another macro. + 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG', + 'PSA_ALG_FULL_LENGTH_MAC', + # Auxiliary macro whose name doesn't fit the usual patterns for + # auxiliary macros. + 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE', + ]) + def parse_header_line(self, line: str) -> None: + """Parse a C header line, looking for "#define PSA_xxx".""" + m = re.match(self._header_line_re, line) + if not m: + return + name = m.group(1) + self.all_declared.add(name) + if re.search(self._excluded_name_re, name) or \ + name in self._excluded_names: + return + dest = self.table_by_prefix.get(m.group(2)) + if dest is None: + return + dest.add(name) + if m.group(3): + self.argspecs[name] = self._argument_split(m.group(3)) + + _nonascii_re = re.compile(rb'[^\x00-\x7f]+') #type: Pattern + def parse_header(self, filename: str) -> None: + """Parse a C header file, looking for "#define PSA_xxx".""" + with read_file_lines(filename, binary=True) as lines: + for line in lines: + line = re.sub(self._nonascii_re, rb'', line).decode('ascii') + self.parse_header_line(line) + + _macro_identifier_re = re.compile(r'[A-Z]\w+') + def generate_undeclared_names(self, expr: str) -> Iterable[str]: + for name in re.findall(self._macro_identifier_re, expr): + if name not in self.all_declared: + yield name + + def accept_test_case_line(self, function: str, argument: str) -> bool: + #pylint: disable=unused-argument + undeclared = list(self.generate_undeclared_names(argument)) + if undeclared: + raise Exception('Undeclared names in test case', undeclared) + return True + + def add_test_case_line(self, function: str, argument: str) -> None: + """Parse a test case data line, looking for algorithm metadata tests.""" + sets = [] + if function.endswith('_algorithm'): + sets.append(self.algorithms) + if function == 'key_agreement_algorithm' and \ + argument.startswith('PSA_ALG_KEY_AGREEMENT('): + # We only want *raw* key agreement algorithms as such, so + # exclude ones that are already chained with a KDF. + # Keep the expression as one to test as an algorithm. + function = 'other_algorithm' + sets += self.table_by_test_function[function] + if self.accept_test_case_line(function, argument): + for s in sets: + s.add(argument) + + # Regex matching a *.data line containing a test function call and + # its arguments. The actual definition is partly positional, but this + # regex is good enough in practice. + _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)') + def parse_test_cases(self, filename: str) -> None: + """Parse a test case file (*.data), looking for algorithm metadata tests.""" + with read_file_lines(filename) as lines: + for line in lines: + m = re.match(self._test_case_line_re, line) + if m: + self.add_test_case_line(m.group(1), m.group(2)) diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 237a344eb1..c6f23054cf 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -28,223 +28,13 @@ import os import re import subprocess import sys -from typing import Dict, Iterable, Iterator, List, Optional, Pattern, Set, Tuple, Union +from typing import Iterable, List, Optional, Tuple import scripts_path # pylint: disable=unused-import from mbedtls_dev import c_build_helper -from mbedtls_dev.macro_collector import PSAMacroEnumerator +from mbedtls_dev.macro_collector import InputsForTest, PSAMacroEnumerator from mbedtls_dev import typing_util -class ReadFileLineException(Exception): - def __init__(self, filename: str, line_number: Union[int, str]) -> None: - message = 'in {} at {}'.format(filename, line_number) - super(ReadFileLineException, self).__init__(message) - self.filename = filename - self.line_number = line_number - -class read_file_lines: - # Dear Pylint, conventionally, a context manager class name is lowercase. - # pylint: disable=invalid-name,too-few-public-methods - """Context manager to read a text file line by line. - - ``` - with read_file_lines(filename) as lines: - for line in lines: - process(line) - ``` - is equivalent to - ``` - with open(filename, 'r') as input_file: - for line in input_file: - process(line) - ``` - except that if process(line) raises an exception, then the read_file_lines - snippet annotates the exception with the file name and line number. - """ - def __init__(self, filename: str, binary: bool = False) -> None: - self.filename = filename - self.line_number = 'entry' #type: Union[int, str] - self.generator = None #type: Optional[Iterable[Tuple[int, str]]] - self.binary = binary - def __enter__(self) -> 'read_file_lines': - self.generator = enumerate(open(self.filename, - 'rb' if self.binary else 'r')) - return self - def __iter__(self) -> Iterator[str]: - assert self.generator is not None - for line_number, content in self.generator: - self.line_number = line_number - yield content - self.line_number = 'exit' - def __exit__(self, exc_type, exc_value, exc_traceback) -> None: - if exc_type is not None: - raise ReadFileLineException(self.filename, self.line_number) \ - from exc_value - -class InputsForTest(PSAMacroEnumerator): - # pylint: disable=too-many-instance-attributes - """Accumulate information about macros to test. -enumerate - This includes macro names as well as information about their arguments - when applicable. - """ - - def __init__(self) -> None: - super().__init__() - self.all_declared = set() #type: Set[str] - # Sets of names per type - self.statuses.add('PSA_SUCCESS') - self.algorithms.add('0xffffffff') - self.ecc_curves.add('0xff') - self.dh_groups.add('0xff') - self.key_types.add('0xffff') - self.key_usage_flags.add('0x80000000') - - # Hard-coded values for unknown algorithms - # - # These have to have values that are correct for their respective - # PSA_ALG_IS_xxx macros, but are also not currently assigned and are - # not likely to be assigned in the near future. - self.hash_algorithms.add('0x020000fe') # 0x020000ff is PSA_ALG_ANY_HASH - self.mac_algorithms.add('0x03007fff') - self.ka_algorithms.add('0x09fc0000') - self.kdf_algorithms.add('0x080000ff') - # For AEAD algorithms, the only variability is over the tag length, - # and this only applies to known algorithms, so don't test an - # unknown algorithm. - - # Identifier prefixes - self.table_by_prefix = { - 'ERROR': self.statuses, - 'ALG': self.algorithms, - 'ECC_CURVE': self.ecc_curves, - 'DH_GROUP': self.dh_groups, - 'KEY_TYPE': self.key_types, - 'KEY_USAGE': self.key_usage_flags, - } #type: Dict[str, Set[str]] - # Test functions - self.table_by_test_function = { - # Any function ending in _algorithm also gets added to - # self.algorithms. - 'key_type': [self.key_types], - 'block_cipher_key_type': [self.key_types], - 'stream_cipher_key_type': [self.key_types], - 'ecc_key_family': [self.ecc_curves], - 'ecc_key_types': [self.ecc_curves], - 'dh_key_family': [self.dh_groups], - 'dh_key_types': [self.dh_groups], - 'hash_algorithm': [self.hash_algorithms], - 'mac_algorithm': [self.mac_algorithms], - 'cipher_algorithm': [], - 'hmac_algorithm': [self.mac_algorithms], - 'aead_algorithm': [self.aead_algorithms], - 'key_derivation_algorithm': [self.kdf_algorithms], - 'key_agreement_algorithm': [self.ka_algorithms], - 'asymmetric_signature_algorithm': [], - 'asymmetric_signature_wildcard': [self.algorithms], - 'asymmetric_encryption_algorithm': [], - 'other_algorithm': [], - } #type: Dict[str, List[Set[str]]] - self.arguments_for['mac_length'] += ['1', '63'] - self.arguments_for['min_mac_length'] += ['1', '63'] - self.arguments_for['tag_length'] += ['1', '63'] - self.arguments_for['min_tag_length'] += ['1', '63'] - - def get_names(self, type_word: str) -> Set[str]: - """Return the set of known names of values of the given type.""" - return { - 'status': self.statuses, - 'algorithm': self.algorithms, - 'ecc_curve': self.ecc_curves, - 'dh_group': self.dh_groups, - 'key_type': self.key_types, - 'key_usage': self.key_usage_flags, - }[type_word] - - # Regex for interesting header lines. - # Groups: 1=macro name, 2=type, 3=argument list (optional). - _header_line_re = \ - re.compile(r'#define +' + - r'(PSA_((?:(?:DH|ECC|KEY)_)?[A-Z]+)_\w+)' + - r'(?:\(([^\n()]*)\))?') - # Regex of macro names to exclude. - _excluded_name_re = re.compile(r'_(?:GET|IS|OF)_|_(?:BASE|FLAG|MASK)\Z') - # Additional excluded macros. - _excluded_names = set([ - # Macros that provide an alternative way to build the same - # algorithm as another macro. - 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG', - 'PSA_ALG_FULL_LENGTH_MAC', - # Auxiliary macro whose name doesn't fit the usual patterns for - # auxiliary macros. - 'PSA_ALG_AEAD_WITH_DEFAULT_LENGTH_TAG_CASE', - ]) - def parse_header_line(self, line: str) -> None: - """Parse a C header line, looking for "#define PSA_xxx".""" - m = re.match(self._header_line_re, line) - if not m: - return - name = m.group(1) - self.all_declared.add(name) - if re.search(self._excluded_name_re, name) or \ - name in self._excluded_names: - return - dest = self.table_by_prefix.get(m.group(2)) - if dest is None: - return - dest.add(name) - if m.group(3): - self.argspecs[name] = self._argument_split(m.group(3)) - - _nonascii_re = re.compile(rb'[^\x00-\x7f]+') #type: Pattern - def parse_header(self, filename: str) -> None: - """Parse a C header file, looking for "#define PSA_xxx".""" - with read_file_lines(filename, binary=True) as lines: - for line in lines: - line = re.sub(self._nonascii_re, rb'', line).decode('ascii') - self.parse_header_line(line) - - _macro_identifier_re = re.compile(r'[A-Z]\w+') - def generate_undeclared_names(self, expr: str) -> Iterable[str]: - for name in re.findall(self._macro_identifier_re, expr): - if name not in self.all_declared: - yield name - - def accept_test_case_line(self, function: str, argument: str) -> bool: - #pylint: disable=unused-argument - undeclared = list(self.generate_undeclared_names(argument)) - if undeclared: - raise Exception('Undeclared names in test case', undeclared) - return True - - def add_test_case_line(self, function: str, argument: str) -> None: - """Parse a test case data line, looking for algorithm metadata tests.""" - sets = [] - if function.endswith('_algorithm'): - sets.append(self.algorithms) - if function == 'key_agreement_algorithm' and \ - argument.startswith('PSA_ALG_KEY_AGREEMENT('): - # We only want *raw* key agreement algorithms as such, so - # exclude ones that are already chained with a KDF. - # Keep the expression as one to test as an algorithm. - function = 'other_algorithm' - sets += self.table_by_test_function[function] - if self.accept_test_case_line(function, argument): - for s in sets: - s.add(argument) - - # Regex matching a *.data line containing a test function call and - # its arguments. The actual definition is partly positional, but this - # regex is good enough in practice. - _test_case_line_re = re.compile(r'(?!depends_on:)(\w+):([^\n :][^:\n]*)') - def parse_test_cases(self, filename: str) -> None: - """Parse a test case file (*.data), looking for algorithm metadata tests.""" - with read_file_lines(filename) as lines: - for line in lines: - m = re.match(self._test_case_line_re, line) - if m: - self.add_test_case_line(m.group(1), m.group(2)) - def gather_inputs(headers: Iterable[str], test_suites: Iterable[str], inputs_class=InputsForTest) -> PSAMacroEnumerator: From 3d404b8a1026b6a152b1e18b9f512fc180a2ecb5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 30 Mar 2021 21:46:35 +0200 Subject: [PATCH 243/271] Use InputsForTest in generate_psa_tests In generate_psa_tests, use InputsForTest rather than PSAMacroCollector to gather values. This way, the enumeration of values to test includes values used in metadata tests in addition to constructors parsed from header files. This allows greater coverage of values built from constructors with arguments. This doesn't make a difference yet, but it will once algorithm constructors with arguments are supported in generate_psa_tests. Make the injection of numerical values optional. They are useful for test_psa_constant_names, so keep them there. Don't use them for not-supported tests: they might make sense, but the current code wouldn't work since it doesn't know how to make up fake key material or what dependencies to generate. Don't use them for storage tests: they only make sense for supported values. Don't inject 'PSA_SUCCESS': that's superfluous. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 45 ++++++++++++------------ tests/scripts/generate_psa_tests.py | 3 +- tests/scripts/test_psa_constant_names.py | 1 + 3 files changed, 26 insertions(+), 23 deletions(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 0c9a9a5b2e..f5f81c8a45 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -301,7 +301,7 @@ class PSAMacroCollector(PSAMacroEnumerator): self.read_line(line) -class InputsForTest(PSAMacroEnumerator): +class InputsForTest(PSAMacroCollector): # pylint: disable=too-many-instance-attributes """Accumulate information about macros to test. enumerate @@ -312,27 +312,6 @@ enumerate def __init__(self) -> None: super().__init__() self.all_declared = set() #type: Set[str] - # Sets of names per type - self.statuses.add('PSA_SUCCESS') - self.algorithms.add('0xffffffff') - self.ecc_curves.add('0xff') - self.dh_groups.add('0xff') - self.key_types.add('0xffff') - self.key_usage_flags.add('0x80000000') - - # Hard-coded values for unknown algorithms - # - # These have to have values that are correct for their respective - # PSA_ALG_IS_xxx macros, but are also not currently assigned and are - # not likely to be assigned in the near future. - self.hash_algorithms.add('0x020000fe') # 0x020000ff is PSA_ALG_ANY_HASH - self.mac_algorithms.add('0x03007fff') - self.ka_algorithms.add('0x09fc0000') - self.kdf_algorithms.add('0x080000ff') - # For AEAD algorithms, the only variability is over the tag length, - # and this only applies to known algorithms, so don't test an - # unknown algorithm. - # Identifier prefixes self.table_by_prefix = { 'ERROR': self.statuses, @@ -370,6 +349,28 @@ enumerate self.arguments_for['tag_length'] += ['1', '63'] self.arguments_for['min_tag_length'] += ['1', '63'] + def add_numerical_values(self) -> None: + """Add numerical values that are not supported to the known identifiers.""" + # Sets of names per type + self.algorithms.add('0xffffffff') + self.ecc_curves.add('0xff') + self.dh_groups.add('0xff') + self.key_types.add('0xffff') + self.key_usage_flags.add('0x80000000') + + # Hard-coded values for unknown algorithms + # + # These have to have values that are correct for their respective + # PSA_ALG_IS_xxx macros, but are also not currently assigned and are + # not likely to be assigned in the near future. + self.hash_algorithms.add('0x020000fe') # 0x020000ff is PSA_ALG_ANY_HASH + self.mac_algorithms.add('0x03007fff') + self.ka_algorithms.add('0x09fc0000') + self.kdf_algorithms.add('0x080000ff') + # For AEAD algorithms, the only variability is over the tag length, + # and this only applies to known algorithms, so don't test an + # unknown algorithm. + def get_names(self, type_word: str) -> Set[str]: """Return the set of known names of values of the given type.""" return { diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 30f82db257..8de819b8d4 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -111,13 +111,14 @@ class Information: def read_psa_interface(self) -> macro_collector.PSAMacroCollector: """Return the list of known key types, algorithms, etc.""" - constructors = macro_collector.PSAMacroCollector() + constructors = macro_collector.InputsForTest() header_file_names = ['include/psa/crypto_values.h', 'include/psa/crypto_extra.h'] for header_file_name in header_file_names: with open(header_file_name, 'rb') as header_file: constructors.read_file(header_file) self.remove_unwanted_macros(constructors) + constructors.gather_arguments() return constructors diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index c6f23054cf..07c8ab2e97 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -44,6 +44,7 @@ def gather_inputs(headers: Iterable[str], inputs.parse_header(header) for test_cases in test_suites: inputs.parse_test_cases(test_cases) + inputs.add_numerical_values() inputs.gather_arguments() return inputs From 4d0b089d2aa69d54b2e0e80e89e6539cf605eadf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Apr 2021 13:41:52 +0200 Subject: [PATCH 244/271] Fix KeyType with parameters passed in the name argument Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/crypto_knowledge.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py index aa5279027c..94a97e7e96 100644 --- a/scripts/mbedtls_dev/crypto_knowledge.py +++ b/scripts/mbedtls_dev/crypto_knowledge.py @@ -33,7 +33,7 @@ class KeyType: `name` is a string 'PSA_KEY_TYPE_xxx' which is the name of a PSA key type macro. For key types that take arguments, the arguments can be passed either through the optional argument `params` or by - passing an expression of the form 'PSA_KEY_TYPE_xxx(param1, param2)' + passing an expression of the form 'PSA_KEY_TYPE_xxx(param1, ...)' in `name` as a string. """ @@ -48,7 +48,7 @@ class KeyType: m = re.match(r'(\w+)\s*\((.*)\)\Z', self.name) assert m is not None self.name = m.group(1) - params = ','.split(m.group(2)) + params = m.group(2).split(',') self.params = (None if params is None else [param.strip() for param in params]) """The parameters of the key type, if there are any. From 3c9d423fe7c0bc103e864edb002f26939b10ded2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 12 Apr 2021 14:43:05 +0200 Subject: [PATCH 245/271] Speed up the generation of storage format test cases First build a list of all keys, then construct all the corresponding test cases. This allows all required information to be obtained in one go, which is a significant performance gain as the information includes numerical values obtained by compiling a C program. Signed-off-by: Gilles Peskine --- tests/scripts/generate_psa_tests.py | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 8de819b8d4..c60b922b04 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -377,11 +377,15 @@ class StorageFormat: def all_test_cases(self) -> Iterator[test_case.TestCase]: """Generate all storage format test cases.""" - for key in self.all_keys_for_usage_flags(): - yield self.make_test_case(key) - for key in self.all_keys_for_types(): - yield self.make_test_case(key) - for key in self.all_keys_for_algorithms(): + # First build a list of all keys, then construct all the corresponding + # test cases. This allows all required information to be obtained in + # one go, which is a significant performance gain as the information + # includes numerical values obtained by compiling a C program. + keys = [] #type: List[StorageKey] + keys += self.all_keys_for_usage_flags() + keys += self.all_keys_for_types() + keys += self.all_keys_for_algorithms() + for key in keys: yield self.make_test_case(key) # To do: vary id, lifetime From 537d5fa48ae3d1f422b90bf247bc4febd24bc4bc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 19 Apr 2021 13:50:25 +0200 Subject: [PATCH 246/271] Expand psa_generate_tests to support constructor arguments In macro_collector.py, base InputsForTest on PSAMacroEnumerator rather than PSAMacroCollector. It didn't make much sense to use PSAMacroCollector anymore since InputsForTest didn't use anything other than the constructor. psa_generate_tests now generates arguments for more macros. In particular, it now collects macro arguments from test_suite_psa_crypto_metadata. Algorithms with parameters are now supported. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 24 ++++++++------- tests/scripts/generate_psa_tests.py | 41 +++++++++++++------------- 2 files changed, 33 insertions(+), 32 deletions(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index f5f81c8a45..3e28f62485 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -105,6 +105,16 @@ class PSAMacroEnumerator: 'tag_length': [], 'min_tag_length': [], } #type: Dict[str, List[str]] + self.include_intermediate = False + + def is_internal_name(self, name: str) -> bool: + """Whether this is an internal macro. Internal macros will be skipped.""" + if not self.include_intermediate: + if name.endswith('_BASE') or name.endswith('_NONE'): + return True + if '_CATEGORY_' in name: + return True + return name.endswith('_FLAG') or name.endswith('_MASK') def gather_arguments(self) -> None: """Populate the list of values for macro arguments. @@ -192,15 +202,6 @@ class PSAMacroCollector(PSAMacroEnumerator): self.key_types_from_group = {} #type: Dict[str, str] self.algorithms_from_hash = {} #type: Dict[str, str] - def is_internal_name(self, name: str) -> bool: - """Whether this is an internal macro. Internal macros will be skipped.""" - if not self.include_intermediate: - if name.endswith('_BASE') or name.endswith('_NONE'): - return True - if '_CATEGORY_' in name: - return True - return name.endswith('_FLAG') or name.endswith('_MASK') - def record_algorithm_subtype(self, name: str, expansion: str) -> None: """Record the subtype of an algorithm constructor. @@ -301,7 +302,7 @@ class PSAMacroCollector(PSAMacroEnumerator): self.read_line(line) -class InputsForTest(PSAMacroCollector): +class InputsForTest(PSAMacroEnumerator): # pylint: disable=too-many-instance-attributes """Accumulate information about macros to test. enumerate @@ -408,7 +409,8 @@ enumerate name = m.group(1) self.all_declared.add(name) if re.search(self._excluded_name_re, name) or \ - name in self._excluded_names: + name in self._excluded_names or \ + self.is_internal_name(name): return dest = self.table_by_prefix.get(m.group(2)) if dest is None: diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index c60b922b04..78840c7e99 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -100,23 +100,25 @@ class Information: @staticmethod def remove_unwanted_macros( - constructors: macro_collector.PSAMacroCollector + constructors: macro_collector.PSAMacroEnumerator ) -> None: - # Mbed TLS doesn't support DSA. Don't attempt to generate any related - # test case. + # Mbed TLS doesn't support finite-field DH yet and will not support + # finite-field DSA. Don't attempt to generate any related test case. + constructors.key_types.discard('PSA_KEY_TYPE_DH_KEY_PAIR') + constructors.key_types.discard('PSA_KEY_TYPE_DH_PUBLIC_KEY') constructors.key_types.discard('PSA_KEY_TYPE_DSA_KEY_PAIR') constructors.key_types.discard('PSA_KEY_TYPE_DSA_PUBLIC_KEY') - constructors.algorithms_from_hash.pop('PSA_ALG_DSA', None) - constructors.algorithms_from_hash.pop('PSA_ALG_DETERMINISTIC_DSA', None) - def read_psa_interface(self) -> macro_collector.PSAMacroCollector: + def read_psa_interface(self) -> macro_collector.PSAMacroEnumerator: """Return the list of known key types, algorithms, etc.""" constructors = macro_collector.InputsForTest() header_file_names = ['include/psa/crypto_values.h', 'include/psa/crypto_extra.h'] + test_suites = ['tests/suites/test_suite_psa_crypto_metadata.data'] for header_file_name in header_file_names: - with open(header_file_name, 'rb') as header_file: - constructors.read_file(header_file) + constructors.parse_header(header_file_name) + for test_cases in test_suites: + constructors.parse_test_cases(test_cases) self.remove_unwanted_macros(constructors) constructors.gather_arguments() return constructors @@ -200,14 +202,18 @@ class NotSupported: ) # To be added: derive + ECC_KEY_TYPES = ('PSA_KEY_TYPE_ECC_KEY_PAIR', + 'PSA_KEY_TYPE_ECC_PUBLIC_KEY') + def test_cases_for_not_supported(self) -> Iterator[test_case.TestCase]: """Generate test cases that exercise the creation of keys of unsupported types.""" for key_type in sorted(self.constructors.key_types): + if key_type in self.ECC_KEY_TYPES: + continue kt = crypto_knowledge.KeyType(key_type) yield from self.test_cases_for_key_type_not_supported(kt) for curve_family in sorted(self.constructors.ecc_curves): - for constr in ('PSA_KEY_TYPE_ECC_KEY_PAIR', - 'PSA_KEY_TYPE_ECC_PUBLIC_KEY'): + for constr in self.ECC_KEY_TYPES: kt = crypto_knowledge.KeyType(constr, [curve_family]) yield from self.test_cases_for_key_type_not_supported( kt, param_descr='type') @@ -336,16 +342,9 @@ class StorageFormat: def all_keys_for_types(self) -> Iterator[StorageKey]: """Generate test keys covering key types and their representations.""" - for key_type in sorted(self.constructors.key_types): + key_types = sorted(self.constructors.key_types) + for key_type in self.constructors.generate_expressions(key_types): yield from self.keys_for_type(key_type) - for key_type in sorted(self.constructors.key_types_from_curve): - for curve in sorted(self.constructors.ecc_curves): - yield from self.keys_for_type(key_type, [curve]) - ## Diffie-Hellman (FFDH) is not supported yet, either in - ## crypto_knowledge.py or in Mbed TLS. - # for key_type in sorted(self.constructors.key_types_from_group): - # for group in sorted(self.constructors.dh_groups): - # yield from self.keys_for_type(key_type, [group]) def keys_for_algorithm(self, alg: str) -> Iterator[StorageKey]: """Generate test keys for the specified algorithm.""" @@ -371,9 +370,9 @@ class StorageFormat: def all_keys_for_algorithms(self) -> Iterator[StorageKey]: """Generate test keys covering algorithm encodings.""" - for alg in sorted(self.constructors.algorithms): + algorithms = sorted(self.constructors.algorithms) + for alg in self.constructors.generate_expressions(algorithms): yield from self.keys_for_algorithm(alg) - # To do: algorithm constructors with parameters def all_test_cases(self) -> Iterator[test_case.TestCase]: """Generate all storage format test cases.""" From 1231eb58919693af34f60351f95b6100534ced9f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 19 Apr 2021 22:24:23 +0200 Subject: [PATCH 247/271] Define dependency symbols for hashless signature algorithms Define the dependency symbols PSA_WANT_ALG_ECDSA_ANY and PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW as de facto synonyms of PSA_WANT_ALG_ECDSA and PSA_WANT_ALG_RSA_PKCS1V15_SIGN respectively: if either one is requested, the other is set. This makes it easier to systematically determine the dependencies of an algorithm. Signed-off-by: Gilles Peskine --- include/mbedtls/config_psa.h | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 2032a365dc..f5db94ea0a 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -38,6 +38,30 @@ extern "C" { #endif + + +/****************************************************************/ +/* De facto synonyms */ +/****************************************************************/ + +#if defined(PSA_WANT_ALG_ECDSA_ANY) && !defined(PSA_WANT_ALG_ECDSA) +#define PSA_WANT_ALG_ECDSA PSA_WANT_ALG_ECDSA_ANY +#elif !defined(PSA_WANT_ALG_ECDSA_ANY) && defined(PSA_WANT_ALG_ECDSA) +#define PSA_WANT_ALG_ECDSA_ANY PSA_WANT_ALG_ECDSA +#endif + +#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW +#elif !defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW) && defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN) +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW PSA_WANT_ALG_RSA_PKCS1V15_SIGN +#endif + + + +/****************************************************************/ +/* Require built-in implementations based on PSA requirements */ +/****************************************************************/ + #if defined(MBEDTLS_PSA_CRYPTO_CONFIG) #if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) @@ -497,6 +521,12 @@ extern "C" { #endif /* !MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 */ #endif /* PSA_WANT_ECC_SECP_K1_256 */ + + +/****************************************************************/ +/* Infer PSA requirements from Mbed TLS capabilities */ +/****************************************************************/ + #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ /* @@ -522,6 +552,7 @@ extern "C" { #if defined(MBEDTLS_ECDSA_C) #define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 #define PSA_WANT_ALG_ECDSA 1 +#define PSA_WANT_ALG_ECDSA_ANY 1 // Only add in DETERMINISTIC support if ECDSA is also enabled #if defined(MBEDTLS_ECDSA_DETERMINISTIC) @@ -586,6 +617,7 @@ extern "C" { #define PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1 #define MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN 1 #define PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1 +#define PSA_WANT_ALG_RSA_PKCS1V15_SIGN_RAW 1 #endif /* MBEDTLSS_PKCS1_V15 */ #if defined(MBEDTLS_PKCS1_V21) #define MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP 1 From c5d086f6ae2bf8df16540d54caa040982ecdfa96 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 20 Apr 2021 23:23:45 +0200 Subject: [PATCH 248/271] Don't generate non-existent dependency symbols Filter our algorithm constructors that don't have a dependency symbol of their own. Signed-off-by: Gilles Peskine --- tests/scripts/generate_psa_tests.py | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 78840c7e99..527ca069f9 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -60,6 +60,14 @@ def finish_family_dependencies(dependencies: List[str], bits: int) -> List[str]: """ return [finish_family_dependency(dep, bits) for dep in dependencies] +SYMBOLS_WITHOUT_DEPENDENCY = frozenset([ + 'PSA_ALG_AEAD_WITH_AT_LEAST_THIS_LENGTH_TAG', # modifier, only in policies + 'PSA_ALG_AEAD_WITH_SHORTENED_TAG', # modifier + 'PSA_ALG_ANY_HASH', # only in policies + 'PSA_ALG_AT_LEAST_THIS_LENGTH_MAC', # modifier, only in policies + 'PSA_ALG_KEY_AGREEMENT', # chaining + 'PSA_ALG_TRUNCATED_MAC', # modifier +]) def automatic_dependencies(*expressions: str) -> List[str]: """Infer dependencies of a test case by looking for PSA_xxx symbols. @@ -70,6 +78,7 @@ def automatic_dependencies(*expressions: str) -> List[str]: used = set() for expr in expressions: used.update(re.findall(r'PSA_(?:ALG|ECC_FAMILY|KEY_TYPE)_\w+', expr)) + used.difference_update(SYMBOLS_WITHOUT_DEPENDENCY) return sorted(psa_want_symbol(name) for name in used) # A temporary hack: at the time of writing, not all dependency symbols From cccd1ac373ebff1a9a02eccd1acaf6d8ca76c96f Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 15:36:58 +0200 Subject: [PATCH 249/271] Normalize whitespace in test arguments Avoid ending up with test cases that only differ in whitespace in an argument. Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 3e28f62485..9c3c72319a 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -131,7 +131,11 @@ class PSAMacroEnumerator: @staticmethod def _format_arguments(name: str, arguments: Iterable[str]) -> str: - """Format a macro call with arguments..""" + """Format a macro call with arguments. + + The resulting format is consistent with + `InputsForTest.normalize_argument`. + """ return name + '(' + ', '.join(arguments) + ')' _argument_split_re = re.compile(r' *, *') @@ -440,6 +444,15 @@ enumerate raise Exception('Undeclared names in test case', undeclared) return True + @staticmethod + def normalize_argument(argument: str) -> str: + """Normalize whitespace in the given C expression. + + The result uses the same whitespace as + ` PSAMacroEnumerator.distribute_arguments`. + """ + return re.sub(r',', r', ', re.sub(r' +', r'', argument)) + def add_test_case_line(self, function: str, argument: str) -> None: """Parse a test case data line, looking for algorithm metadata tests.""" sets = [] @@ -454,7 +467,7 @@ enumerate sets += self.table_by_test_function[function] if self.accept_test_case_line(function, argument): for s in sets: - s.add(argument) + s.add(self.normalize_argument(argument)) # Regex matching a *.data line containing a test function call and # its arguments. The actual definition is partly positional, but this From 38ebfec0f133f951d82c4e35d7d4377ebae032dc Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 15:37:34 +0200 Subject: [PATCH 250/271] Remove duplicates from enumerated test inputs When generating expressions to construct test case data, there can be duplicate values, for example if a value of the form C(A) is present as such in test_suite_psa_crypto_metadata.data and also constructed by enumerating the argument A for the constructor C. Eliminate such duplicates in generate_expressions. This commit removes many test cases that were exact duplicates (and were near-duplicates differing only in whitespace before the whitespace normalization). Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index 9c3c72319a..ec8e18435a 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -173,6 +173,15 @@ class PSAMacroEnumerator: except BaseException as e: raise Exception('distribute_arguments({})'.format(name)) from e + def distribute_arguments_without_duplicates( + self, seen: Set[str], name: str + ) -> Iterator[str]: + """Same as `distribute_arguments`, but don't repeat seen results.""" + for result in self.distribute_arguments(name): + if result not in seen: + seen.add(result) + yield result + def generate_expressions(self, names: Iterable[str]) -> Iterator[str]: """Generate expressions covering values constructed from the given names. @@ -185,7 +194,11 @@ class PSAMacroEnumerator: * ``macros.generate_expressions(macros.key_types)`` generates all key types. """ - return itertools.chain(*map(self.distribute_arguments, names)) + seen = set() #type: Set[str] + return itertools.chain(*( + self.distribute_arguments_without_duplicates(seen, name) + for name in names + )) class PSAMacroCollector(PSAMacroEnumerator): From 20f55f67266c6922deb48c1b619fb9a73d6c4386 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 10:18:19 +0200 Subject: [PATCH 251/271] Abbreviate algorithms in test descriptions Signed-off-by: Gilles Peskine --- tests/scripts/generate_psa_tests.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 527ca069f9..5c39928f90 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -360,7 +360,8 @@ class StorageFormat: # For now, we don't have information on the compatibility of key # types and algorithms. So we just test the encoding of algorithms, # and not that operations can be performed with them. - descr = alg + descr = re.sub(r'PSA_ALG_', r'', alg) + descr = re.sub(r',', r', ', re.sub(r' +', r'', descr)) usage = 'PSA_KEY_USAGE_EXPORT' key1 = StorageKey(version=self.version, id=1, lifetime=0x00000001, From ae4c460df6d1ea607107757e1bc036a6448b7a94 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 16:11:50 +0200 Subject: [PATCH 252/271] Do support multiple files generated from the same script The call to `tests/scripts/generate_psa_tests.py` added by the commit "generate_psa_tests.py: allow generating each file independently" assumed that the `check` function supports multiple file names, but in fact it does not do so. When `generate_psa_tests.py` started generating more than one file, `check-generated-files.sh` did not detect changes to files other than the first one listed by `generate_psa_tests.py --list`. Fix this: change `check` to support either a single directory (with detection of added/removed files) or a list of files (which is assumed to be static). Signed-off-by: Gilles Peskine --- tests/scripts/check-generated-files.sh | 56 +++++++++++++------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/tests/scripts/check-generated-files.sh b/tests/scripts/check-generated-files.sh index b480837866..a2c285fad5 100755 --- a/tests/scripts/check-generated-files.sh +++ b/tests/scripts/check-generated-files.sh @@ -44,23 +44,28 @@ if [ $# -ne 0 ] && [ "$1" = "-u" ]; then UPDATE='y' fi +# check SCRIPT FILENAME[...] +# check SCRIPT DIRECTORY +# Run SCRIPT and check that it does not modify any of the specified files. +# In the first form, there can be any number of FILENAMEs, which must be +# regular files. +# In the second form, there must be a single DIRECTORY, standing for the +# list of files in the directory. Running SCRIPT must not modify any file +# in the directory and must not add or remove files either. +# If $UPDATE is empty, abort with an error status if a file is modified. check() { SCRIPT=$1 - TO_CHECK=$2 - PATTERN="" - FILES="" + shift - if [ -d $TO_CHECK ]; then - rm -f "$TO_CHECK"/*.bak - for FILE in $TO_CHECK/*; do - FILES="$FILE $FILES" - done - else - FILES=$TO_CHECK + directory= + if [ -d "$1" ]; then + directory="$1" + rm -f "$directory"/*.bak + set -- "$1"/* fi - for FILE in $FILES; do + for FILE in "$@"; do if [ -e "$FILE" ]; then cp "$FILE" "$FILE.bak" else @@ -68,37 +73,32 @@ check() fi done - $SCRIPT + "$SCRIPT" # Compare the script output to the old files and remove backups - for FILE in $FILES; do - if ! diff $FILE $FILE.bak >/dev/null 2>&1; then + for FILE in "$@"; do + if ! diff "$FILE" "$FILE.bak" >/dev/null 2>&1; then echo "'$FILE' was either modified or deleted by '$SCRIPT'" if [ -z "$UPDATE" ]; then exit 1 fi fi if [ -z "$UPDATE" ]; then - mv $FILE.bak $FILE + mv "$FILE.bak" "$FILE" else rm -f "$FILE.bak" fi - - if [ -d $TO_CHECK ]; then - # Create a grep regular expression that we can check against the - # directory contents to test whether new files have been created - if [ -z $PATTERN ]; then - PATTERN="$(basename $FILE)" - else - PATTERN="$PATTERN\|$(basename $FILE)" - fi - fi done - if [ -d $TO_CHECK ]; then + if [ -n "$directory" ]; then + old_list="$*" + set -- "$directory"/* + new_list="$*" # Check if there are any new files - if ls -1 $TO_CHECK | grep -v "$PATTERN" >/dev/null 2>&1; then - echo "Files were created by '$SCRIPT'" + if [ "$old_list" != "$new_list" ]; then + echo "Files were deleted or created by '$SCRIPT'" + echo "Before: $old_list" + echo "After: $new_list" if [ -z "$UPDATE" ]; then exit 1 fi From 0225d3a0ce2f10b5f4f3a53572523ca9defe0a3b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 27 Apr 2021 20:25:27 +0200 Subject: [PATCH 253/271] Add missing test suites to CMakeLists.txt Signed-off-by: Gilles Peskine --- tests/CMakeLists.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index a9c9cf3a99..7898004c1c 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -151,6 +151,8 @@ add_test_suite(psa_crypto_se_driver_hal) add_test_suite(psa_crypto_se_driver_hal_mocks) add_test_suite(psa_crypto_slot_management) add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.misc) +add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.current) +add_test_suite(psa_crypto_storage_format psa_crypto_storage_format.v0) add_test_suite(psa_its) add_test_suite(random) add_test_suite(rsa) From 45f1cd7834c89a79af74fbd1f758cf30ab940ff4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Apr 2021 20:11:33 +0200 Subject: [PATCH 254/271] key_storage_read: pass exercise as a flag rather than a boolean This will allow adding other flags in the future. No intended behavior change. Signed-off-by: Gilles Peskine --- tests/scripts/generate_psa_tests.py | 8 ++++++-- .../test_suite_psa_crypto_storage_format.function | 10 ++++++---- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py index 5c39928f90..8c53414f25 100755 --- a/tests/scripts/generate_psa_tests.py +++ b/tests/scripts/generate_psa_tests.py @@ -276,13 +276,17 @@ class StorageFormat: if self.forward: extra_arguments = [] else: + flags = [] # Some test keys have the RAW_DATA type and attributes that don't # necessarily make sense. We do this to validate numerical # encodings of the attributes. # Raw data keys have no useful exercise anyway so there is no # loss of test coverage. - exercise = key.type.string != 'PSA_KEY_TYPE_RAW_DATA' - extra_arguments = ['1' if exercise else '0'] + if key.type.string != 'PSA_KEY_TYPE_RAW_DATA': + flags.append('TEST_FLAG_EXERCISE') + if 'READ_ONLY' in key.lifetime.string: + flags.append('TEST_FLAG_READ_ONLY') + extra_arguments = [' | '.join(flags) if flags else '0'] tc.set_arguments([key.lifetime.string, key.type.string, str(key.bits), key.usage.string, key.alg.string, key.alg2.string, diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function index 76cfe57758..34d63a745b 100644 --- a/tests/suites/test_suite_psa_crypto_storage_format.function +++ b/tests/suites/test_suite_psa_crypto_storage_format.function @@ -7,6 +7,8 @@ #include +#define TEST_FLAG_EXERCISE 0x00000001 + /** Write a key with the given attributes and key material to storage. * Test that it has the expected representation. * @@ -67,7 +69,7 @@ static int test_read_key( const psa_key_attributes_t *expected_attributes, const data_t *expected_material, psa_storage_uid_t uid, const data_t *representation, - int exercise ) + int flags ) { psa_key_attributes_t actual_attributes = PSA_KEY_ATTRIBUTES_INIT; mbedtls_svc_key_id_t key_id = psa_get_key_id( expected_attributes ); @@ -105,7 +107,7 @@ static int test_read_key( const psa_key_attributes_t *expected_attributes, exported_material, length ); } - if( exercise ) + if( flags & TEST_FLAG_EXERCISE ) { TEST_ASSERT( mbedtls_test_psa_exercise_key( key_id, @@ -183,7 +185,7 @@ exit: void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, int usage_arg, int alg_arg, int alg2_arg, data_t *material, - data_t *representation, int exercise ) + data_t *representation, int flags ) { /* Backward compatibility: read a key in the format of a past version * and check that this version can use it. */ @@ -213,7 +215,7 @@ void key_storage_read( int lifetime_arg, int type_arg, int bits_arg, * guarantees backward compatibility with keys that were stored by * past versions of Mbed TLS. */ TEST_ASSERT( test_read_key( &attributes, material, - uid, representation, exercise ) ); + uid, representation, flags ) ); exit: psa_reset_key_attributes( &attributes ); From 2157e86389eca09308422e55009ae8a182dea5c5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 20 May 2021 21:37:06 +0200 Subject: [PATCH 255/271] Document include_intermediate in PSAMacroEnumerator Signed-off-by: Gilles Peskine --- scripts/mbedtls_dev/macro_collector.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py index ec8e18435a..0e76435f38 100644 --- a/scripts/mbedtls_dev/macro_collector.py +++ b/scripts/mbedtls_dev/macro_collector.py @@ -105,6 +105,10 @@ class PSAMacroEnumerator: 'tag_length': [], 'min_tag_length': [], } #type: Dict[str, List[str]] + # Whether to include intermediate macros in enumerations. Intermediate + # macros serve as category headers and are not valid values of their + # type. See `is_internal_name`. + # Always false in this class, may be set to true in derived classes. self.include_intermediate = False def is_internal_name(self, name: str) -> bool: From c87a07de905e36a268e37541bdf254542e4f38e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 26 May 2021 10:38:59 +0200 Subject: [PATCH 256/271] Fix the "rm (D)TLS 1.0 1.1" ChangeLog entry MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Removing MBEDTLS_SSL_RECORD_CHECKING has nothing to do with TLS 1.0, TLS 1.1 and DTLS 1.0. It has been included here as a consequence of an unfortunate typo in the description of 4286. Actually, this macro was removed independently and we already have a ChangeLog entry about it: ChangeLog.d/issue4361.txt - While at it, remove the word "deprecated": these macros and functions had not been documented as deprecated in any version of the library before being removed. Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/issue4286.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/issue4286.txt b/ChangeLog.d/issue4286.txt index 68eb66764f..813b2ecfba 100644 --- a/ChangeLog.d/issue4286.txt +++ b/ChangeLog.d/issue4286.txt @@ -1,9 +1,9 @@ Removals * Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following - deprecated library constants: MBEDTLS_SSL_PROTO_TLS1, + library constants: MBEDTLS_SSL_PROTO_TLS1, MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING, MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED, - MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_RECORD_CHECKING, + MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE, MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions: mbedtls_ssl_conf_cbc_record_splitting(), From 46cccb8f39bdebef6b7067052dfea550e7461309 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 11 May 2021 13:13:51 +0200 Subject: [PATCH 257/271] _SSL_DTLS_BADMAC_LIMIT config.h option removed Signed-off-by: TRodziewicz --- include/mbedtls/check_config.h | 5 ----- include/mbedtls/config.h | 11 ----------- include/mbedtls/ssl.h | 7 ------- library/ssl_msg.c | 2 -- library/ssl_tls.c | 10 ---------- programs/ssl/ssl_context_info.c | 1 - programs/ssl/ssl_server2.c | 6 ------ tests/context-info.sh | 4 ---- 8 files changed, 46 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 389ae2a718..ae23602a07 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -700,11 +700,6 @@ #error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)" #endif -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \ - ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) -#error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) #error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 715c73ada0..10140915e3 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1748,17 +1748,6 @@ */ #define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE -/** - * \def MBEDTLS_SSL_DTLS_BADMAC_LIMIT - * - * Enable support for a limit of records with bad MAC. - * - * See mbedtls_ssl_conf_dtls_badmac_limit(). - * - * Requires: MBEDTLS_SSL_PROTO_DTLS - */ -#define MBEDTLS_SSL_DTLS_BADMAC_LIMIT - /** * \def MBEDTLS_SSL_SESSION_TICKETS * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index bdc2b4797a..6a908f2712 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1151,9 +1151,7 @@ struct mbedtls_ssl_config that triggers renegotiation */ #endif -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) unsigned int badmac_limit; /*!< limit of records with a bad MAC */ -#endif #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C) unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */ @@ -1226,10 +1224,7 @@ struct mbedtls_ssl_context int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ int minor_ver; /*!< one of MBEDTLS_SSL_MINOR_VERSION_x macros */ - -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) unsigned badmac_seen; /*!< records with a bad MAC received */ -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_X509_CRT_PARSE_C) /** Callback to customize X.509 certificate chain verification */ @@ -2261,7 +2256,6 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *ssl, void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) /** * \brief Set a limit on the number of records with a bad MAC * before terminating the connection. @@ -2286,7 +2280,6 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ); * many bogus packets. */ void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ); -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_PROTO_DTLS) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a75b9190ba..ff628b9f40 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -4499,14 +4499,12 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) return( ret ); } -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) if( ssl->conf->badmac_limit != 0 && ++ssl->badmac_seen >= ssl->conf->badmac_limit ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "too many records with bad MAC" ) ); return( MBEDTLS_ERR_SSL_INVALID_MAC ); } -#endif /* As above, invalid records cause * dismissal of the whole datagram. */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e60c0726fc..a7e5b4cd8d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3390,12 +3390,10 @@ void mbedtls_ssl_conf_dtls_anti_replay( mbedtls_ssl_config *conf, char mode ) } #endif -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) void mbedtls_ssl_conf_dtls_badmac_limit( mbedtls_ssl_config *conf, unsigned limit ) { conf->badmac_limit = limit; } -#endif #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -5418,11 +5416,7 @@ void mbedtls_ssl_session_free( mbedtls_ssl_session *session ) #define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_CONNECTION_ID 0u #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) #define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT 1u -#else -#define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_BADMAC_LIMIT 0u -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) #define SSL_SERIALIZED_CONTEXT_CONFIG_DTLS_ANTI_REPLAY 1u @@ -5639,7 +5633,6 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, /* * Saved fields from top-level ssl_context structure */ -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) used += 4; if( used <= buf_len ) { @@ -5648,7 +5641,6 @@ int mbedtls_ssl_context_save( mbedtls_ssl_context *ssl, *p++ = (unsigned char)( ( ssl->badmac_seen >> 8 ) & 0xFF ); *p++ = (unsigned char)( ( ssl->badmac_seen ) & 0xFF ); } -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) used += 16; @@ -5904,7 +5896,6 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, /* * Saved fields from top-level ssl_context structure */ -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) if( (size_t)( end - p ) < 4 ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -5913,7 +5904,6 @@ static int ssl_context_load( mbedtls_ssl_context *ssl, ( (uint32_t) p[2] << 8 ) | ( (uint32_t) p[3] ); p += 4; -#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) if( (size_t)( end - p ) < 16 ) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index ec24fa8e0e..855102de72 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -872,7 +872,6 @@ void print_deserialized_ssl_context( const uint8_t *ssl, size_t len ) print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS and client", SESSION_CONFIG_CLIENT_TICKET_BIT, session_cfg_flag ); print_if_bit( "MBEDTLS_SSL_DTLS_CONNECTION_ID", CONTEXT_CONFIG_DTLS_CONNECTION_ID_BIT, context_cfg_flag ); - print_if_bit( "MBEDTLS_SSL_DTLS_BADMAC_LIMIT", CONTEXT_CONFIG_DTLS_BADMAC_LIMIT_BIT, context_cfg_flag ); print_if_bit( "MBEDTLS_SSL_DTLS_ANTI_REPLAY", CONTEXT_CONFIG_DTLS_ANTI_REPLAY_BIT, context_cfg_flag ); print_if_bit( "MBEDTLS_SSL_ALPN", CONTEXT_CONFIG_ALPN_BIT, context_cfg_flag ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 2cf2d73be7..ef55a7c250 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -363,12 +363,8 @@ int main( void ) #define USAGE_ANTI_REPLAY "" #endif -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) #define USAGE_BADMAC_LIMIT \ " badmac_limit=%%d default: (library default: disabled)\n" -#else -#define USAGE_BADMAC_LIMIT "" -#endif #if defined(MBEDTLS_SSL_PROTO_DTLS) #define USAGE_DTLS \ @@ -2685,10 +2681,8 @@ int main( int argc, char *argv[] ) mbedtls_ssl_conf_dtls_anti_replay( &conf, opt.anti_replay ); #endif -#if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) if( opt.badmac_limit != DFL_BADMAC_LIMIT ) mbedtls_ssl_conf_dtls_badmac_limit( &conf, opt.badmac_limit ); -#endif } #endif /* MBEDTLS_SSL_PROTO_DTLS */ diff --git a/tests/context-info.sh b/tests/context-info.sh index 3465298458..e02d330841 100755 --- a/tests/context-info.sh +++ b/tests/context-info.sh @@ -214,7 +214,6 @@ run_test "Default configuration, server" \ -u "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -u "MBEDTLS_SSL_SESSION_TICKETS$" \ -u "MBEDTLS_SSL_SESSION_TICKETS and client$" \ - -u "MBEDTLS_SSL_DTLS_BADMAC_LIMIT$" \ -u "MBEDTLS_SSL_DTLS_ANTI_REPLAY$" \ -u "MBEDTLS_SSL_ALPN$" \ -u "ciphersuite.* TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256$" \ @@ -238,7 +237,6 @@ run_test "Default configuration, client" \ -u "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -u "MBEDTLS_SSL_SESSION_TICKETS$" \ -u "MBEDTLS_SSL_SESSION_TICKETS and client$" \ - -u "MBEDTLS_SSL_DTLS_BADMAC_LIMIT$" \ -u "MBEDTLS_SSL_DTLS_ANTI_REPLAY$" \ -u "MBEDTLS_SSL_ALPN$" \ -u "ciphersuite.* TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256$" \ @@ -345,7 +343,6 @@ run_test "Minimal configuration, server" \ -n "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -n "MBEDTLS_SSL_SESSION_TICKETS$" \ -n "MBEDTLS_SSL_SESSION_TICKETS and client$" \ - -n "MBEDTLS_SSL_DTLS_BADMAC_LIMIT$" \ -n "MBEDTLS_SSL_DTLS_ANTI_REPLAY$" \ -n "MBEDTLS_SSL_ALPN$" \ @@ -357,7 +354,6 @@ run_test "Minimal configuration, client" \ -n "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \ -n "MBEDTLS_SSL_SESSION_TICKETS$" \ -n "MBEDTLS_SSL_SESSION_TICKETS and client$" \ - -n "MBEDTLS_SSL_DTLS_BADMAC_LIMIT$" \ -n "MBEDTLS_SSL_DTLS_ANTI_REPLAY$" \ -n "MBEDTLS_SSL_ALPN$" \ From 5c251c6a5e2175cd0570471d543acd842698b7f8 Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Tue, 11 May 2021 14:27:28 +0200 Subject: [PATCH 258/271] Add the ChangeLog file Signed-off-by: TRodziewicz --- ChangeLog.d/issue4403.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/issue4403.txt diff --git a/ChangeLog.d/issue4403.txt b/ChangeLog.d/issue4403.txt new file mode 100644 index 0000000000..08ac60e699 --- /dev/null +++ b/ChangeLog.d/issue4403.txt @@ -0,0 +1,2 @@ +Removals + * Remove the MBEDTLS_SSL_DTLS_BADMAC_LIMIT config.h option. Fixes #4403. From a86c312d9266f9c6d6be67fba8d059ae6aa1b2fb Mon Sep 17 00:00:00 2001 From: TRodziewicz Date: Wed, 26 May 2021 15:29:36 +0200 Subject: [PATCH 259/271] Addition of the migration guide entry. Signed-off-by: TRodziewicz --- .../remove_SSL_DTLS_BADMAC_LIMIT_option.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md diff --git a/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md b/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md new file mode 100644 index 0000000000..f81bdadbaf --- /dev/null +++ b/docs/3.0-migration-guide.d/remove_SSL_DTLS_BADMAC_LIMIT_option.md @@ -0,0 +1,11 @@ +Remove MBEDTLS_SSL_DTLS_BADMAC_LIMIT option +------------------------------------------- + +This change does not affect users who used the default `config.h`, as the option +MBEDTLS_SSL_DTLS_BADMAC_LIMIT was already on by default. + +This option was a trade-off between functionality and code size: it allowed +users who didn't need that feature to avoid paying the cost in code size, by +disabling it. + +This option is no longer present, but its functionality is now always enabled. From e9cac0e277dfe83c455a8f0a36853c69b36d9360 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Thu, 27 May 2021 12:59:11 +0200 Subject: [PATCH 260/271] Fix inconsistent documentation of cipher_setup() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - the \internal note said that calling cipher_init() first would be made mandatory later, but the documention of the ctx parameter already said the context had to be initialized... - the documentation was using the word initialize for two different meanings (calling setup() vs calling init()), making the documentation of the ctx parameter quite confusing (you must initialize before you can initialize...) Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/cipher.h | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index ffb20a676a..36efdee75e 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -437,10 +437,11 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); /** - * \brief This function initializes a cipher context for + * \brief This function prepares a cipher context for * use with the given cipher primitive. * - * \param ctx The context to initialize. This must be initialized. + * \param ctx The context to prepare. This must be initialized by + * a call to mbedtls_cipher_init() first. * \param cipher_info The cipher to use. * * \return \c 0 on success. @@ -448,10 +449,6 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * parameter-verification failure. * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the * cipher-specific context fails. - * - * \internal Currently, the function also clears the structure. - * In future versions, the caller will be required to call - * mbedtls_cipher_init() on the structure first. */ int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); From 95273f4b07b2b6d217ef0334e14ad05b0c0e9ef3 Mon Sep 17 00:00:00 2001 From: Christoph Reiter Date: Thu, 21 Jan 2021 13:31:23 +0100 Subject: [PATCH 261/271] Expose flag for critical extensions Enables creating X.509 CSRs with critical extensions. Signed-off-by: Christoph Reiter --- ChangeLog.d/issue4055.txt | 3 +++ docs/3.0-migration-guide.d/csr-add-critical-extension.md | 9 +++++++++ include/mbedtls/x509_csr.h | 2 ++ library/x509write_csr.c | 7 ++++--- 4 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 ChangeLog.d/issue4055.txt create mode 100644 docs/3.0-migration-guide.d/csr-add-critical-extension.md diff --git a/ChangeLog.d/issue4055.txt b/ChangeLog.d/issue4055.txt new file mode 100644 index 0000000000..e9bd1d14e1 --- /dev/null +++ b/ChangeLog.d/issue4055.txt @@ -0,0 +1,3 @@ +API changes + * The function mbedtls_x509write_csr_set_extension() has an extra parameter + which allows to mark an extension as critical. Fixes #4055. diff --git a/docs/3.0-migration-guide.d/csr-add-critical-extension.md b/docs/3.0-migration-guide.d/csr-add-critical-extension.md new file mode 100644 index 0000000000..ebcb343caa --- /dev/null +++ b/docs/3.0-migration-guide.d/csr-add-critical-extension.md @@ -0,0 +1,9 @@ +Change the API to allow adding critical extensions to CSRs +------------------------------------------------------------------ + +This affects applications that call the `mbedtls_x509write_csr_set_extension` +function. + +The API is changed to include the parameter `critical` which allow to mark an +extension included in a CSR as critical. To get the previous behaviour pass +`0`. diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h index 07a3717298..4b8564c93a 100644 --- a/include/mbedtls/x509_csr.h +++ b/include/mbedtls/x509_csr.h @@ -235,6 +235,7 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, * \param ctx CSR context to use * \param oid OID of the extension * \param oid_len length of the OID + * \param critical Set to 1 to mark the extension as critical, 0 otherwise. * \param val value of the extension OCTET STRING * \param val_len length of the value data * @@ -242,6 +243,7 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, */ int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, + int critical, const unsigned char *val, size_t val_len ); /** diff --git a/library/x509write_csr.c b/library/x509write_csr.c index afda950341..9f0ad93567 100644 --- a/library/x509write_csr.c +++ b/library/x509write_csr.c @@ -83,10 +83,11 @@ int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, const char *oid, size_t oid_len, + int critical, const unsigned char *val, size_t val_len ) { return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, - 0, val, val_len ); + critical, val, val_len ); } int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) @@ -103,7 +104,7 @@ int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned ch ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), - c, (size_t)ret ); + 0, c, (size_t)ret ); if( ret != 0 ) return( ret ); @@ -125,7 +126,7 @@ int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), - c, (size_t)ret ); + 0, c, (size_t)ret ); if( ret != 0 ) return( ret ); From 196739b478937feb02a79d058840d123f93fa6d9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 28 May 2021 05:25:46 +0100 Subject: [PATCH 262/271] Change wording in documentation of PSK configuration Signed-off-by: Hanno Becker --- ChangeLog.d/relaxed-psk-semantics.txt | 10 ++--- .../relaxed-psk-semantics.md | 11 ++--- include/mbedtls/ssl.h | 40 ++++++------------- 3 files changed, 20 insertions(+), 41 deletions(-) diff --git a/ChangeLog.d/relaxed-psk-semantics.txt b/ChangeLog.d/relaxed-psk-semantics.txt index a5063c9d8e..d9d922be13 100644 --- a/ChangeLog.d/relaxed-psk-semantics.txt +++ b/ChangeLog.d/relaxed-psk-semantics.txt @@ -1,9 +1,7 @@ API changes * Modify semantics of `mbedtls_ssl_conf_[opaque_]psk()`: In Mbed TLS 2.X, the API prescribes that later calls overwrite - the effect of earlier calls, implying that there can be at most one - statically configured PSK. In Mbed TLS 3.X, multiple invocations of - `mbedtls_ssl_conf_[opaque_]psk()` can be attempted to register - multiple PSKs. Once an implementation-defined limit of PSKs - is reached, the functions ignore the request to add - further PSKs and fail non-fatally. + the effect of earlier calls. In Mbed TLS 3.0, calling + `mbedtls_ssl_conf_[opaque_]psk()` more than once will fail, + leaving the PSK intact that was configured first. Support + for more than one PSK may be added in 3.X. diff --git a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md index 5af2b61089..fa38ac331b 100644 --- a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md +++ b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md @@ -7,17 +7,12 @@ multiple times on the same SSL configuration. In Mbed TLS 2.x, users would observe later calls overwriting the effect of earlier calls, with the prevailing PSK being -the one that has been configured last. +the one that has been configured last. In Mbed TLS 3.0, +calling `mbedtls_conf_[opaque_]psk()` multiple times +will return an error, leaving the first PSK intact. To achieve equivalent functionality when migrating to Mbed TLS 3.0, users calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times should remove all but the last call, so that only one call to _either_ `mbedtls_ssl_conf_psk()` _or_ `mbedtls_ssl_conf_psk_opaque()` remains. - -However, if the _intent_ of the multiple calls to -`mbedtls_ssl_conf_[opaque_]psk()` was to offer multiple PSKs, then -users should _keep_ all calls and only check for the expected -non-fatal failure code `MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE` -indicating that no more PSKs could be buffered by the -implementation. diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 57d2085e63..3fab9f8765 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2693,20 +2693,14 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) /** - * \brief Configure one or more pre-shared keys (PSKs) and their + * \brief Configure pre-shared keys (PSKs) and their * identities to be used in PSK-based ciphersuites. * - * This function may be called multiple times to attempt - * to register multiple PSKs. The number of supported PSKs - * is version-specific (see below for the current limit). - * Once the limit is reached, this function fails, maintaining - * the PSKs previously configured and ignoring the excess request. - * This behavior is in contrast to Mbed TLS 2.x, where later - * invocations would overwrite the effect of earlier calls. - * - * \note Currently, the library supports only support a single PSK, - * but this limit is not part of the API and may change in - * future minor versions. + * Only one PSK can be registered, through either + * mbedtls_ssl_conf_psk() or mbedtls_ssl_conf_psk_opaque(). + * If you attempt to register more than one PSK, this function + * fails, though this may change in future versions, which + * may add support for multiple PSKs. * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. @@ -2727,8 +2721,7 @@ int mbedtls_ssl_conf_own_cert( mbedtls_ssl_config *conf, * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs - * can be configured. In this case, the SSL configuration - * remains usable, but the PSK has not been configured. + * can be configured. In this case, the old PSK(s) remain intact. * \return Another negative error code on other kinds of failure. */ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, @@ -2740,17 +2733,11 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * \brief Configure one or more opaque pre-shared keys (PSKs) and * their identities to be used in PSK-based ciphersuites. * - * This function may be called multiple times to attempt - * to register multiple PSKs. The number of supported PSKs - * is version-specific (see below for the current limit). - * Once the limit is reached, this function fails, maintaining - * the PSKs previously configured and ignoring the excess request. - * This behavior is in contrast to Mbed TLS 2.x, where later - * invocations would overwrite the effect of earlier calls. - * - * \note Currently, the library supports only support a single PSK, - * but this limit is not part of the API and may change in - * future minor versions. + * Only one PSK can be registered, through either + * mbedtls_ssl_conf_psk() or mbedtls_ssl_conf_psk_opaque(). + * If you attempt to register more than one PSK, this function + * fails, though this may change in future versions, which + * may add support for multiple PSKs. * * \note This is mainly useful for clients. Servers will usually * want to use \c mbedtls_ssl_conf_psk_cb() instead. @@ -2776,8 +2763,7 @@ int mbedtls_ssl_conf_psk( mbedtls_ssl_config *conf, * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no more PSKs - * can be configured. In this case, the SSL configuration - * remains usable, but the PSK has not been configured. + * can be configured. In this case, the old PSK(s) remain intact. * \return Another negative error code on other kinds of failure. */ int mbedtls_ssl_conf_psk_opaque( mbedtls_ssl_config *conf, From 934ab00f774322ecce2e4082101be7098a1257be Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 28 May 2021 09:52:54 +0100 Subject: [PATCH 263/271] Minor improvement of ChangeLog wording Signed-off-by: Hanno Becker --- ChangeLog.d/relaxed-psk-semantics.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/relaxed-psk-semantics.txt b/ChangeLog.d/relaxed-psk-semantics.txt index d9d922be13..418ff6fcb7 100644 --- a/ChangeLog.d/relaxed-psk-semantics.txt +++ b/ChangeLog.d/relaxed-psk-semantics.txt @@ -3,5 +3,5 @@ API changes In Mbed TLS 2.X, the API prescribes that later calls overwrite the effect of earlier calls. In Mbed TLS 3.0, calling `mbedtls_ssl_conf_[opaque_]psk()` more than once will fail, - leaving the PSK intact that was configured first. Support - for more than one PSK may be added in 3.X. + leaving the PSK that was configured first intact. + Support for more than one PSK may be added in 3.X. From 2bec09c113427a433a987d770a38dcdb560e9af3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 28 May 2021 09:54:31 +0100 Subject: [PATCH 264/271] Fix typo in migration guide Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/relaxed-psk-semantics.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md index fa38ac331b..6b0e794757 100644 --- a/docs/3.0-migration-guide.d/relaxed-psk-semantics.md +++ b/docs/3.0-migration-guide.d/relaxed-psk-semantics.md @@ -8,7 +8,7 @@ multiple times on the same SSL configuration. In Mbed TLS 2.x, users would observe later calls overwriting the effect of earlier calls, with the prevailing PSK being the one that has been configured last. In Mbed TLS 3.0, -calling `mbedtls_conf_[opaque_]psk()` multiple times +calling `mbedtls_ssl_conf_[opaque_]psk()` multiple times will return an error, leaving the first PSK intact. To achieve equivalent functionality when migrating to Mbed TLS 3.0, From c42a0be00b7e7ac0a705caadf263d3b5a4a39113 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 31 May 2021 11:13:35 +0200 Subject: [PATCH 265/271] Clarify calling sequence in the Cipher layer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/cipher.h | 37 ++++++++++++++++++++++++++++++++++++- 1 file changed, 36 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 36efdee75e..6796644506 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -440,6 +440,18 @@ void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); * \brief This function prepares a cipher context for * use with the given cipher primitive. * + * \note After calling this function, you should call + * mbedtls_cipher_setkey() and, if the mode uses padding, + * mbedtls_cipher_set_padding_mode(), then for each + * message to encrypt or decrypt with this key, either: + * - mbedtls_cipher_crypt() for one-shot processing with + * non-AEAD modes; + * - mbedtls_cipher_auth_encrypt_ext() or + * mbedtls_cipher_auth_decrypt_ext() for one-shot + * processing with AEAD modes or NIST_KW; + * - for multi-part processing, see the documentation of + * mbedtls_cipher_reset(). + * * \param ctx The context to prepare. This must be initialized by * a call to mbedtls_cipher_init() first. * \param cipher_info The cipher to use. @@ -684,7 +696,30 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, /** * \brief This function resets the cipher state. * - * \param ctx The generic cipher context. This must be initialized. + * \note With non-AEAD ciphers, the order of calls for each message + * is as follows: + * 1. mbedtls_cipher_set_iv() if the mode uses an IV/nonce. + * 2. mbedtls_cipher_reset() + * 3. mbedtls_cipher_update() one or more times + * 4. mbedtls_cipher_finish() + * . + * This sequence can be repeated to encrypt of decrypt multiple + * messages with the same key. + * + * \note With AEAD ciphers, the order of calls for each message + * is as follows: + * 1. mbedtls_cipher_set_iv() if the mode uses an IV/nonce. + * 2. mbedtls_cipher_reset() + * 3. mbedtls_cipher_update_ad() + * 4. mbedtls_cipher_update() one or more times + * 5. mbedtls_cipher_finish() + * 6. mbedtls_cipher_check_tag() (for decryption) or + * mbedtls_cipher_write_tag() (for encryption). + * . + * This sequence can be repeated to encrypt of decrypt multiple + * messages with the same key. + * + * \param ctx The generic cipher context. This must be bound to a key. * * \return \c 0 on success. * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on From 42eba1a2742d23f45049d4612ebb157fdecbc10d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 31 May 2021 12:14:02 +0200 Subject: [PATCH 266/271] Fix a typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/cipher.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h index 6796644506..06a29e7520 100644 --- a/include/mbedtls/cipher.h +++ b/include/mbedtls/cipher.h @@ -703,7 +703,7 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, * 3. mbedtls_cipher_update() one or more times * 4. mbedtls_cipher_finish() * . - * This sequence can be repeated to encrypt of decrypt multiple + * This sequence can be repeated to encrypt or decrypt multiple * messages with the same key. * * \note With AEAD ciphers, the order of calls for each message @@ -716,7 +716,7 @@ int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, * 6. mbedtls_cipher_check_tag() (for decryption) or * mbedtls_cipher_write_tag() (for encryption). * . - * This sequence can be repeated to encrypt of decrypt multiple + * This sequence can be repeated to encrypt or decrypt multiple * messages with the same key. * * \param ctx The generic cipher context. This must be bound to a key. From ee57ebe5530b5d665bd6c069f837f8798050098a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 31 May 2021 12:25:01 +0200 Subject: [PATCH 267/271] Add ChangeLog and migration guide entries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/cipher-delayed-output.txt | 6 ++++++ .../cipher-delayed-output.md | 15 +++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 ChangeLog.d/cipher-delayed-output.txt create mode 100644 docs/3.0-migration-guide.d/cipher-delayed-output.md diff --git a/ChangeLog.d/cipher-delayed-output.txt b/ChangeLog.d/cipher-delayed-output.txt new file mode 100644 index 0000000000..0c8f7db990 --- /dev/null +++ b/ChangeLog.d/cipher-delayed-output.txt @@ -0,0 +1,6 @@ +API changes + * For multi-part AEAD operations with the Cipher module, calling + mbedtls_cipher_finish() is now mandatory. Previously the documentation + was unclear on this point, and this function happened to never do + anything with the currently implemented AEADs, so in practice is was + possible to skip calling it, which is no longer supported. diff --git a/docs/3.0-migration-guide.d/cipher-delayed-output.md b/docs/3.0-migration-guide.d/cipher-delayed-output.md new file mode 100644 index 0000000000..e376880b85 --- /dev/null +++ b/docs/3.0-migration-guide.d/cipher-delayed-output.md @@ -0,0 +1,15 @@ +Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations +---------------------------------------------------------------------------- + +This only affect people who use the Cipher module to perform AEAD operations +using the multi-part API. + +Previously, the documentation didn't state explicitly if it was OK to call +`mbedtls_cipher_check_tag()` or `mbedtls_cipher_write_tag()` directly after +the last call to `mbedtls_cipher_update()` - that is, without calling +`mbedtls_cipher_finish()` in-between. If you code was missing that call, +please add it and be prepared to get as much as 15 bytes of output. + +Currently the output is always 0 bytes, but it may be more when alternative +implementations of the underlying primitives are in use, or with future +versions of the library. From b2827693b57a41da33698c98231ab6c5e3830b6b Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 15:23:00 +0200 Subject: [PATCH 268/271] Remove spurious dependencies on PEM Signed-off-by: Gilles Peskine --- tests/suites/test_suite_pkparse.data | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data index 6a0b9b5232..1f73aace80 100644 --- a/tests/suites/test_suite_pkparse.data +++ b/tests/suites/test_suite_pkparse.data @@ -989,7 +989,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED pk_parse_public_keyfile_ec:"data_files/ec_bp512_pub.pem":0 Parse EC Key #1 (SEC1 DER) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0 Parse EC Key #2 (SEC1 PEM) @@ -1005,15 +1005,15 @@ depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8.der":"NULL":0 Parse EC Key #4a (PKCS8 DER, no public key) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.der":"NULL":0 Parse EC Key #4b (PKCS8 DER, no public key, with parameters) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.der":"NULL":0 Parse EC Key #4c (PKCS8 DER, with parameters) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.der":"NULL":0 Parse EC Key #5 (PKCS8 PEM) @@ -1069,7 +1069,7 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_BP512R1_ENABLED pk_parse_keyfile_ec:"data_files/ec_bp512_prv.pem":"NULL":0 Parse EC Key #15 (SEC1 DER, secp256k1, SpecifiedECDomain) -depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED +depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MBEDTLS_PK_PARSE_EC_EXTENDED pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0 Key ASN1 (No data) From bbd617be5fcb38b555816853ac6c29c99e2118e2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 31 May 2021 20:31:47 +0200 Subject: [PATCH 269/271] Remove duplicated definition of ASSERT_ALLOC Signed-off-by: Gilles Peskine --- tests/include/test/macros.h | 32 -------------------------------- 1 file changed, 32 deletions(-) diff --git a/tests/include/test/macros.h b/tests/include/test/macros.h index 450bc2cc3b..b7b6e8f318 100644 --- a/tests/include/test/macros.h +++ b/tests/include/test/macros.h @@ -282,38 +282,6 @@ #define TEST_VALID_PARAM( TEST ) \ TEST_ASSERT( ( TEST, 1 ) ); -/** Allocate memory dynamically and fail the test case if this fails. - * - * You must set \p pointer to \c NULL before calling this macro and - * put `mbedtls_free( pointer )` in the test's cleanup code. - * - * If \p length is zero, the resulting \p pointer will be \c NULL. - * This is usually what we want in tests since API functions are - * supposed to accept null pointers when a buffer size is zero. - * - * This macro expands to an instruction, not an expression. - * It may jump to the \c exit label. - * - * \param pointer An lvalue where the address of the allocated buffer - * will be stored. - * This expression may be evaluated multiple times. - * \param length Number of elements to allocate. - * This expression may be evaluated multiple times. - * - */ -#define ASSERT_ALLOC( pointer, length ) \ - do \ - { \ - TEST_ASSERT( ( pointer ) == NULL ); \ - if( ( length ) != 0 ) \ - { \ - ( pointer ) = mbedtls_calloc( sizeof( *( pointer ) ), \ - ( length ) ); \ - TEST_ASSERT( ( pointer ) != NULL ); \ - } \ - } \ - while( 0 ) - #define TEST_HELPER_ASSERT(a) if( !( a ) ) \ { \ mbedtls_fprintf( stderr, "Assertion Failed at %s:%d - %s\n", \ From c01b87b820260787cd60fd39600124b29bbc5533 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 1 Jun 2021 09:40:53 +0200 Subject: [PATCH 270/271] Fix some typos MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- ChangeLog.d/cipher-delayed-output.txt | 4 ++-- docs/3.0-migration-guide.d/cipher-delayed-output.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ChangeLog.d/cipher-delayed-output.txt b/ChangeLog.d/cipher-delayed-output.txt index 0c8f7db990..4ca3a0cc0a 100644 --- a/ChangeLog.d/cipher-delayed-output.txt +++ b/ChangeLog.d/cipher-delayed-output.txt @@ -1,6 +1,6 @@ API changes - * For multi-part AEAD operations with the Cipher module, calling + * For multi-part AEAD operations with the cipher module, calling mbedtls_cipher_finish() is now mandatory. Previously the documentation was unclear on this point, and this function happened to never do - anything with the currently implemented AEADs, so in practice is was + anything with the currently implemented AEADs, so in practice it was possible to skip calling it, which is no longer supported. diff --git a/docs/3.0-migration-guide.d/cipher-delayed-output.md b/docs/3.0-migration-guide.d/cipher-delayed-output.md index e376880b85..18d327152c 100644 --- a/docs/3.0-migration-guide.d/cipher-delayed-output.md +++ b/docs/3.0-migration-guide.d/cipher-delayed-output.md @@ -1,7 +1,7 @@ Calling `mbedtls_cipher_finish()` is mandatory for all multi-part operations ---------------------------------------------------------------------------- -This only affect people who use the Cipher module to perform AEAD operations +This only affects people who use the cipher module to perform AEAD operations using the multi-part API. Previously, the documentation didn't state explicitly if it was OK to call From 89ee59909231fbe6dc3af10d9409f3cd282b6677 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Jun 2021 11:22:56 +0200 Subject: [PATCH 271/271] Fix null pointer arithmetic in error case When mbedtls_nist_kw_wrap was called with output=NULL and out_size=0, it performed arithmetic on the null pointer before detecting that the output buffer is too small and returning an error code. This was unlikely to have consequences on real-world hardware today, but it is undefined behavior and UBSan with Clang 10 flagged it. So fix it (fix #4025). Fix a similar-looking pattern in unwrap, though I haven't verified that it's reachable there. Signed-off-by: Gilles Peskine --- library/nist_kw.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/nist_kw.c b/library/nist_kw.c index 04829a0b97..5054ca206b 100644 --- a/library/nist_kw.c +++ b/library/nist_kw.c @@ -189,8 +189,6 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, uint64_t t = 0; unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2]; unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2]; - unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH; - unsigned char *A = output; *out_len = 0; /* @@ -266,6 +264,9 @@ int mbedtls_nist_kw_wrap( mbedtls_nist_kw_context *ctx, } else { + unsigned char *R2 = output + KW_SEMIBLOCK_LENGTH; + unsigned char *A = output; + /* * Do the wrapping function W, as defined in RFC 3394 section 2.2.1 */ @@ -329,7 +330,7 @@ static int unwrap( mbedtls_nist_kw_context *ctx, uint64_t t = 0; unsigned char outbuff[KW_SEMIBLOCK_LENGTH * 2]; unsigned char inbuff[KW_SEMIBLOCK_LENGTH * 2]; - unsigned char *R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH; + unsigned char *R = NULL; *out_len = 0; if( semiblocks < MIN_SEMIBLOCKS_COUNT ) @@ -339,6 +340,7 @@ static int unwrap( mbedtls_nist_kw_context *ctx, memcpy( A, input, KW_SEMIBLOCK_LENGTH ); memmove( output, input + KW_SEMIBLOCK_LENGTH, ( semiblocks - 1 ) * KW_SEMIBLOCK_LENGTH ); + R = output + ( semiblocks - 2 ) * KW_SEMIBLOCK_LENGTH; /* Calculate intermediate values */ for( t = s; t >= 1; t-- )