From db06445ad68edf185e4bb16fd46e666334e04b75 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 1 Jun 2020 12:29:26 +0200
Subject: [PATCH 01/46] Fix typo in currently unused macro constant

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 include/psa/crypto_values.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 9fed276e7d..f33946ab90 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1611,7 +1611,7 @@
  */
 #define PSA_KEY_LIFETIME_IS_VOLATILE(lifetime)  \
     (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
-     PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE)
+     PSA_KEY_PERSISTENCE_VOLATILE)
 
 /** Construct a lifetime from a persistence level and a location.
  *

From 8335f41cda5fe927efd533f1495a451bc871ef43 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Tue, 2 Jun 2020 11:04:15 +0200
Subject: [PATCH 02/46] Enable figuring out number of cores when running on OS
 X

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 tests/scripts/docker_env.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/tests/scripts/docker_env.sh b/tests/scripts/docker_env.sh
index 8bdc425796..582a17d1a4 100755
--- a/tests/scripts/docker_env.sh
+++ b/tests/scripts/docker_env.sh
@@ -60,12 +60,19 @@ else
     DOCKER="sudo docker"
 fi
 
+# Figure out the number of processors available
+if [ "$(uname)" == "Darwin" ]; then
+    NUM_PROC="$(sysctl -n hw.logicalcpu)"
+else
+    NUM_PROC="$(nproc)"
+fi
+
 # Build the Docker image
 echo "Getting docker image up to date (this may take a few minutes)..."
 ${DOCKER} image build \
     -t ${DOCKER_IMAGE_TAG} \
     --cache-from=${DOCKER_IMAGE_TAG} \
-    --build-arg MAKEFLAGS_PARALLEL="-j $(nproc)" \
+    --build-arg MAKEFLAGS_PARALLEL="-j ${NUM_PROC}" \
     --network host \
     ${http_proxy+--build-arg http_proxy=${http_proxy}} \
     ${https_proxy+--build-arg https_proxy=${https_proxy}} \

From c59de6ab7e7b8f006e7a70fccabb363bb9edb200 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:28:25 +0200
Subject: [PATCH 03/46] Refactor lifetime checking to reflect split in location
 and persistence

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto.c                 | 4 ++--
 library/psa_crypto_slot_management.c | 5 ++++-
 library/psa_crypto_slot_management.h | 4 ++--
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 69323184d0..1c348e8b09 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1500,7 +1500,7 @@ static psa_status_t psa_validate_key_attributes(
 {
     psa_status_t status;
 
-    if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE )
+    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) )
     {
         status = psa_validate_persistent_key_parameters(
             attributes->core.lifetime, attributes->core.id,
@@ -1660,7 +1660,7 @@ static psa_status_t psa_finish_key_creation(
     (void) driver;
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( slot->attr.lifetime != PSA_KEY_LIFETIME_VOLATILE )
+    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
     {
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
         if( driver != NULL )
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 6cd6a1135b..193959aba0 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -200,7 +200,10 @@ psa_status_t psa_validate_persistent_key_parameters(
     }
     else
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    if( lifetime != PSA_KEY_LIFETIME_PERSISTENT )
+    if( ( PSA_KEY_LIFETIME_GET_LOCATION( lifetime )
+            != PSA_KEY_LOCATION_LOCAL_STORAGE ) ||
+        ( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime )
+            != PSA_KEY_PERSISTENCE_DEFAULT ) )
         return( PSA_ERROR_INVALID_ARGUMENT );
 
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index 472253dd9b..db2aa964c2 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -88,8 +88,8 @@ psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
  */
 static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
 {
-    return( lifetime != PSA_KEY_LIFETIME_VOLATILE &&
-            lifetime != PSA_KEY_LIFETIME_PERSISTENT );
+    return( PSA_KEY_LIFETIME_GET_LOCATION( lifetime )
+                != PSA_KEY_LOCATION_LOCAL_STORAGE );
 }
 
 /** Test whether the given parameters are acceptable for a persistent key.

From bbeaf18eac24d142b79139fbac916b60d0b389ff Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:29:44 +0200
Subject: [PATCH 04/46] Do not persist transactions on volatile external keys

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto.c | 33 ++++++++++++++++++++-------------
 1 file changed, 20 insertions(+), 13 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1c348e8b09..a0851c7f79 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1593,11 +1593,14 @@ static psa_status_t psa_start_key_creation(
 
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
     /* For a key in a secure element, we need to do three things
-     * when creating or registering a key:
+     * when creating or registering a persistent key:
      * create the key file in internal storage, create the
      * key inside the secure element, and update the driver's
-     * persistent data. Start a transaction that will encompass these
-     * three actions. */
+     * persistent data. This is done by starting a transaction that will
+     * encompass these three actions.
+     * For registering a volatile key, we just need to find an appropriate
+     * slot number inside the SE. Since the key is designated volatile, creating
+     * a transaction is not required. */
     /* The first thing to do is to find a slot number for the new key.
      * We save the slot number in persistent storage as part of the
      * transaction data. It will be needed to recover if the power
@@ -1612,15 +1615,19 @@ static psa_status_t psa_start_key_creation(
                                            &slot->data.se.slot_number );
         if( status != PSA_SUCCESS )
             return( status );
-        psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
-        psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
-        psa_crypto_transaction.key.slot = slot->data.se.slot_number;
-        psa_crypto_transaction.key.id = slot->attr.id;
-        status = psa_crypto_save_transaction( );
-        if( status != PSA_SUCCESS )
+
+        if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) )
         {
-            (void) psa_crypto_stop_transaction( );
-            return( status );
+            psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
+            psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
+            psa_crypto_transaction.key.slot = slot->data.se.slot_number;
+            psa_crypto_transaction.key.id = slot->attr.id;
+            status = psa_crypto_save_transaction( );
+            if( status != PSA_SUCCESS )
+            {
+                (void) psa_crypto_stop_transaction( );
+                return( status );
+            }
         }
     }
 
@@ -1708,8 +1715,8 @@ static psa_status_t psa_finish_key_creation(
     /* Finish the transaction for a key creation. This does not
      * happen when registering an existing key. Detect this case
      * by checking whether a transaction is in progress (actual
-     * creation of a key in a secure element requires a transaction,
-     * but registration doesn't use one). */
+     * creation of a persistent key in a secure element requires a transaction,
+     * but registration or volatile key creation doesn't use one). */
     if( driver != NULL &&
         psa_crypto_transaction.unknown.type == PSA_CRYPTO_TRANSACTION_CREATE_KEY )
     {

From 223f2877bee96defc611bcee8c255c349d62f7c5 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:30:20 +0200
Subject: [PATCH 05/46] Add test to check that volatile external keys do not
 get persisted

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 .../test_suite_psa_crypto_se_driver_hal.data  | 28 +++++--
 ...st_suite_psa_crypto_se_driver_hal.function | 77 ++++++++++++++++---
 2 files changed, 86 insertions(+), 19 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
index 55c34266b8..5333e570db 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@@ -24,17 +24,29 @@ register_twice:3
 Register SE driver: maximum number of drivers
 register_max:
 
-SE key import-export (p_allocate allows all slots)
-key_creation_import_export:0:0
+SE key import-export persistent (p_allocate allows all slots)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:0:0
 
-SE key import-export (p_allocate allows 1 slot)
-key_creation_import_export:ARRAY_LENGTH( ram_slots ) - 1:0
+SE key import-export persistent (p_allocate allows 1 slot)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:ARRAY_LENGTH( ram_slots ) - 1:0
 
-SE key import-export, check after restart (slot 0)
-key_creation_import_export:0:1
+SE key import-export persistent, check after restart (slot 0)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:0:1
 
-SE key import-export, check after restart (slot 3)
-key_creation_import_export:3:1
+SE key import-export persistent, check after restart (slot 3)
+key_creation_import_export:TEST_SE_PERSISTENT_LIFETIME:3:1
+
+SE key import-export volatile (p_allocate allows all slots)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:0:0
+
+SE key import-export volatile (p_allocate allows 1 slot)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:ARRAY_LENGTH( ram_slots ) - 1:0
+
+SE key import-export volatile, check after restart (slot 0)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:0:1
+
+SE key import-export volatile, check after restart (slot 3)
+key_creation_import_export:TEST_SE_VOLATILE_LIFETIME:3:1
 
 Key creation in a specific slot (0)
 key_creation_in_chosen_slot:0:0:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index f95f7e5265..9b0cf45f3e 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -27,6 +27,10 @@
     ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
         PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION ) )
 
+#define TEST_SE_VOLATILE_LIFETIME                               \
+    ( PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(           \
+        PSA_KEY_PERSISTENCE_VOLATILE, TEST_DRIVER_LOCATION ) )
+
 /** The driver detected a condition that shouldn't happen.
  * This is probably a bug in the library. */
 #define PSA_ERROR_DETECTED_BY_DRIVER ((psa_status_t)( -500 ))
@@ -609,6 +613,20 @@ exit:
     return( ok );
 }
 
+/* Check that no persistent data exists for the given location. */
+static int check_no_persistent_data( psa_key_location_t location )
+{
+    psa_storage_uid_t uid = file_uid_for_location( location );
+    struct psa_storage_info_t info;
+    int ok = 0;
+
+    TEST_ASSERT( psa_its_get_info( uid, &info ) == PSA_ERROR_DOES_NOT_EXIST );
+    ok = 1;
+
+exit:
+    return( ok );
+}
+
 /* Check that a function's return status is "smoke-free", i.e. that
  * it's an acceptable error code when calling an API function that operates
  * on a key with potentially bogus parameters. */
@@ -829,11 +847,11 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void key_creation_import_export( int min_slot, int restart )
+void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
 {
     psa_drv_se_t driver;
     psa_drv_se_key_management_t key_management;
-    psa_key_lifetime_t lifetime = TEST_SE_PERSISTENT_LIFETIME;
+    psa_key_lifetime_t lifetime = (psa_key_lifetime_t) lifetime_arg;
     psa_key_location_t location = PSA_KEY_LIFETIME_GET_LOCATION( lifetime );
     psa_key_id_t id = 1;
     psa_key_handle_t handle = 0;
@@ -864,10 +882,25 @@ void key_creation_import_export( int min_slot, int restart )
     PSA_ASSERT( psa_import_key( &attributes,
                                 key_material, sizeof( key_material ),
                                 &handle ) );
-    if( ! check_persistent_data( location,
-                                 &ram_shadow_slot_usage,
-                                 sizeof( ram_shadow_slot_usage ) ) )
-        goto exit;
+
+
+    if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+    {
+        /* For volatile keys, check no persistent data was created */
+        if( ! check_no_persistent_data( location ) )
+            goto exit;
+    }
+    else
+    {
+        /* For persistent keys, check persistent data */
+        if( ! check_persistent_data( location,
+                             &ram_shadow_slot_usage,
+                             sizeof( ram_shadow_slot_usage ) ) )
+            goto exit;
+    }
+
+    /* Test that the key was created in the expected slot. */
+    TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA );
 
     /* Maybe restart, to check that the information is saved correctly. */
     if( restart )
@@ -875,11 +908,33 @@ void key_creation_import_export( int min_slot, int restart )
         mbedtls_psa_crypto_free( );
         PSA_ASSERT( psa_register_se_driver( location, &driver ) );
         PSA_ASSERT( psa_crypto_init( ) );
-        if( ! check_persistent_data( location,
-                                     &ram_shadow_slot_usage,
-                                     sizeof( ram_shadow_slot_usage ) ) )
-            goto exit;
-        PSA_ASSERT( psa_open_key( id, &handle ) );
+
+        if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+        {
+            /* Check that the PSA core has no knowledge of the volatile key */
+            TEST_ASSERT( psa_open_key( id, &handle ) == PSA_ERROR_DOES_NOT_EXIST );
+
+            /* Drop data from our mockup driver */
+            ram_slots_reset();
+            ram_min_slot = min_slot;
+
+            /* Re-import key */
+            PSA_ASSERT( psa_import_key( &attributes,
+                                key_material, sizeof( key_material ),
+                                &handle ) );
+        }
+        else
+        {
+
+            /* Check we can re-open the persistent key */
+            if( ! check_persistent_data( location,
+                                         &ram_shadow_slot_usage,
+                                         sizeof( ram_shadow_slot_usage ) ) )
+                goto exit;
+
+            /* Check that the PSA core still knows about the key */
+            PSA_ASSERT( psa_open_key( id, &handle ) );
+        }
     }
 
     /* Test that the key was created in the expected slot. */

From a50f28338b8daa5ed22669598e1c9883de9e7972 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:35:57 +0200
Subject: [PATCH 06/46] Add test to check key ID's from the vendor range are
 accepted

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 .../test_suite_psa_crypto_se_driver_hal.data  | 20 ++++++++++++-------
 ...st_suite_psa_crypto_se_driver_hal.function |  3 ++-
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.data b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
index 5333e570db..023024d398 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.data
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.data
@@ -130,22 +130,28 @@ Key generation smoke test: HMAC-SHA-256
 generate_key_smoke:PSA_KEY_TYPE_HMAC:256:PSA_ALG_HMAC( PSA_ALG_SHA_256 )
 
 Key registration: smoke test
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:PSA_SUCCESS
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:1:PSA_SUCCESS
 
-Key registration: invalid lifetime (volatile)
-register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:PSA_ERROR_INVALID_ARGUMENT
+Key registration: invalid lifetime (volatile internal storage)
+register_key_smoke_test:PSA_KEY_LIFETIME_VOLATILE:1:1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: invalid lifetime (internal storage)
-register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:PSA_ERROR_INVALID_ARGUMENT
+register_key_smoke_test:PSA_KEY_LIFETIME_PERSISTENT:1:1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: invalid lifetime (no registered driver)
-register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:PSA_ERROR_INVALID_ARGUMENT
+register_key_smoke_test:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, TEST_DRIVER_LOCATION + 1 ):1:1:PSA_ERROR_INVALID_ARGUMENT
 
 Key registration: rejected
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:0:PSA_ERROR_NOT_PERMITTED
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:0:PSA_ERROR_NOT_PERMITTED
 
 Key registration: not supported
-register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:-1:PSA_ERROR_NOT_SUPPORTED
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:1:-1:PSA_ERROR_NOT_SUPPORTED
+
+Key registration: key id out of range
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:PSA_KEY_ID_VENDOR_MAX+1:-1:PSA_ERROR_INVALID_ARGUMENT
+
+Key registration: key id in vendor range
+register_key_smoke_test:TEST_SE_PERSISTENT_LIFETIME:PSA_KEY_ID_VENDOR_MAX:1:PSA_SUCCESS
 
 Import-sign-verify: sign in driver, ECDSA
 depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index 9b0cf45f3e..ead8b5ab26 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -1410,6 +1410,7 @@ exit:
 
 /* BEGIN_CASE */
 void register_key_smoke_test( int lifetime_arg,
+                              int id_arg,
                               int validate,
                               int expected_status_arg )
 {
@@ -1419,7 +1420,7 @@ void register_key_smoke_test( int lifetime_arg,
     psa_drv_se_t driver;
     psa_drv_se_key_management_t key_management;
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-    psa_key_id_t id = 1;
+    psa_key_id_t id = id_arg;
     size_t bit_size = 48;
     psa_key_slot_number_t wanted_slot = 0x123456789;
     psa_key_handle_t handle = 0;

From 81fe7c311ac18321f66c5949be7b8312c7d4aa59 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:37:19 +0200
Subject: [PATCH 07/46] Split 'validate persistent key parameters' into
 independent validation

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto.c                 | 17 ++++---
 library/psa_crypto_slot_management.c | 69 +++++++++++++++++-----------
 library/psa_crypto_slot_management.h | 51 ++++++++++----------
 3 files changed, 72 insertions(+), 65 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a0851c7f79..aea4924d31 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1498,16 +1498,15 @@ static psa_status_t psa_validate_key_attributes(
     const psa_key_attributes_t *attributes,
     psa_se_drv_table_entry_t **p_drv )
 {
-    psa_status_t status;
+    psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
 
-    if( ! PSA_KEY_LIFETIME_IS_VOLATILE( attributes->core.lifetime ) )
-    {
-        status = psa_validate_persistent_key_parameters(
-            attributes->core.lifetime, attributes->core.id,
-            p_drv, 1 );
-        if( status != PSA_SUCCESS )
-            return( status );
-    }
+    status = psa_validate_key_location( attributes, p_drv );
+    if( status != PSA_SUCCESS )
+        return( status );
+
+    status = psa_validate_key_persistence( attributes );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     status = psa_validate_key_policy( &attributes->core.policy );
     if( status != PSA_SUCCESS )
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 193959aba0..01fd048162 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -183,39 +183,54 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id,
 }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
 
-psa_status_t psa_validate_persistent_key_parameters(
-    psa_key_lifetime_t lifetime,
-    psa_key_file_id_t id,
-    psa_se_drv_table_entry_t **p_drv,
-    int creating )
+psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
+                                        psa_se_drv_table_entry_t **p_drv )
 {
-    if( p_drv != NULL )
-        *p_drv = NULL;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-    if( psa_key_lifetime_is_external( lifetime ) )
+    psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
+    if ( psa_key_lifetime_is_external( lifetime ) )
     {
-        *p_drv = psa_get_se_driver_entry( lifetime );
-        if( *p_drv == NULL )
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+        psa_se_drv_table_entry_t *p_drv_e = psa_get_se_driver_entry( lifetime );
+        if( p_drv_e == NULL )
             return( PSA_ERROR_INVALID_ARGUMENT );
+        else
+        {
+            if (p_drv != NULL)
+                *p_drv = p_drv_e;
+            return( PSA_SUCCESS );
+        }
+#else
+        (void) p_drv;
+        return( PSA_ERROR_INVALID_ARGUMENT );
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
     }
     else
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    if( ( PSA_KEY_LIFETIME_GET_LOCATION( lifetime )
-            != PSA_KEY_LOCATION_LOCAL_STORAGE ) ||
-        ( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime )
-            != PSA_KEY_PERSISTENCE_DEFAULT ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+        /* Local/internal keys are always valid */
+        return( PSA_SUCCESS );
+}
 
+psa_status_t psa_validate_key_persistence( const psa_key_attributes_t *attributes )
+{
+    psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
+
+    if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+    {
+        /* Volatile keys are always supported */
+        return( PSA_SUCCESS );
+    }
+    else
+    {
+        /* Persistent keys require storage support */
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-    if( ! psa_is_key_id_valid( id, ! creating ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-    return( PSA_SUCCESS );
-
+        if( psa_is_key_id_valid( psa_get_key_id( attributes ),
+                                 psa_key_lifetime_is_external( lifetime ) ) )
+            return( PSA_SUCCESS );
+        else
+            return( PSA_ERROR_INVALID_ARGUMENT );
 #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
-    (void) id;
-    (void) creating;
-    return( PSA_ERROR_NOT_SUPPORTED );
+        return( PSA_ERROR_NOT_SUPPORTED );
 #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
+    }
 }
 
 psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle )
@@ -226,10 +241,8 @@ psa_status_t psa_open_key( psa_key_file_id_t id, psa_key_handle_t *handle )
 
     *handle = 0;
 
-    status = psa_validate_persistent_key_parameters(
-        PSA_KEY_LIFETIME_PERSISTENT, id, NULL, 0 );
-    if( status != PSA_SUCCESS )
-        return( status );
+    if( ! psa_is_key_id_valid( id, 1 ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
 
     status = psa_get_empty_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index db2aa964c2..8841284cdf 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -92,38 +92,33 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
                 != PSA_KEY_LOCATION_LOCAL_STORAGE );
 }
 
-/** Test whether the given parameters are acceptable for a persistent key.
+/** Validate that a key's attributes point to a known location.
  *
- * This function does not access the storage in any way. It only tests
- * whether the parameters are meaningful and permitted by general policy.
- * It does not test whether the a file by the given id exists or could be
- * created.
+ * This function checks whether the key's attributes point to a location that
+ * is known to the PSA Core, and returns the driver function table if the key
+ * is to be found in an external location.
  *
- * If the key is in external storage, this function returns the corresponding
- * driver.
+ * \param[in] attributes    The key attributes.
+ * \param[out] p_drv        On success, when a key is located in external
+ *                          storage, returns a pointer to the driver table
+ *                          associated with the key's storage location.
  *
- * \param lifetime      The lifetime to test.
- * \param id            The key id to test.
- * \param[out] p_drv    On output, if \p lifetime designates a key
- *                      in an external processor, \c *p_drv is a pointer
- *                      to the driver table entry fot this lifetime.
- *                      If \p lifetime designates a transparent key,
- *                      \c *p_drv is \c NULL.
- * \param creating      0 if attempting to open an existing key.
- *                      Nonzero if attempting to create a key.
- *
- * \retval PSA_SUCCESS
- *         The given parameters are valid.
- * \retval PSA_ERROR_INVALID_ARGUMENT
- *         \p lifetime is volatile or is invalid.
- * \retval PSA_ERROR_INVALID_ARGUMENT
- *         \p id is invalid.
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
  */
-psa_status_t psa_validate_persistent_key_parameters(
-    psa_key_lifetime_t lifetime,
-    psa_key_file_id_t id,
-    psa_se_drv_table_entry_t **p_drv,
-    int creating );
+psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
+                                        psa_se_drv_table_entry_t **p_drv );
+
+/** Validate that a key's persistence is consistent.
+ *
+ * This function checks whether a key's persistence attribute is consistent.
+ *
+ * \param[in] attributes    The key attributes.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ */
+psa_status_t psa_validate_key_persistence( const psa_key_attributes_t *attributes );
 
 
 #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */

From de183388653f91136536b3a0476a141274ad3e31 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:48:01 +0200
Subject: [PATCH 08/46] Add changelog entry for #3382

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 ChangeLog.d/do_not_persist_volatile_external_keys.txt | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 ChangeLog.d/do_not_persist_volatile_external_keys.txt

diff --git a/ChangeLog.d/do_not_persist_volatile_external_keys.txt b/ChangeLog.d/do_not_persist_volatile_external_keys.txt
new file mode 100644
index 0000000000..c10b22ca28
--- /dev/null
+++ b/ChangeLog.d/do_not_persist_volatile_external_keys.txt
@@ -0,0 +1,4 @@
+Default behavior changes
+   * Stop storing persistent information about externally stored keys created
+     through PSA Crypto with a volatile lifetime. Reported in #3288 and
+     contributed by Steven Cooreman in #3382.
\ No newline at end of file

From f5a5e45ed1eceb45f9c537c200d592b48d8237af Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:53:13 +0200
Subject: [PATCH 09/46] Refactor equality-testing asserts in SE driver tests to
 TEST_EQUAL

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 .../test_suite_psa_crypto_se_driver_hal.function       | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index ead8b5ab26..80c50e3292 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -620,7 +620,7 @@ static int check_no_persistent_data( psa_key_location_t location )
     struct psa_storage_info_t info;
     int ok = 0;
 
-    TEST_ASSERT( psa_its_get_info( uid, &info ) == PSA_ERROR_DOES_NOT_EXIST );
+    TEST_EQUAL( psa_its_get_info( uid, &info ), PSA_ERROR_DOES_NOT_EXIST );
     ok = 1;
 
 exit:
@@ -900,7 +900,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
     }
 
     /* Test that the key was created in the expected slot. */
-    TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA );
+    TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA );
 
     /* Maybe restart, to check that the information is saved correctly. */
     if( restart )
@@ -938,7 +938,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
     }
 
     /* Test that the key was created in the expected slot. */
-    TEST_ASSERT( ram_slots[min_slot].type == PSA_KEY_TYPE_RAW_DATA );
+    TEST_EQUAL( ram_slots[min_slot].type, PSA_KEY_TYPE_RAW_DATA );
 
     /* Test the key attributes, including the reported slot number. */
     psa_set_key_bits( &attributes,
@@ -964,7 +964,7 @@ void key_creation_import_export( int lifetime_arg, int min_slot, int restart )
                 PSA_ERROR_DOES_NOT_EXIST );
 
     /* Test that the key has been erased from the designated slot. */
-    TEST_ASSERT( ram_slots[min_slot].type == 0 );
+    TEST_EQUAL( ram_slots[min_slot].type, 0 );
 
 exit:
     PSA_DONE( );
@@ -1318,7 +1318,7 @@ void sign_verify( int flow,
          * generate material, store the desired result of generation in
          * the mock secure element storage. */
         PSA_ASSERT( psa_get_key_attributes( drv_handle, &drv_attributes ) );
-        TEST_ASSERT( key_material->len == PSA_BITS_TO_BYTES( bits ) );
+        TEST_EQUAL( key_material->len, PSA_BITS_TO_BYTES( bits ) );
         memcpy( ram_slots[ram_min_slot].content, key_material->x,
                 key_material->len );
     }

From 00106a12c9ff7fca4cc1ece3a2152254e9079093 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 18:54:23 +0200
Subject: [PATCH 10/46] Minor edit to comply with pointer naming standard

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto_slot_management.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 01fd048162..0cab75779e 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -190,13 +190,13 @@ psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
     if ( psa_key_lifetime_is_external( lifetime ) )
     {
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-        psa_se_drv_table_entry_t *p_drv_e = psa_get_se_driver_entry( lifetime );
-        if( p_drv_e == NULL )
+        psa_se_drv_table_entry_t *driver = psa_get_se_driver_entry( lifetime );
+        if( driver == NULL )
             return( PSA_ERROR_INVALID_ARGUMENT );
         else
         {
             if (p_drv != NULL)
-                *p_drv = p_drv_e;
+                *p_drv = driver;
             return( PSA_SUCCESS );
         }
 #else

From 74161ceaca1dbf98b965ef0188840aa594826a4d Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 8 Jun 2020 19:04:38 +0200
Subject: [PATCH 11/46] Clarify behaviour of psa_validate_key_location

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto_slot_management.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index 8841284cdf..46a73257b7 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -109,9 +109,10 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
 psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
                                         psa_se_drv_table_entry_t **p_drv );
 
-/** Validate that a key's persistence is consistent.
+/** Validate that a key's persistence is valid.
  *
- * This function checks whether a key's persistence attribute is consistent.
+ * This function checks whether a key's declared persistence and key ID are
+ * valid and supported by the PSA Core in its actual configuration.
  *
  * \param[in] attributes    The key attributes.
  *

From 14b8184db1e61fcc878531dd8b9cbb7194152704 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Mon, 15 Jun 2020 11:33:41 +0200
Subject: [PATCH 12/46] Added missing newline in changelog entry

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 ChangeLog.d/do_not_persist_volatile_external_keys.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog.d/do_not_persist_volatile_external_keys.txt b/ChangeLog.d/do_not_persist_volatile_external_keys.txt
index c10b22ca28..b27292c900 100644
--- a/ChangeLog.d/do_not_persist_volatile_external_keys.txt
+++ b/ChangeLog.d/do_not_persist_volatile_external_keys.txt
@@ -1,4 +1,4 @@
 Default behavior changes
    * Stop storing persistent information about externally stored keys created
      through PSA Crypto with a volatile lifetime. Reported in #3288 and
-     contributed by Steven Cooreman in #3382.
\ No newline at end of file
+     contributed by Steven Cooreman in #3382.

From 8c1e759e1d5b64d7c8cd074ab73e0e6292a920d1 Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Wed, 17 Jun 2020 14:52:05 +0200
Subject: [PATCH 13/46] Documentation and new function signature update

Inline with review comments.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto.c                 |  6 ++++--
 library/psa_crypto_slot_management.c | 10 ++++------
 library/psa_crypto_slot_management.h | 18 ++++++++++--------
 3 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index aea4924d31..a511c27748 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1500,11 +1500,13 @@ static psa_status_t psa_validate_key_attributes(
 {
     psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
 
-    status = psa_validate_key_location( attributes, p_drv );
+    status = psa_validate_key_location( psa_get_key_lifetime( attributes ),
+                                        p_drv );
     if( status != PSA_SUCCESS )
         return( status );
 
-    status = psa_validate_key_persistence( attributes );
+    status = psa_validate_key_persistence( psa_get_key_lifetime( attributes ),
+                                           psa_get_key_id( attributes ) );
     if( status != PSA_SUCCESS )
         return( status );
 
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 0cab75779e..ab66b1213d 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -183,10 +183,9 @@ static int psa_is_key_id_valid( psa_key_file_id_t file_id,
 }
 #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
 
-psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
+psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
                                         psa_se_drv_table_entry_t **p_drv )
 {
-    psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
     if ( psa_key_lifetime_is_external( lifetime ) )
     {
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@@ -209,10 +208,9 @@ psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
         return( PSA_SUCCESS );
 }
 
-psa_status_t psa_validate_key_persistence( const psa_key_attributes_t *attributes )
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
+                                           psa_key_id_t key_id )
 {
-    psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
-
     if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
     {
         /* Volatile keys are always supported */
@@ -222,7 +220,7 @@ psa_status_t psa_validate_key_persistence( const psa_key_attributes_t *attribute
     {
         /* Persistent keys require storage support */
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-        if( psa_is_key_id_valid( psa_get_key_id( attributes ),
+        if( psa_is_key_id_valid( key_id,
                                  psa_key_lifetime_is_external( lifetime ) ) )
             return( PSA_SUCCESS );
         else
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index 46a73257b7..e65de2e6ab 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -92,13 +92,13 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
                 != PSA_KEY_LOCATION_LOCAL_STORAGE );
 }
 
-/** Validate that a key's attributes point to a known location.
+/** Validate a key's location.
  *
  * This function checks whether the key's attributes point to a location that
  * is known to the PSA Core, and returns the driver function table if the key
  * is to be found in an external location.
  *
- * \param[in] attributes    The key attributes.
+ * \param[in] lifetime      The key lifetime attribute.
  * \param[out] p_drv        On success, when a key is located in external
  *                          storage, returns a pointer to the driver table
  *                          associated with the key's storage location.
@@ -106,20 +106,22 @@ static inline int psa_key_lifetime_is_external( psa_key_lifetime_t lifetime )
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  */
-psa_status_t psa_validate_key_location( const psa_key_attributes_t *attributes,
+psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
                                         psa_se_drv_table_entry_t **p_drv );
 
-/** Validate that a key's persistence is valid.
+/** Validate that a key's persistence attributes are valid.
  *
- * This function checks whether a key's declared persistence and key ID are
- * valid and supported by the PSA Core in its actual configuration.
+ * This function checks whether a key's declared persistence level and key ID
+ * attributes are valid and known to the PSA Core in its actual configuration.
  *
- * \param[in] attributes    The key attributes.
+ * \param[in] lifetime    The key lifetime attribute.
+ * \param[in] key_id      The key ID attribute
  *
  * \retval #PSA_SUCCESS
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  */
-psa_status_t psa_validate_key_persistence( const psa_key_attributes_t *attributes );
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
+                                           psa_key_id_t key_id );
 
 
 #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */

From fa6860933d94f99c040fc2f4c054dad5b240370f Mon Sep 17 00:00:00 2001
From: Steven Cooreman <steven.cooreman@silabs.com>
Date: Thu, 18 Jun 2020 14:37:31 +0200
Subject: [PATCH 14/46] Declare unused parameter

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
---
 library/psa_crypto_slot_management.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index ab66b1213d..b312ff6242 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -226,6 +226,7 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
         else
             return( PSA_ERROR_INVALID_ARGUMENT );
 #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
+        (void) key_id;
         return( PSA_ERROR_NOT_SUPPORTED );
 #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
     }

From 72d849d4b67c9b54f7e171d677a44fd88be84216 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 15 May 2020 17:07:16 +0200
Subject: [PATCH 15/46] cmake: Align declaration of include directory

Align declaration of ./include include directory
among libraries, static and shared.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 library/CMakeLists.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index f6a186faef..960e232ae2 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -168,10 +168,14 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
     add_library(${mbedx509_static_target} STATIC ${src_x509})
     set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
     target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
+    target_include_directories(${mbedx509_static_target}
+        PUBLIC ${MBEDTLS_DIR}/include/)
 
     add_library(${mbedtls_static_target} STATIC ${src_tls})
     set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
     target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
+    target_include_directories(${mbedtls_static_target}
+        PUBLIC ${MBEDTLS_DIR}/include/)
 
     install(TARGETS ${mbedtls_static_target} ${mbedx509_static_target} ${mbedcrypto_static_target}
             DESTINATION ${LIB_INSTALL_DIR}

From 00f5b8cd63dca45d3045e72cb4ead2111ebbbdce Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Mon, 25 May 2020 09:39:09 +0200
Subject: [PATCH 16/46] cmake: Compile everest code only if necessary

Compile everest code only if
MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED is defined
in config.h

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 3rdparty/CMakeLists.txt         |  6 +++++-
 3rdparty/everest/CMakeLists.txt | 20 +++++++-------------
 2 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt
index dca4bd76b5..4c5b5599dc 100644
--- a/3rdparty/CMakeLists.txt
+++ b/3rdparty/CMakeLists.txt
@@ -3,7 +3,11 @@ list (APPEND thirdparty_lib)
 list (APPEND thirdparty_inc)
 list (APPEND thirdparty_def)
 
-add_subdirectory(everest)
+execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
+
+if(${result} EQUAL 0)
+    add_subdirectory(everest)
+endif()
 
 set(thirdparty_src ${thirdparty_src} PARENT_SCOPE)
 set(thirdparty_lib ${thirdparty_lib} PARENT_SCOPE)
diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt
index c27a8e5ee9..a900e4b634 100644
--- a/3rdparty/everest/CMakeLists.txt
+++ b/3rdparty/everest/CMakeLists.txt
@@ -10,21 +10,15 @@ set(everest_src
 
 list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
 
-execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
+if(INSTALL_MBEDTLS_HEADERS)
 
-if(${result} EQUAL 0)
+  install(DIRECTORY include/everest
+    DESTINATION include
+    FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
+    DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
+    FILES_MATCHING PATTERN "*.h")
 
-  if(INSTALL_MBEDTLS_HEADERS)
-
-    install(DIRECTORY include/everest
-      DESTINATION include
-      FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
-      DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
-      FILES_MATCHING PATTERN "*.h")
-
-  endif(INSTALL_MBEDTLS_HEADERS)
-
-endif()
+endif(INSTALL_MBEDTLS_HEADERS)
 
 set(thirdparty_src ${thirdparty_src} ${everest_src} PARENT_SCOPE)
 set(thirdparty_inc ${thirdparty_inc} ${everest_inc} PARENT_SCOPE)

From f19f312aa6e7ff6b75f62e07ac9bb1cd6aa10ad3 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Mon, 25 May 2020 10:26:37 +0200
Subject: [PATCH 17/46] cmake: Add 3rd party public include directories

Add the possibility to distinguish between public and
non-public include directories. Public directories are
the one to use to access definitions of 3rd party code
interfaces.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 3rdparty/CMakeLists.txt         | 2 ++
 3rdparty/everest/CMakeLists.txt | 5 ++++-
 CMakeLists.txt                  | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/3rdparty/CMakeLists.txt b/3rdparty/CMakeLists.txt
index 4c5b5599dc..18945e52ee 100644
--- a/3rdparty/CMakeLists.txt
+++ b/3rdparty/CMakeLists.txt
@@ -1,5 +1,6 @@
 list (APPEND thirdparty_src)
 list (APPEND thirdparty_lib)
+list (APPEND thirdparty_inc_public)
 list (APPEND thirdparty_inc)
 list (APPEND thirdparty_def)
 
@@ -11,5 +12,6 @@ endif()
 
 set(thirdparty_src ${thirdparty_src} PARENT_SCOPE)
 set(thirdparty_lib ${thirdparty_lib} PARENT_SCOPE)
+set(thirdparty_inc_public ${thirdparty_inc_public} PARENT_SCOPE)
 set(thirdparty_inc ${thirdparty_inc} PARENT_SCOPE)
 set(thirdparty_def ${thirdparty_def} PARENT_SCOPE)
diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt
index a900e4b634..d81d995f1f 100644
--- a/3rdparty/everest/CMakeLists.txt
+++ b/3rdparty/everest/CMakeLists.txt
@@ -1,4 +1,5 @@
 list (APPEND everest_src)
+list (APPEND everest_inc_public)
 list (APPEND everest_inc)
 list (APPEND everest_def)
 
@@ -8,7 +9,8 @@ set(everest_src
   ${CMAKE_CURRENT_SOURCE_DIR}/library/Hacl_Curve25519_joined.c
 )
 
-list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
+list(APPEND everest_inc_public ${CMAKE_CURRENT_SOURCE_DIR}/include)
+list(APPEND everest_inc ${CMAKE_CURRENT_SOURCE_DIR}/include/everest ${CMAKE_CURRENT_SOURCE_DIR}/include/everest/kremlib)
 
 if(INSTALL_MBEDTLS_HEADERS)
 
@@ -21,5 +23,6 @@ if(INSTALL_MBEDTLS_HEADERS)
 endif(INSTALL_MBEDTLS_HEADERS)
 
 set(thirdparty_src ${thirdparty_src} ${everest_src} PARENT_SCOPE)
+set(thirdparty_inc_public ${thirdparty_inc_public} ${everest_inc_public} PARENT_SCOPE)
 set(thirdparty_inc ${thirdparty_inc} ${everest_inc} PARENT_SCOPE)
 set(thirdparty_def ${thirdparty_def} ${everest_def} PARENT_SCOPE)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1f675c1ee0..9c3c86ce13 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -219,6 +219,7 @@ endif(ENABLE_ZLIB_SUPPORT)
 add_subdirectory(include)
 
 add_subdirectory(3rdparty)
+include_directories(${thirdparty_inc_public})
 include_directories(${thirdparty_inc})
 list(APPEND libs ${thirdparty_lib})
 add_definitions(${thirdparty_def})

From 67d4b555b8e31a93eb6466c77cdd81fc78d613fe Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 22 May 2020 21:59:53 +0200
Subject: [PATCH 18/46] cmake: Limit scope of 3rd party definitions

Don't define anymore globally third party include
directories and compile definitions. Declare them within the
scope of the crypto library target as per the third party
source files.

Note that targets linking to the crypto library inherit from
the third party public include directories.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 CMakeLists.txt         |  3 ---
 library/CMakeLists.txt | 12 ++++++++++--
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9c3c86ce13..de50c72aa3 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -219,10 +219,7 @@ endif(ENABLE_ZLIB_SUPPORT)
 add_subdirectory(include)
 
 add_subdirectory(3rdparty)
-include_directories(${thirdparty_inc_public})
-include_directories(${thirdparty_inc})
 list(APPEND libs ${thirdparty_lib})
-add_definitions(${thirdparty_def})
 
 add_subdirectory(library)
 
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 960e232ae2..0a8b87cc7f 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -163,7 +163,11 @@ if(USE_STATIC_MBEDTLS_LIBRARY)
     set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
     target_link_libraries(${mbedcrypto_static_target} ${libs})
     target_include_directories(${mbedcrypto_static_target}
-        PUBLIC ${MBEDTLS_DIR}/include/)
+        PUBLIC ${MBEDTLS_DIR}/include/
+        PUBLIC ${thirdparty_inc_public}
+        PRIVATE ${thirdparty_inc})
+    target_compile_definitions(${mbedcrypto_static_target}
+        PRIVATE ${thirdparty_def})
 
     add_library(${mbedx509_static_target} STATIC ${src_x509})
     set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
@@ -188,7 +192,11 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
     set_target_properties(mbedcrypto PROPERTIES VERSION 2.22.0 SOVERSION 4)
     target_link_libraries(mbedcrypto ${libs})
     target_include_directories(mbedcrypto
-        PUBLIC ${MBEDTLS_DIR}/include/)
+        PUBLIC ${MBEDTLS_DIR}/include/
+        PUBLIC ${thirdparty_inc_public}
+        PRIVATE ${thirdparty_inc})
+    target_compile_definitions(mbedcrypto
+        PRIVATE ${thirdparty_def})
 
     add_library(mbedx509 SHARED ${src_x509})
     set_target_properties(mbedx509 PROPERTIES VERSION 2.22.0 SOVERSION 1)

From 855274113ac8b49a6d9d72e08d2f06e7d0c17b0a Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 15 May 2020 17:20:47 +0200
Subject: [PATCH 19/46] cmake: Remove global include directories

Remove the declaration of ./include and ./library
as include directories for all targets.

Prefer being more local and declare include directories
at the target level using target_include_directories().

Note that there is no need to declare explicitely
./include as an include directory for tests as they
inherit it from the "mbed librairies".

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 CMakeLists.txt       |  3 ---
 tests/CMakeLists.txt | 10 ++++++++--
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index de50c72aa3..61f149f468 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -205,9 +205,6 @@ else()
     set(LIB_INSTALL_DIR lib)
 endif()
 
-include_directories(include/)
-include_directories(library/)
-
 if(ENABLE_ZLIB_SUPPORT)
     find_package(ZLIB)
 
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 39a7a2cd0e..182109b519 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -48,7 +48,10 @@ function(add_test_suite suite_name)
 
     add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtests>)
     target_link_libraries(test_suite_${data_name} ${libs})
-    target_include_directories(test_suite_${data_name} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include)
+    target_include_directories(test_suite_${data_name}
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
+
     if(${data_name} MATCHES ${SKIP_TEST_SUITES_REGEX})
         message(STATUS "The test suite ${data_name} will not be executed.")
     else()
@@ -68,7 +71,10 @@ endif(MSVC)
 
 file(GLOB MBEDTESTS_FILES ${CMAKE_CURRENT_SOURCE_DIR}/src/*.c)
 add_library(mbedtests OBJECT ${MBEDTESTS_FILES})
-target_include_directories(mbedtests PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include)
+target_include_directories(mbedtests
+    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../include
+    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
 
 add_test_suite(aes aes.cbc)
 add_test_suite(aes aes.cfb)

From b1790af64802fa0a2f58cff1c3f2f464a82e3815 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Wed, 20 May 2020 15:34:47 +0200
Subject: [PATCH 20/46] cmake: Add include directory policy documentation

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 CMakeLists.txt | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 61f149f468..7838525495 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,3 +1,21 @@
+#
+# CMake build system design considerations:
+#
+# - Include directories:
+#   + Do not define include directories globally using the include_directories
+#     command but rather at the target level using the
+#     target_include_directories command. That way, it is easier to guarantee
+#     that targets are built using the proper list of include directories.
+#   + Use the PUBLIC and PRIVATE keywords to specifiy the scope of include
+#     directories. That way, a target linking to a library (using the
+#     target_link_librairies command) inherits from the library PUBLIC include
+#     directories and not from the PRIVATE ones.
+#   + Note: there is currently one remaining include_directories command in the
+#     CMake files. It is related to ZLIB support which is planned to be removed.
+#     When the support is removed, the associated include_directories command
+#     will be removed as well as this note.
+#
+
 cmake_minimum_required(VERSION 2.6)
 if(TEST_CPP)
     project("mbed TLS" C CXX)

From f8f5026a3b0a0692741e6b24b93c4d6e902e71c1 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 25 Jun 2020 11:48:11 +0100
Subject: [PATCH 21/46] Add ChangeLog entry for #3147: MSVC flags

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog.d/align-msvc-flags.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/align-msvc-flags.txt

diff --git a/ChangeLog.d/align-msvc-flags.txt b/ChangeLog.d/align-msvc-flags.txt
new file mode 100644
index 0000000000..02de3fd34f
--- /dev/null
+++ b/ChangeLog.d/align-msvc-flags.txt
@@ -0,0 +1,3 @@
+Changes
+   *  Align MSVC error flag with GCC and Clang. Contributed by Carlos Gomes
+      Martinho. #3147

From 8a43bd1d20b438344ea0448847989483087c5fcb Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 25 Jun 2020 11:48:27 +0100
Subject: [PATCH 22/46] Add ChangeLog entry for #3217: avoid re-assignment

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog.d/remove-extra-assignment.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/remove-extra-assignment.txt

diff --git a/ChangeLog.d/remove-extra-assignment.txt b/ChangeLog.d/remove-extra-assignment.txt
new file mode 100644
index 0000000000..a98c423478
--- /dev/null
+++ b/ChangeLog.d/remove-extra-assignment.txt
@@ -0,0 +1,3 @@
+Changes
+   * Remove superfluous assignment in mbedtls_ssl_parse_certificate(). Reported
+     in #3182 and fix submitted by irwir. #3217

From 3ec2e4a464df942c14b369acf5f7913d8ff94ad1 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 25 Jun 2020 11:53:33 +0100
Subject: [PATCH 23/46] Add ChangeLog entry for #3239: win2k net support

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog.d/add_win2k_net_socket.txt | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 ChangeLog.d/add_win2k_net_socket.txt

diff --git a/ChangeLog.d/add_win2k_net_socket.txt b/ChangeLog.d/add_win2k_net_socket.txt
new file mode 100644
index 0000000000..9842c5d874
--- /dev/null
+++ b/ChangeLog.d/add_win2k_net_socket.txt
@@ -0,0 +1,2 @@
+Features
+   * Add support for Windows 2000 in net_sockets. Contributed by opatomic. #3239

From 0b849818d38918415d1c9a735fb79d0d90f544e4 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 25 Jun 2020 13:08:25 +0100
Subject: [PATCH 24/46] Add ChangeLog entry for #3311: fix uninitialised
 variable

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog.d/make-cpp-check-happy.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/make-cpp-check-happy.txt

diff --git a/ChangeLog.d/make-cpp-check-happy.txt b/ChangeLog.d/make-cpp-check-happy.txt
new file mode 100644
index 0000000000..2ae74cb0a9
--- /dev/null
+++ b/ChangeLog.d/make-cpp-check-happy.txt
@@ -0,0 +1,3 @@
+Bugfix
+   * Fix false positive uninitialised variable reported by cpp-check.
+     Contributed by Sander Visser in #3311.

From a805c4d3288facd050851924d39c41f3fac9e373 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 25 Jun 2020 13:21:15 +0100
Subject: [PATCH 25/46] Add ChangeLog entry for #3319: fix typo in test

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog.d/fix-typo-in-xts-test.txt | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 ChangeLog.d/fix-typo-in-xts-test.txt

diff --git a/ChangeLog.d/fix-typo-in-xts-test.txt b/ChangeLog.d/fix-typo-in-xts-test.txt
new file mode 100644
index 0000000000..4711b8cf9f
--- /dev/null
+++ b/ChangeLog.d/fix-typo-in-xts-test.txt
@@ -0,0 +1,2 @@
+Changes
+   * Fix typo in XTS tests. Reported and fix submitted by Kxuan. #3319

From f5ea29adcb42c3edcb88629148590c35f7da85d1 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 19 Jun 2020 10:42:29 +0200
Subject: [PATCH 26/46] tests: Improve naming of build common test variables

Use the mbedtls_test_ prefix for (c)make variables
related to test common code.

This aligns with the prefix used for the common test
functions.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/CMakeLists.txt | 8 ++++----
 tests/Makefile       | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 182109b519..ce608c3a29 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -46,7 +46,7 @@ function(add_test_suite suite_name)
         DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
     )
 
-    add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtests>)
+    add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(test_suite_${data_name} ${libs})
     target_include_directories(test_suite_${data_name}
         PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
@@ -69,9 +69,9 @@ if(MSVC)
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
 endif(MSVC)
 
-file(GLOB MBEDTESTS_FILES ${CMAKE_CURRENT_SOURCE_DIR}/src/*.c)
-add_library(mbedtests OBJECT ${MBEDTESTS_FILES})
-target_include_directories(mbedtests
+file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/src/*.c)
+add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
+target_include_directories(mbedtls_test
     PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
     PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../include
     PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
diff --git a/tests/Makefile b/tests/Makefile
index 6f3179cfff..68f85d2d3c 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -77,7 +77,7 @@ all: $(BINARIES)
 $(MBEDLIBS):
 	$(MAKE) -C ../library
 
-MBEDTESTS_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c))
+MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c))
 
 # Rule to compile common test C files in src folder
 src/%.o : src/%.c
@@ -112,9 +112,9 @@ C_FILES := $(addsuffix .c,$(APPS))
 		-o .
 
 
-$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTESTS_OBJS)
+$(BINARIES): %$(EXEXT): %.c $(MBEDLIBS) $(MBEDTLS_TEST_OBJS)
 	echo "  CC    $<"
-	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTESTS_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $< $(MBEDTLS_TEST_OBJS) $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
 
 # Some test suites require additional header files.
 $(filter test_suite_psa_crypto%, $(BINARIES)): include/test/psa_crypto_helpers.h

From 5df1be91f3c32db2e2fb827a518eb592840f6611 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 5 Jun 2020 11:47:07 +0200
Subject: [PATCH 27/46] programs: ssl: cmake: Reorder declaration of
 executables

Reorder declaration of executables in alphabetic order.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/ssl/CMakeLists.txt | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 32fb3c44f6..b6b657c7ab 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -30,6 +30,9 @@ target_link_libraries(dtls_client ${libs})
 add_executable(dtls_server dtls_server.c)
 target_link_libraries(dtls_server ${libs})
 
+add_executable(mini_client mini_client.c)
+target_link_libraries(mini_client ${libs})
+
 add_executable(ssl_client1 ssl_client1.c)
 target_link_libraries(ssl_client1 ${libs})
 
@@ -37,13 +40,6 @@ add_executable(ssl_client2 ssl_client2.c)
 target_sources(ssl_client2 PUBLIC ../test/query_config.c)
 target_link_libraries(ssl_client2 ${libs})
 
-add_executable(ssl_server ssl_server.c)
-target_link_libraries(ssl_server ${libs})
-
-add_executable(ssl_server2 ssl_server2.c)
-target_sources(ssl_server2 PUBLIC ../test/query_config.c)
-target_link_libraries(ssl_server2 ${libs})
-
 add_executable(ssl_context_info ssl_context_info.c)
 target_link_libraries(ssl_context_info ${libs})
 
@@ -53,8 +49,12 @@ target_link_libraries(ssl_fork_server ${libs})
 add_executable(ssl_mail_client ssl_mail_client.c)
 target_link_libraries(ssl_mail_client ${libs})
 
-add_executable(mini_client mini_client.c)
-target_link_libraries(mini_client ${libs})
+add_executable(ssl_server ssl_server.c)
+target_link_libraries(ssl_server ${libs})
+
+add_executable(ssl_server2 ssl_server2.c)
+target_sources(ssl_server2 PUBLIC ../test/query_config.c)
+target_link_libraries(ssl_server2 ${libs})
 
 if(THREADS_FOUND)
     add_executable(ssl_pthread_server ssl_pthread_server.c)

From 27731130cf4003ed1df641141b5b4c7bcb9bf63d Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 5 Jun 2020 11:51:28 +0200
Subject: [PATCH 28/46] programs: ssl: cmake: Add missing executables

Add the executables missing in the list of executables
to install.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/ssl/CMakeLists.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index b6b657c7ab..aaa9a0ac93 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -11,9 +11,11 @@ set(targets
     mini_client
     ssl_client1
     ssl_client2
+    ssl_context_info
     ssl_fork_server
     ssl_mail_client
     ssl_server
+    ssl_server2
 )
 
 if(USE_PKCS11_HELPER_LIBRARY)

From 0b90c9d7472fe7d82d82cb2aabd9be6dba29edba Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 5 Jun 2020 14:02:43 +0200
Subject: [PATCH 29/46] programs: cmake: Fix relative path warnings

The path to source files were relative which triggered
warnings when generating the build system.

Move to absolute paths based on CMAKE_CURRENT_SOURCE_DIR.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/ssl/CMakeLists.txt  | 4 ++--
 programs/test/CMakeLists.txt | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index aaa9a0ac93..d6ba2ac2f7 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -39,7 +39,7 @@ add_executable(ssl_client1 ssl_client1.c)
 target_link_libraries(ssl_client1 ${libs})
 
 add_executable(ssl_client2 ssl_client2.c)
-target_sources(ssl_client2 PUBLIC ../test/query_config.c)
+target_sources(ssl_client2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
 target_link_libraries(ssl_client2 ${libs})
 
 add_executable(ssl_context_info ssl_context_info.c)
@@ -55,7 +55,7 @@ add_executable(ssl_server ssl_server.c)
 target_link_libraries(ssl_server ${libs})
 
 add_executable(ssl_server2 ssl_server2.c)
-target_sources(ssl_server2 PUBLIC ../test/query_config.c)
+target_sources(ssl_server2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
 target_link_libraries(ssl_server2 ${libs})
 
 if(THREADS_FOUND)
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index a26c096de9..ec36d67e69 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -28,7 +28,7 @@ add_executable(zeroize zeroize.c)
 target_link_libraries(zeroize mbedcrypto)
 
 add_executable(query_compile_time_config query_compile_time_config.c)
-target_sources(query_compile_time_config PUBLIC query_config.c)
+target_sources(query_compile_time_config PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
 target_link_libraries(query_compile_time_config mbedcrypto)
 
 install(TARGETS selftest benchmark udp_proxy query_compile_time_config

From bfd45f1f11384232399fb9e2d7d1701b637e57dc Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 5 Jun 2020 11:15:31 +0200
Subject: [PATCH 30/46] programs: cmake: Use list of executables

Use list of executables to:
- factorize the code to define executables
- highlight the similarities and differences of the executable definitions
- avoid list duplication

Use alphabetic order for executables in lists.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/aes/CMakeLists.txt    |  14 +++--
 programs/fuzz/CMakeLists.txt   | 101 ++++++++++++---------------------
 programs/hash/CMakeLists.txt   |  14 +++--
 programs/pkey/CMakeLists.txt   |  90 +++++++++++------------------
 programs/psa/CMakeLists.txt    |  20 +++----
 programs/random/CMakeLists.txt |  18 +++---
 programs/ssl/CMakeLists.txt    |  54 +++++-------------
 programs/test/CMakeLists.txt   |  34 ++++++-----
 programs/util/CMakeLists.txt   |  14 +++--
 programs/x509/CMakeLists.txt   |  26 ++++-----
 10 files changed, 165 insertions(+), 220 deletions(-)

diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 6c4c7e10f3..761531daeb 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -1,9 +1,13 @@
-add_executable(aescrypt2 aescrypt2.c)
-target_link_libraries(aescrypt2 mbedcrypto)
+set(executables
+    aescrypt2
+    crypt_and_hash
+)
 
-add_executable(crypt_and_hash crypt_and_hash.c)
-target_link_libraries(crypt_and_hash mbedcrypto)
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} mbedcrypto)
+endforeach()
 
-install(TARGETS aescrypt2 crypt_and_hash
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index 17ec3f64c1..9d4043a401 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -11,70 +11,41 @@ if(ENABLE_ZLIB_SUPPORT)
 endif(ENABLE_ZLIB_SUPPORT)
 
 find_library(FUZZINGENGINE_LIB FuzzingEngine)
-
-if(NOT FUZZINGENGINE_LIB)
-    add_executable(fuzz_x509csr fuzz_x509csr.c onefile.c)
-    target_link_libraries(fuzz_x509csr ${libs})
-
-    add_executable(fuzz_x509crl fuzz_x509crl.c onefile.c)
-    target_link_libraries(fuzz_x509crl ${libs})
-
-    add_executable(fuzz_x509crt fuzz_x509crt.c onefile.c)
-    target_link_libraries(fuzz_x509crt ${libs})
-
-    add_executable(fuzz_privkey fuzz_privkey.c onefile.c)
-    target_link_libraries(fuzz_privkey ${libs})
-
-    add_executable(fuzz_pubkey fuzz_pubkey.c onefile.c)
-    target_link_libraries(fuzz_pubkey ${libs})
-
-    add_executable(fuzz_client fuzz_client.c common.c onefile.c)
-    target_link_libraries(fuzz_client ${libs})
-
-    add_executable(fuzz_server fuzz_server.c common.c onefile.c)
-    target_link_libraries(fuzz_server ${libs})
-
-    add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c onefile.c)
-    target_link_libraries(fuzz_dtlsclient ${libs})
-
-    add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c onefile.c)
-    target_link_libraries(fuzz_dtlsserver ${libs})
-else()
+if(FUZZINGENGINE_LIB)
     project(fuzz CXX)
-
-    add_executable(fuzz_x509csr fuzz_x509csr.c)
-    target_link_libraries(fuzz_x509csr ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_x509csr PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_x509crl fuzz_x509crl.c)
-    target_link_libraries(fuzz_x509crl ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_x509crl PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_x509crt fuzz_x509crt.c)
-    target_link_libraries(fuzz_x509crt ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_x509crt PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_privkey fuzz_privkey.c)
-    target_link_libraries(fuzz_privkey ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_privkey PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_pubkey fuzz_pubkey.c)
-    target_link_libraries(fuzz_pubkey ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_pubkey PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_client fuzz_client.c common.c)
-    target_link_libraries(fuzz_client ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_client PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_server fuzz_server.c common.c)
-    target_link_libraries(fuzz_server ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_server PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_dtlsclient fuzz_dtlsclient.c common.c)
-    target_link_libraries(fuzz_dtlsclient ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_dtlsclient PROPERTIES LINKER_LANGUAGE CXX)
-
-    add_executable(fuzz_dtlsserver fuzz_dtlsserver.c common.c)
-    target_link_libraries(fuzz_dtlsserver ${libs} FuzzingEngine)
-    SET_TARGET_PROPERTIES(fuzz_dtlsserver PROPERTIES LINKER_LANGUAGE CXX)
 endif()
+
+set(executables_no_common_c
+    fuzz_privkey
+    fuzz_pubkey
+    fuzz_x509crl
+    fuzz_x509crt
+    fuzz_x509csr
+)
+
+set(executables_with_common_c
+    fuzz_client
+    fuzz_dtlsclient
+    fuzz_dtlsserver
+    fuzz_server
+)
+
+foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
+
+    add_executable(${exe} ${exe}.c)
+
+    if (NOT FUZZINGENGINE_LIB)
+        target_link_libraries(${exe} ${libs})
+        target_sources(${exe} PRIVATE onefile.c)
+    else()
+        target_link_libraries(${exe} ${libs} FuzzingEngine)
+        SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
+    endif()
+
+    # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
+    list(FIND executables_with_common_c ${exe} exe_index)
+    if (${exe_index} GREATER -1)
+        target_sources(${exe} PRIVATE common.c)
+    endif()
+
+endforeach()
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index 3c6cca9d4f..0b4a1c5407 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -1,9 +1,13 @@
-add_executable(hello hello.c)
-target_link_libraries(hello mbedcrypto)
+set(executables
+    generic_sum
+    hello
+)
 
-add_executable(generic_sum generic_sum.c)
-target_link_libraries(generic_sum mbedcrypto)
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} mbedcrypto)
+endforeach()
 
-install(TARGETS hello generic_sum
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index 8456228db0..17a252d888 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -1,63 +1,39 @@
-add_executable(dh_client dh_client.c)
-target_link_libraries(dh_client mbedtls)
+set(executables_mbedtls
+    dh_client
+    dh_server
+)
 
-add_executable(dh_genprime dh_genprime.c)
-target_link_libraries(dh_genprime mbedcrypto)
+foreach(exe IN LISTS executables_mbedtls)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} mbedtls)
+endforeach()
 
-add_executable(dh_server dh_server.c)
-target_link_libraries(dh_server mbedtls)
+set(executables_mbedcrypto
+    dh_genprime
+    ecdh_curve25519
+    ecdsa
+    gen_key
+    key_app
+    key_app_writer
+    mpi_demo
+    pk_encrypt
+    pk_decrypt
+    pk_sign
+    pk_verify
+    rsa_decrypt
+    rsa_encrypt
+    rsa_genkey
+    rsa_sign
+    rsa_sign_pss
+    rsa_verify
+    rsa_verify_pss
+)
 
-add_executable(ecdh_curve25519 ecdh_curve25519.c)
-target_link_libraries(ecdh_curve25519 mbedcrypto)
+foreach(exe IN LISTS executables_mbedcrypto)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} mbedcrypto)
+endforeach()
 
-add_executable(ecdsa ecdsa.c)
-target_link_libraries(ecdsa mbedcrypto)
-
-add_executable(gen_key gen_key.c)
-target_link_libraries(gen_key mbedcrypto)
-
-add_executable(key_app key_app.c)
-target_link_libraries(key_app mbedcrypto)
-
-add_executable(key_app_writer key_app_writer.c)
-target_link_libraries(key_app_writer mbedcrypto)
-
-add_executable(mpi_demo mpi_demo.c)
-target_link_libraries(mpi_demo mbedcrypto)
-
-add_executable(rsa_genkey rsa_genkey.c)
-target_link_libraries(rsa_genkey mbedcrypto)
-
-add_executable(rsa_sign rsa_sign.c)
-target_link_libraries(rsa_sign mbedcrypto)
-
-add_executable(rsa_verify rsa_verify.c)
-target_link_libraries(rsa_verify mbedcrypto)
-
-add_executable(rsa_sign_pss rsa_sign_pss.c)
-target_link_libraries(rsa_sign_pss mbedcrypto)
-
-add_executable(rsa_verify_pss rsa_verify_pss.c)
-target_link_libraries(rsa_verify_pss mbedcrypto)
-
-add_executable(rsa_encrypt rsa_encrypt.c)
-target_link_libraries(rsa_encrypt mbedcrypto)
-
-add_executable(rsa_decrypt rsa_decrypt.c)
-target_link_libraries(rsa_decrypt mbedcrypto)
-
-add_executable(pk_sign pk_sign.c)
-target_link_libraries(pk_sign mbedcrypto)
-
-add_executable(pk_verify pk_verify.c)
-target_link_libraries(pk_verify mbedcrypto)
-
-add_executable(pk_encrypt pk_encrypt.c)
-target_link_libraries(pk_encrypt mbedcrypto)
-
-add_executable(pk_decrypt pk_decrypt.c)
-target_link_libraries(pk_decrypt mbedcrypto)
-
-install(TARGETS dh_client dh_genprime dh_server key_app mpi_demo rsa_genkey rsa_sign rsa_verify rsa_encrypt rsa_decrypt pk_encrypt pk_decrypt pk_sign pk_verify gen_key
+install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
index 4373cebc87..4fe795282d 100644
--- a/programs/psa/CMakeLists.txt
+++ b/programs/psa/CMakeLists.txt
@@ -1,12 +1,15 @@
-add_executable(crypto_examples crypto_examples.c)
-target_link_libraries(crypto_examples mbedtls)
+set(executables
+    crypto_examples
+    key_ladder_demo
+    psa_constant_names
+)
 
-add_executable(key_ladder_demo key_ladder_demo.c)
-target_link_libraries(key_ladder_demo mbedtls)
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} mbedtls)
+endforeach()
 
-add_executable(psa_constant_names psa_constant_names.c)
 target_include_directories(psa_constant_names PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
-target_link_libraries(psa_constant_names mbedtls)
 
 add_custom_target(
     psa_constant_names_generated
@@ -15,10 +18,7 @@ add_custom_target(
 )
 add_dependencies(psa_constant_names psa_constant_names_generated)
 
-install(TARGETS
-            crypto_examples
-            key_ladder_demo
-            psa_constant_names
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
 
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index 630c66e9d2..6ef212cbdb 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -1,12 +1,14 @@
-add_executable(gen_random_havege gen_random_havege.c)
-target_link_libraries(gen_random_havege mbedcrypto)
+set(executables
+    gen_entropy
+    gen_random_ctr_drbg
+    gen_random_havege
+)
 
-add_executable(gen_random_ctr_drbg gen_random_ctr_drbg.c)
-target_link_libraries(gen_random_ctr_drbg mbedcrypto)
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} mbedcrypto)
+endforeach()
 
-add_executable(gen_entropy gen_entropy.c)
-target_link_libraries(gen_entropy mbedcrypto)
-
-install(TARGETS gen_random_havege gen_random_ctr_drbg gen_entropy
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index d6ba2ac2f7..edd8b35428 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -5,7 +5,15 @@ set(libs
     mbedtls
 )
 
-set(targets
+if(USE_PKCS11_HELPER_LIBRARY)
+    set(libs ${libs} pkcs11-helper)
+endif(USE_PKCS11_HELPER_LIBRARY)
+
+if(ENABLE_ZLIB_SUPPORT)
+    set(libs ${libs} ${ZLIB_LIBRARIES})
+endif(ENABLE_ZLIB_SUPPORT)
+
+set(executables
     dtls_client
     dtls_server
     mini_client
@@ -18,52 +26,20 @@ set(targets
     ssl_server2
 )
 
-if(USE_PKCS11_HELPER_LIBRARY)
-    set(libs ${libs} pkcs11-helper)
-endif(USE_PKCS11_HELPER_LIBRARY)
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} ${libs})
+endforeach()
 
-if(ENABLE_ZLIB_SUPPORT)
-    set(libs ${libs} ${ZLIB_LIBRARIES})
-endif(ENABLE_ZLIB_SUPPORT)
-
-add_executable(dtls_client dtls_client.c)
-target_link_libraries(dtls_client ${libs})
-
-add_executable(dtls_server dtls_server.c)
-target_link_libraries(dtls_server ${libs})
-
-add_executable(mini_client mini_client.c)
-target_link_libraries(mini_client ${libs})
-
-add_executable(ssl_client1 ssl_client1.c)
-target_link_libraries(ssl_client1 ${libs})
-
-add_executable(ssl_client2 ssl_client2.c)
 target_sources(ssl_client2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-target_link_libraries(ssl_client2 ${libs})
-
-add_executable(ssl_context_info ssl_context_info.c)
-target_link_libraries(ssl_context_info ${libs})
-
-add_executable(ssl_fork_server ssl_fork_server.c)
-target_link_libraries(ssl_fork_server ${libs})
-
-add_executable(ssl_mail_client ssl_mail_client.c)
-target_link_libraries(ssl_mail_client ${libs})
-
-add_executable(ssl_server ssl_server.c)
-target_link_libraries(ssl_server ${libs})
-
-add_executable(ssl_server2 ssl_server2.c)
 target_sources(ssl_server2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-target_link_libraries(ssl_server2 ${libs})
 
 if(THREADS_FOUND)
     add_executable(ssl_pthread_server ssl_pthread_server.c)
     target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
-    set(targets ${targets} ssl_pthread_server)
+    list(APPEND executables ssl_pthread_server)
 endif(THREADS_FOUND)
 
-install(TARGETS ${targets}
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index ec36d67e69..33a4ee207a 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -10,27 +10,35 @@ if(ENABLE_ZLIB_SUPPORT)
     set(libs ${libs} ${ZLIB_LIBRARIES})
 endif(ENABLE_ZLIB_SUPPORT)
 
-add_executable(selftest selftest.c)
-target_link_libraries(selftest ${libs})
+set(executables_libs
+    selftest
+    udp_proxy
+)
 
-add_executable(benchmark benchmark.c)
-target_link_libraries(benchmark mbedcrypto)
+set(executables_mbedcrypto
+    benchmark
+    query_compile_time_config
+    zeroize
+)
 
 if(TEST_CPP)
-    add_executable(cpp_dummy_build cpp_dummy_build.cpp)
-    target_link_libraries(cpp_dummy_build mbedcrypto)
+    list(APPEND executables_mbedcrypto cpp_dummy_build)
 endif()
 
-add_executable(udp_proxy udp_proxy.c)
-target_link_libraries(udp_proxy ${libs})
+foreach(exe IN LISTS executables_libs executables_mbedcrypto)
+    add_executable(${exe} ${exe}.c)
 
-add_executable(zeroize zeroize.c)
-target_link_libraries(zeroize mbedcrypto)
+    # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
+    list(FIND executables_libs ${exe} exe_index)
+    if (${exe_index} GREATER -1)
+        target_link_libraries(${exe} ${libs})
+    else()
+        target_link_libraries(${exe} mbedcrypto)
+    endif()
+endforeach()
 
-add_executable(query_compile_time_config query_compile_time_config.c)
 target_sources(query_compile_time_config PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
-target_link_libraries(query_compile_time_config mbedcrypto)
 
-install(TARGETS selftest benchmark udp_proxy query_compile_time_config
+install(TARGETS ${executables_libs} ${executables_mbedcrypto}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index 4c3fb0dfaa..0fd6ada002 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -2,12 +2,16 @@ set(libs
     mbedcrypto
 )
 
-add_executable(strerror strerror.c)
-target_link_libraries(strerror ${libs})
+set(executables
+    pem2der
+    strerror
+)
 
-add_executable(pem2der pem2der.c)
-target_link_libraries(pem2der ${libs})
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} ${libs})
+endforeach()
 
-install(TARGETS strerror pem2der
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index 68dec99a00..02d783c270 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -10,21 +10,21 @@ if(ENABLE_ZLIB_SUPPORT)
     set(libs ${libs} ${ZLIB_LIBRARIES})
 endif(ENABLE_ZLIB_SUPPORT)
 
-add_executable(cert_app cert_app.c)
-target_link_libraries(cert_app ${libs} mbedtls)
+set(executables
+    cert_app
+    cert_req
+    cert_write
+    crl_app
+    req_app
+)
 
-add_executable(crl_app crl_app.c)
-target_link_libraries(crl_app ${libs})
+foreach(exe IN LISTS executables)
+    add_executable(${exe} ${exe}.c)
+    target_link_libraries(${exe} ${libs})
+endforeach()
 
-add_executable(req_app req_app.c)
-target_link_libraries(req_app ${libs})
+target_link_libraries(cert_app mbedtls)
 
-add_executable(cert_req cert_req.c)
-target_link_libraries(cert_req ${libs})
-
-add_executable(cert_write cert_write.c)
-target_link_libraries(cert_write ${libs})
-
-install(TARGETS cert_app crl_app req_app cert_req cert_write
+install(TARGETS ${executables}
         DESTINATION "bin"
         PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)

From ddaf99c9d4f6d2db4814459c09860a343b09e189 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 19 Jun 2020 11:27:26 +0200
Subject: [PATCH 31/46] build: Add top-level mbedtls_test target

In preparation of linking common test objects in programs,
add the top-level mbedtls_test target.

This target consists of the common test objects.

It is necessary to declare it at the top-level as both
tests and programs will depend on it and it is necessary
to synchronize the compilation of those objects for tests
and programs for the case of parallel building.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 CMakeLists.txt       | 9 +++++++++
 Makefile             | 7 +++++--
 tests/CMakeLists.txt | 7 -------
 tests/Makefile       | 2 ++
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 7838525495..af7400c9ff 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -238,6 +238,15 @@ list(APPEND libs ${thirdparty_lib})
 
 add_subdirectory(library)
 
+if(ENABLE_TESTING OR ENABLE_PROGRAMS)
+    file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c)
+    add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
+    target_include_directories(mbedtls_test
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
+        PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library)
+endif()
+
 if(ENABLE_PROGRAMS)
     add_subdirectory(programs)
 endif()
diff --git a/Makefile b/Makefile
index 5ac5a53f62..d00183e5a1 100644
--- a/Makefile
+++ b/Makefile
@@ -10,15 +10,18 @@ all: programs tests
 
 no_test: programs
 
-programs: lib
+programs: lib mbedtls_test
 	$(MAKE) -C programs
 
 lib:
 	$(MAKE) -C library
 
-tests: lib
+tests: lib mbedtls_test
 	$(MAKE) -C tests
 
+mbedtls_test:
+	$(MAKE) -C tests mbedtls_test
+
 ifndef WINDOWS
 install: no_test
 	mkdir -p $(DESTDIR)/include/mbedtls
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index ce608c3a29..8a74c6bfbb 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -69,13 +69,6 @@ if(MSVC)
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX-")
 endif(MSVC)
 
-file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/src/*.c)
-add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})
-target_include_directories(mbedtls_test
-    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
-    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../include
-    PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
-
 add_test_suite(aes aes.cbc)
 add_test_suite(aes aes.cfb)
 add_test_suite(aes aes.ecb)
diff --git a/tests/Makefile b/tests/Makefile
index 68f85d2d3c..80c84fa195 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -79,6 +79,8 @@ $(MBEDLIBS):
 
 MBEDTLS_TEST_OBJS=$(patsubst %.c,%.o,$(wildcard src/*.c))
 
+mbedtls_test: $(MBEDTLS_TEST_OBJS)
+
 # Rule to compile common test C files in src folder
 src/%.o : src/%.c
 	echo "  CC    $<"

From 8dc0af2d4bbca3e09ad5ce5303a7fbe206cf5d1d Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 5 Jun 2020 16:00:22 +0200
Subject: [PATCH 32/46] programs: Link to tests common code

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/Makefile                             | 20 +++++++++++++------
 programs/aes/CMakeLists.txt                   |  2 +-
 programs/fuzz/CMakeLists.txt                  |  2 +-
 programs/fuzz/Makefile                        |  7 +++++--
 programs/hash/CMakeLists.txt                  |  2 +-
 programs/pkey/CMakeLists.txt                  |  4 ++--
 programs/psa/CMakeLists.txt                   |  3 ++-
 programs/random/CMakeLists.txt                |  2 +-
 programs/ssl/CMakeLists.txt                   |  5 +++--
 programs/test/CMakeLists.txt                  |  2 +-
 programs/util/CMakeLists.txt                  |  2 +-
 programs/x509/CMakeLists.txt                  |  2 +-
 scripts/generate_visualc_files.pl             |  7 +++++++
 visualc/VS2010/aescrypt2.vcxproj              |  8 ++++----
 visualc/VS2010/benchmark.vcxproj              |  8 ++++----
 visualc/VS2010/cert_app.vcxproj               |  8 ++++----
 visualc/VS2010/cert_req.vcxproj               |  8 ++++----
 visualc/VS2010/cert_write.vcxproj             |  8 ++++----
 visualc/VS2010/crl_app.vcxproj                |  8 ++++----
 visualc/VS2010/crypt_and_hash.vcxproj         |  8 ++++----
 visualc/VS2010/crypto_examples.vcxproj        |  8 ++++----
 visualc/VS2010/dh_client.vcxproj              |  8 ++++----
 visualc/VS2010/dh_genprime.vcxproj            |  8 ++++----
 visualc/VS2010/dh_server.vcxproj              |  8 ++++----
 visualc/VS2010/dtls_client.vcxproj            |  8 ++++----
 visualc/VS2010/dtls_server.vcxproj            |  8 ++++----
 visualc/VS2010/ecdh_curve25519.vcxproj        |  8 ++++----
 visualc/VS2010/ecdsa.vcxproj                  |  8 ++++----
 visualc/VS2010/gen_entropy.vcxproj            |  8 ++++----
 visualc/VS2010/gen_key.vcxproj                |  8 ++++----
 visualc/VS2010/gen_random_ctr_drbg.vcxproj    |  8 ++++----
 visualc/VS2010/gen_random_havege.vcxproj      |  8 ++++----
 visualc/VS2010/generic_sum.vcxproj            |  8 ++++----
 visualc/VS2010/hello.vcxproj                  |  8 ++++----
 visualc/VS2010/key_app.vcxproj                |  8 ++++----
 visualc/VS2010/key_app_writer.vcxproj         |  8 ++++----
 visualc/VS2010/key_ladder_demo.vcxproj        |  8 ++++----
 visualc/VS2010/mbedTLS.vcxproj                | 15 ++++++++++----
 visualc/VS2010/mini_client.vcxproj            |  8 ++++----
 visualc/VS2010/mpi_demo.vcxproj               |  8 ++++----
 visualc/VS2010/pem2der.vcxproj                |  8 ++++----
 visualc/VS2010/pk_decrypt.vcxproj             |  8 ++++----
 visualc/VS2010/pk_encrypt.vcxproj             |  8 ++++----
 visualc/VS2010/pk_sign.vcxproj                |  8 ++++----
 visualc/VS2010/pk_verify.vcxproj              |  8 ++++----
 visualc/VS2010/psa_constant_names.vcxproj     |  8 ++++----
 .../VS2010/query_compile_time_config.vcxproj  |  8 ++++----
 visualc/VS2010/req_app.vcxproj                |  8 ++++----
 visualc/VS2010/rsa_decrypt.vcxproj            |  8 ++++----
 visualc/VS2010/rsa_encrypt.vcxproj            |  8 ++++----
 visualc/VS2010/rsa_genkey.vcxproj             |  8 ++++----
 visualc/VS2010/rsa_sign.vcxproj               |  8 ++++----
 visualc/VS2010/rsa_sign_pss.vcxproj           |  8 ++++----
 visualc/VS2010/rsa_verify.vcxproj             |  8 ++++----
 visualc/VS2010/rsa_verify_pss.vcxproj         |  8 ++++----
 visualc/VS2010/selftest.vcxproj               |  8 ++++----
 visualc/VS2010/ssl_client1.vcxproj            |  8 ++++----
 visualc/VS2010/ssl_client2.vcxproj            |  8 ++++----
 visualc/VS2010/ssl_context_info.vcxproj       |  8 ++++----
 visualc/VS2010/ssl_fork_server.vcxproj        |  8 ++++----
 visualc/VS2010/ssl_mail_client.vcxproj        |  8 ++++----
 visualc/VS2010/ssl_server.vcxproj             |  8 ++++----
 visualc/VS2010/ssl_server2.vcxproj            |  8 ++++----
 visualc/VS2010/strerror.vcxproj               |  8 ++++----
 visualc/VS2010/udp_proxy.vcxproj              |  8 ++++----
 visualc/VS2010/zeroize.vcxproj                |  8 ++++----
 66 files changed, 259 insertions(+), 232 deletions(-)

diff --git a/programs/Makefile b/programs/Makefile
index 31e431b6a5..f9c260867b 100644
--- a/programs/Makefile
+++ b/programs/Makefile
@@ -7,9 +7,13 @@ WARNING_CFLAGS ?= -Wall -Wextra
 WARNING_CXXFLAGS ?= -Wall -Wextra
 LDFLAGS ?=
 
-LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../include -D_FILE_OFFSET_BITS=64
+MBEDTLS_TEST_PATH:=../tests/src
+MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c))
+
+LOCAL_CFLAGS = $(WARNING_CFLAGS) -I../tests/include -I../include -D_FILE_OFFSET_BITS=64
 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../library 			\
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} 		\
+		-L../library 			\
 		-lmbedtls$(SHARED_SUFFIX)	\
 		-lmbedx509$(SHARED_SUFFIX)	\
 		-lmbedcrypto$(SHARED_SUFFIX)
@@ -18,10 +22,11 @@ include ../3rdparty/Makefile.inc
 LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
 
 ifndef SHARED
-DEP=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
+MBEDLIBS=../library/libmbedcrypto.a ../library/libmbedx509.a ../library/libmbedtls.a
 else
-DEP=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
+MBEDLIBS=../library/libmbedcrypto.$(DLEXT) ../library/libmbedx509.$(DLEXT) ../library/libmbedtls.$(DLEXT)
 endif
+DEP=${MBEDLIBS} ${MBEDTLS_TEST_OBJS}
 
 ifdef DEBUG
 LOCAL_CFLAGS += -g3
@@ -127,12 +132,15 @@ ifndef WINDOWS
 all: fuzz
 endif
 
-fuzz:
+fuzz: ${MBEDTLS_TEST_OBJS}
 	$(MAKE) -C fuzz THIRDPARTY_INCLUDES=$(THIRDPARTY_INCLUDES)
 
-$(DEP):
+$(MBEDLIBS):
 	$(MAKE) -C ../library
 
+${MBEDTLS_TEST_OBJS}:
+	$(MAKE) -C ../tests mbedtls_test
+
 ifdef WINDOWS
 EXTRA_GENERATED += psa\psa_constant_names_generated.c
 else
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 761531daeb..2309789a6f 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -4,7 +4,7 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} mbedcrypto)
 endforeach()
 
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index 9d4043a401..e2b0eace21 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -32,7 +32,7 @@ set(executables_with_common_c
 
 foreach(exe IN LISTS executables_no_common_c executables_with_common_c)
 
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
 
     if (NOT FUZZINGENGINE_LIB)
         target_link_libraries(${exe} ${libs})
diff --git a/programs/fuzz/Makefile b/programs/fuzz/Makefile
index 24dc7bad73..8196f39303 100644
--- a/programs/fuzz/Makefile
+++ b/programs/fuzz/Makefile
@@ -1,6 +1,9 @@
+MBEDTLS_TEST_PATH:=../../tests/src
+MBEDTLS_TEST_OBJS:=$(patsubst %.c,%.o,$(wildcard ${MBEDTLS_TEST_PATH}/*.c))
 
-LOCAL_CFLAGS = -I../../include -D_FILE_OFFSET_BITS=64
-LOCAL_LDFLAGS = -L../../library			\
+LOCAL_CFLAGS = -I../../tests/include -I../../include -D_FILE_OFFSET_BITS=64
+LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS}		\
+		-L../../library			\
 		-lmbedtls$(SHARED_SUFFIX)	\
 		-lmbedx509$(SHARED_SUFFIX)	\
 		-lmbedcrypto$(SHARED_SUFFIX)
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index 0b4a1c5407..ae294798ba 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -4,7 +4,7 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} mbedcrypto)
 endforeach()
 
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index 17a252d888..b4b3d30427 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -4,7 +4,7 @@ set(executables_mbedtls
 )
 
 foreach(exe IN LISTS executables_mbedtls)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} mbedtls)
 endforeach()
 
@@ -30,7 +30,7 @@ set(executables_mbedcrypto
 )
 
 foreach(exe IN LISTS executables_mbedcrypto)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} mbedcrypto)
 endforeach()
 
diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
index 4fe795282d..6ad6dadc4e 100644
--- a/programs/psa/CMakeLists.txt
+++ b/programs/psa/CMakeLists.txt
@@ -5,8 +5,9 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} mbedtls)
+    target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
 endforeach()
 
 target_include_directories(psa_constant_names PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index 6ef212cbdb..95acb7e103 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -5,7 +5,7 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} mbedcrypto)
 endforeach()
 
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index edd8b35428..28fbfc5a75 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -27,15 +27,16 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} ${libs})
+    target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
 endforeach()
 
 target_sources(ssl_client2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
 target_sources(ssl_server2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
 
 if(THREADS_FOUND)
-    add_executable(ssl_pthread_server ssl_pthread_server.c)
+    add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(ssl_pthread_server ${libs} ${CMAKE_THREAD_LIBS_INIT})
     list(APPEND executables ssl_pthread_server)
 endif(THREADS_FOUND)
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 33a4ee207a..0df0becd97 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -26,7 +26,7 @@ if(TEST_CPP)
 endif()
 
 foreach(exe IN LISTS executables_libs executables_mbedcrypto)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
 
     # This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
     list(FIND executables_libs ${exe} exe_index)
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index 0fd6ada002..cb14a3ee65 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -8,7 +8,7 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} ${libs})
 endforeach()
 
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index 02d783c270..f7b5fe1d9e 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -19,7 +19,7 @@ set(executables
 )
 
 foreach(exe IN LISTS executables)
-    add_executable(${exe} ${exe}.c)
+    add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
     target_link_libraries(${exe} ${libs})
 endforeach()
 
diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl
index d72d19dad7..8bf8de99e9 100755
--- a/scripts/generate_visualc_files.pl
+++ b/scripts/generate_visualc_files.pl
@@ -39,6 +39,8 @@ my $programs_dir = 'programs';
 my $mbedtls_header_dir = 'include/mbedtls';
 my $psa_header_dir = 'include/psa';
 my $source_dir = 'library';
+my $test_source_dir = 'tests/src';
+my $test_header_dir = 'tests/include/test';
 
 my @thirdparty_header_dirs = qw(
     3rdparty/everest/include/everest
@@ -58,6 +60,7 @@ my @include_directories = qw(
     3rdparty/everest/include/everest
     3rdparty/everest/include/everest/vs2010
     3rdparty/everest/include/everest/kremlib
+    tests/include
 );
 my $include_directories = join(';', map {"../../$_"} @include_directories);
 
@@ -104,6 +107,8 @@ sub check_dirs {
         && -d $mbedtls_header_dir
         && -d $psa_header_dir
         && -d $source_dir
+        && -d $test_source_dir
+        && -d $test_header_dir
         && -d $programs_dir;
 }
 
@@ -249,12 +254,14 @@ sub main {
     my @header_dirs = (
                        $mbedtls_header_dir,
                        $psa_header_dir,
+                       $test_header_dir,
                        $source_dir,
                        @thirdparty_header_dirs,
                       );
     my @headers = (map { <$_/*.h> } @header_dirs);
     my @source_dirs = (
                        $source_dir,
+                       $test_source_dir,
                        @thirdparty_source_dirs,
                       );
     my @sources = (map { <$_/*.c> } @source_dirs);
diff --git a/visualc/VS2010/aescrypt2.vcxproj b/visualc/VS2010/aescrypt2.vcxproj
index 3ae59dcc3e..0707e12453 100644
--- a/visualc/VS2010/aescrypt2.vcxproj
+++ b/visualc/VS2010/aescrypt2.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/benchmark.vcxproj b/visualc/VS2010/benchmark.vcxproj
index 2836f1477c..0be32fc5aa 100644
--- a/visualc/VS2010/benchmark.vcxproj
+++ b/visualc/VS2010/benchmark.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/cert_app.vcxproj b/visualc/VS2010/cert_app.vcxproj
index 84ec4b7a84..3fbcb52a52 100644
--- a/visualc/VS2010/cert_app.vcxproj
+++ b/visualc/VS2010/cert_app.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/cert_req.vcxproj b/visualc/VS2010/cert_req.vcxproj
index c45125cb6c..41fdf31a3b 100644
--- a/visualc/VS2010/cert_req.vcxproj
+++ b/visualc/VS2010/cert_req.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/cert_write.vcxproj b/visualc/VS2010/cert_write.vcxproj
index 982e4121b3..f1f93ea371 100644
--- a/visualc/VS2010/cert_write.vcxproj
+++ b/visualc/VS2010/cert_write.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/crl_app.vcxproj b/visualc/VS2010/crl_app.vcxproj
index 5a7c854dc2..4b8b2168f4 100644
--- a/visualc/VS2010/crl_app.vcxproj
+++ b/visualc/VS2010/crl_app.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/crypt_and_hash.vcxproj b/visualc/VS2010/crypt_and_hash.vcxproj
index 0c955873fd..885935bdff 100644
--- a/visualc/VS2010/crypt_and_hash.vcxproj
+++ b/visualc/VS2010/crypt_and_hash.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/crypto_examples.vcxproj b/visualc/VS2010/crypto_examples.vcxproj
index 65826bd297..3899f0ec32 100644
--- a/visualc/VS2010/crypto_examples.vcxproj
+++ b/visualc/VS2010/crypto_examples.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dh_client.vcxproj b/visualc/VS2010/dh_client.vcxproj
index c778e8ada3..043ab1afc1 100644
--- a/visualc/VS2010/dh_client.vcxproj
+++ b/visualc/VS2010/dh_client.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dh_genprime.vcxproj b/visualc/VS2010/dh_genprime.vcxproj
index 3b4fead52d..f0366cb248 100644
--- a/visualc/VS2010/dh_genprime.vcxproj
+++ b/visualc/VS2010/dh_genprime.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dh_server.vcxproj b/visualc/VS2010/dh_server.vcxproj
index bf930def6d..5a986bc57c 100644
--- a/visualc/VS2010/dh_server.vcxproj
+++ b/visualc/VS2010/dh_server.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dtls_client.vcxproj b/visualc/VS2010/dtls_client.vcxproj
index 5bd7a8a94d..3fd65456de 100644
--- a/visualc/VS2010/dtls_client.vcxproj
+++ b/visualc/VS2010/dtls_client.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/dtls_server.vcxproj b/visualc/VS2010/dtls_server.vcxproj
index ce0c6da188..b10ec4df5e 100644
--- a/visualc/VS2010/dtls_server.vcxproj
+++ b/visualc/VS2010/dtls_server.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ecdh_curve25519.vcxproj b/visualc/VS2010/ecdh_curve25519.vcxproj
index 32eda340e6..578e43b626 100644
--- a/visualc/VS2010/ecdh_curve25519.vcxproj
+++ b/visualc/VS2010/ecdh_curve25519.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ecdsa.vcxproj b/visualc/VS2010/ecdsa.vcxproj
index 49d54c6d84..f7ad2e9227 100644
--- a/visualc/VS2010/ecdsa.vcxproj
+++ b/visualc/VS2010/ecdsa.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_entropy.vcxproj b/visualc/VS2010/gen_entropy.vcxproj
index 61942c995e..b7e45f9789 100644
--- a/visualc/VS2010/gen_entropy.vcxproj
+++ b/visualc/VS2010/gen_entropy.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_key.vcxproj b/visualc/VS2010/gen_key.vcxproj
index e6ce33ee8d..fa026141cf 100644
--- a/visualc/VS2010/gen_key.vcxproj
+++ b/visualc/VS2010/gen_key.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_random_ctr_drbg.vcxproj b/visualc/VS2010/gen_random_ctr_drbg.vcxproj
index b7a7823dbf..a385841a06 100644
--- a/visualc/VS2010/gen_random_ctr_drbg.vcxproj
+++ b/visualc/VS2010/gen_random_ctr_drbg.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/gen_random_havege.vcxproj b/visualc/VS2010/gen_random_havege.vcxproj
index 3c5eb67b57..d4c008acc5 100644
--- a/visualc/VS2010/gen_random_havege.vcxproj
+++ b/visualc/VS2010/gen_random_havege.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/generic_sum.vcxproj b/visualc/VS2010/generic_sum.vcxproj
index b049916432..faad77596a 100644
--- a/visualc/VS2010/generic_sum.vcxproj
+++ b/visualc/VS2010/generic_sum.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/hello.vcxproj b/visualc/VS2010/hello.vcxproj
index ecdabf1e90..6a81d914e9 100644
--- a/visualc/VS2010/hello.vcxproj
+++ b/visualc/VS2010/hello.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/key_app.vcxproj b/visualc/VS2010/key_app.vcxproj
index aca1a03075..bba584170a 100644
--- a/visualc/VS2010/key_app.vcxproj
+++ b/visualc/VS2010/key_app.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/key_app_writer.vcxproj b/visualc/VS2010/key_app_writer.vcxproj
index 64f2e27a08..0d7013796d 100644
--- a/visualc/VS2010/key_app_writer.vcxproj
+++ b/visualc/VS2010/key_app_writer.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/key_ladder_demo.vcxproj b/visualc/VS2010/key_ladder_demo.vcxproj
index a3b6b4a7ac..8584aee758 100644
--- a/visualc/VS2010/key_ladder_demo.vcxproj
+++ b/visualc/VS2010/key_ladder_demo.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 11c7e38f2a..98b99138f8 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -84,7 +84,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
       <CompileAs>CompileAsC</CompileAs>
     </ClCompile>
     <Link>
@@ -98,7 +98,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
       <CompileAs>CompileAsC</CompileAs>
     </ClCompile>
     <Link>
@@ -114,7 +114,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Windows</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>WIN64;NDEBUG;_WINDOWS;_USRDLL;MBEDTLS_EXPORTS;KRML_VERIFIED_UINT128;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Windows</SubSystem>
@@ -232,6 +232,11 @@
     <ClInclude Include="..\..\include\psa\crypto_struct.h" />
     <ClInclude Include="..\..\include\psa\crypto_types.h" />
     <ClInclude Include="..\..\include\psa\crypto_values.h" />
+    <ClInclude Include="..\..\tests\include\test\helpers.h" />
+    <ClInclude Include="..\..\tests\include\test\macros.h" />
+    <ClInclude Include="..\..\tests\include\test\psa_crypto_helpers.h" />
+    <ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
+    <ClInclude Include="..\..\tests\include\test\random.h" />
     <ClInclude Include="..\..\library\common.h" />
     <ClInclude Include="..\..\library\psa_crypto_core.h" />
     <ClInclude Include="..\..\library\psa_crypto_invasive.h" />
@@ -330,6 +335,8 @@
     <ClCompile Include="..\..\library\x509write_crt.c" />
     <ClCompile Include="..\..\library\x509write_csr.c" />
     <ClCompile Include="..\..\library\xtea.c" />
+    <ClCompile Include="..\..\tests\src\helpers.c" />
+    <ClCompile Include="..\..\tests\src\random.c" />
     <ClCompile Include="..\..\3rdparty\everest\library\everest.c" />
     <ClCompile Include="..\..\3rdparty\everest\library\Hacl_Curve25519_joined.c" />
     <ClCompile Include="..\..\3rdparty\everest\library\x25519.c" />
diff --git a/visualc/VS2010/mini_client.vcxproj b/visualc/VS2010/mini_client.vcxproj
index 50f4b22b4c..e4ee166bf7 100644
--- a/visualc/VS2010/mini_client.vcxproj
+++ b/visualc/VS2010/mini_client.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/mpi_demo.vcxproj b/visualc/VS2010/mpi_demo.vcxproj
index 2fe56c5f1a..b0fee89c37 100644
--- a/visualc/VS2010/mpi_demo.vcxproj
+++ b/visualc/VS2010/mpi_demo.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pem2der.vcxproj b/visualc/VS2010/pem2der.vcxproj
index 4c854a655e..84c2e8c0aa 100644
--- a/visualc/VS2010/pem2der.vcxproj
+++ b/visualc/VS2010/pem2der.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_decrypt.vcxproj b/visualc/VS2010/pk_decrypt.vcxproj
index 360f2c3613..da3e8d8e09 100644
--- a/visualc/VS2010/pk_decrypt.vcxproj
+++ b/visualc/VS2010/pk_decrypt.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_encrypt.vcxproj b/visualc/VS2010/pk_encrypt.vcxproj
index 20d663a537..829e072344 100644
--- a/visualc/VS2010/pk_encrypt.vcxproj
+++ b/visualc/VS2010/pk_encrypt.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_sign.vcxproj b/visualc/VS2010/pk_sign.vcxproj
index ad33afa1ee..d93d11469f 100644
--- a/visualc/VS2010/pk_sign.vcxproj
+++ b/visualc/VS2010/pk_sign.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/pk_verify.vcxproj b/visualc/VS2010/pk_verify.vcxproj
index 8856dc2104..5933b92587 100644
--- a/visualc/VS2010/pk_verify.vcxproj
+++ b/visualc/VS2010/pk_verify.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/psa_constant_names.vcxproj b/visualc/VS2010/psa_constant_names.vcxproj
index 418c8fb33d..d35dd19a14 100644
--- a/visualc/VS2010/psa_constant_names.vcxproj
+++ b/visualc/VS2010/psa_constant_names.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/query_compile_time_config.vcxproj b/visualc/VS2010/query_compile_time_config.vcxproj
index de793db2ce..d0e0a6df6f 100644
--- a/visualc/VS2010/query_compile_time_config.vcxproj
+++ b/visualc/VS2010/query_compile_time_config.vcxproj
@@ -94,7 +94,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -112,7 +112,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -132,7 +132,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -151,7 +151,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/req_app.vcxproj b/visualc/VS2010/req_app.vcxproj
index 9259871955..900e415fb1 100644
--- a/visualc/VS2010/req_app.vcxproj
+++ b/visualc/VS2010/req_app.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_decrypt.vcxproj b/visualc/VS2010/rsa_decrypt.vcxproj
index e7fe01b0f6..188b17efda 100644
--- a/visualc/VS2010/rsa_decrypt.vcxproj
+++ b/visualc/VS2010/rsa_decrypt.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_encrypt.vcxproj b/visualc/VS2010/rsa_encrypt.vcxproj
index 6e1b96b10c..a44f676d70 100644
--- a/visualc/VS2010/rsa_encrypt.vcxproj
+++ b/visualc/VS2010/rsa_encrypt.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_genkey.vcxproj b/visualc/VS2010/rsa_genkey.vcxproj
index 1038db5da6..35b27b7a38 100644
--- a/visualc/VS2010/rsa_genkey.vcxproj
+++ b/visualc/VS2010/rsa_genkey.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_sign.vcxproj b/visualc/VS2010/rsa_sign.vcxproj
index b1bd170acb..90a7ac8cb8 100644
--- a/visualc/VS2010/rsa_sign.vcxproj
+++ b/visualc/VS2010/rsa_sign.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_sign_pss.vcxproj b/visualc/VS2010/rsa_sign_pss.vcxproj
index 500788199f..5d2ac82081 100644
--- a/visualc/VS2010/rsa_sign_pss.vcxproj
+++ b/visualc/VS2010/rsa_sign_pss.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_verify.vcxproj b/visualc/VS2010/rsa_verify.vcxproj
index 34097535cc..a413ba8ca7 100644
--- a/visualc/VS2010/rsa_verify.vcxproj
+++ b/visualc/VS2010/rsa_verify.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/rsa_verify_pss.vcxproj b/visualc/VS2010/rsa_verify_pss.vcxproj
index 47699586fb..369b14514c 100644
--- a/visualc/VS2010/rsa_verify_pss.vcxproj
+++ b/visualc/VS2010/rsa_verify_pss.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/selftest.vcxproj b/visualc/VS2010/selftest.vcxproj
index 3dcc8c812c..6feb5936f3 100644
--- a/visualc/VS2010/selftest.vcxproj
+++ b/visualc/VS2010/selftest.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_client1.vcxproj b/visualc/VS2010/ssl_client1.vcxproj
index cdf9ec86be..860334e4a4 100644
--- a/visualc/VS2010/ssl_client1.vcxproj
+++ b/visualc/VS2010/ssl_client1.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_client2.vcxproj b/visualc/VS2010/ssl_client2.vcxproj
index e9505509ab..9021602b62 100644
--- a/visualc/VS2010/ssl_client2.vcxproj
+++ b/visualc/VS2010/ssl_client2.vcxproj
@@ -94,7 +94,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -112,7 +112,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -132,7 +132,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -151,7 +151,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_context_info.vcxproj b/visualc/VS2010/ssl_context_info.vcxproj
index ff1ba985e5..1c98d34bf7 100644
--- a/visualc/VS2010/ssl_context_info.vcxproj
+++ b/visualc/VS2010/ssl_context_info.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_fork_server.vcxproj b/visualc/VS2010/ssl_fork_server.vcxproj
index 7a18c9903b..6d44ef0795 100644
--- a/visualc/VS2010/ssl_fork_server.vcxproj
+++ b/visualc/VS2010/ssl_fork_server.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_mail_client.vcxproj b/visualc/VS2010/ssl_mail_client.vcxproj
index 37dad21976..e2253c665e 100644
--- a/visualc/VS2010/ssl_mail_client.vcxproj
+++ b/visualc/VS2010/ssl_mail_client.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_server.vcxproj b/visualc/VS2010/ssl_server.vcxproj
index f0038d7c1c..23ad7ecc87 100644
--- a/visualc/VS2010/ssl_server.vcxproj
+++ b/visualc/VS2010/ssl_server.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/ssl_server2.vcxproj b/visualc/VS2010/ssl_server2.vcxproj
index b8788ef018..61eedaaa07 100644
--- a/visualc/VS2010/ssl_server2.vcxproj
+++ b/visualc/VS2010/ssl_server2.vcxproj
@@ -94,7 +94,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -112,7 +112,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -132,7 +132,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -151,7 +151,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/strerror.vcxproj b/visualc/VS2010/strerror.vcxproj
index 31e19bb9bc..9e70decd97 100644
--- a/visualc/VS2010/strerror.vcxproj
+++ b/visualc/VS2010/strerror.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/udp_proxy.vcxproj b/visualc/VS2010/udp_proxy.vcxproj
index 6b2ed3677f..69678f635d 100644
--- a/visualc/VS2010/udp_proxy.vcxproj
+++ b/visualc/VS2010/udp_proxy.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
diff --git a/visualc/VS2010/zeroize.vcxproj b/visualc/VS2010/zeroize.vcxproj
index 4fa6bacc0e..9e0746de9a 100644
--- a/visualc/VS2010/zeroize.vcxproj
+++ b/visualc/VS2010/zeroize.vcxproj
@@ -93,7 +93,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -111,7 +111,7 @@
       <Optimization>Disabled</Optimization>
       <PreprocessorDefinitions>%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -131,7 +131,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>
@@ -150,7 +150,7 @@
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <AdditionalIncludeDirectories>
-../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib      </AdditionalIncludeDirectories>
+../../include;../../3rdparty/everest/include/;../../3rdparty/everest/include/everest;../../3rdparty/everest/include/everest/vs2010;../../3rdparty/everest/include/everest/kremlib;../../tests/include      </AdditionalIncludeDirectories>
     </ClCompile>
     <Link>
       <SubSystem>Console</SubSystem>

From e85a2c30bda68ea921ef7a132f2cb0a986636624 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 09:15:09 +0200
Subject: [PATCH 33/46] tests: aria: Prepare to char* to data_t* type change

In preparation of changing the type of some parameters
of some test functions from `char *` to `data_t` to get
rid of the calls to mbedtls_test_unhexify():

- Align the name of source data length local variable
  with the name of the local variable containing the
  source data, respectively src_str and src_str_len.
- Change the type of length, index local variables
  from int to size_t.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_aria.function | 64 +++++++++++++--------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function
index 89de82f934..d8a2971b4b 100644
--- a/tests/suites/test_suite_aria.function
+++ b/tests/suites/test_suite_aria.function
@@ -214,7 +214,7 @@ void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string,
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    int key_len, data_len, i;
+    size_t key_len, src_str_len, i;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( src_str, 0x00, sizeof( src_str ) );
@@ -223,18 +223,18 @@ void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string,
     mbedtls_aria_init( &ctx );
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 )
                  == setkey_result );
     if( setkey_result == 0 )
     {
-        for( i = 0; i < data_len; i += MBEDTLS_ARIA_BLOCKSIZE )
+        for( i = 0; i < src_str_len; i += MBEDTLS_ARIA_BLOCKSIZE )
         {
             TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str + i, output + i )
                                                  == 0 );
         }
-        mbedtls_test_hexify( dst_str, output, data_len );
+        mbedtls_test_hexify( dst_str, output, src_str_len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -253,7 +253,7 @@ void aria_decrypt_ecb( char *hex_key_string, char *hex_src_string,
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    int key_len, data_len, i;
+    size_t key_len, src_str_len, i;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( src_str, 0x00, sizeof( src_str ) );
@@ -262,18 +262,18 @@ void aria_decrypt_ecb( char *hex_key_string, char *hex_src_string,
     mbedtls_aria_init( &ctx );
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 )
                  == setkey_result );
     if( setkey_result == 0 )
     {
-        for( i = 0; i < data_len; i += MBEDTLS_ARIA_BLOCKSIZE )
+        for( i = 0; i < src_str_len; i += MBEDTLS_ARIA_BLOCKSIZE )
         {
             TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str + i, output + i )
                          == 0 );
         }
-        mbedtls_test_hexify( dst_str, output, data_len );
+        mbedtls_test_hexify( dst_str, output, src_str_len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -294,7 +294,7 @@ void aria_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    int key_len, data_len;
+    size_t key_len, src_str_len;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
@@ -305,15 +305,15 @@ void aria_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, data_len,
+    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, src_str_len,
                                          iv_str, src_str, output )
                  == cbc_result );
     if( cbc_result == 0 )
     {
-        mbedtls_test_hexify( dst_str, output, data_len );
+        mbedtls_test_hexify( dst_str, output, src_str_len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -334,7 +334,7 @@ void aria_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    int key_len, data_len;
+    size_t key_len, src_str_len;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
@@ -345,15 +345,15 @@ void aria_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, data_len,
+    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, src_str_len,
                                          iv_str, src_str, output )
                  == cbc_result );
     if( cbc_result == 0 )
     {
-        mbedtls_test_hexify( dst_str, output, data_len );
+        mbedtls_test_hexify( dst_str, output, src_str_len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -375,7 +375,7 @@ void aria_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    int key_len, data_len;
+    size_t key_len, src_str_len;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
@@ -386,14 +386,14 @@ void aria_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
     TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT,
-                                            data_len, &iv_offset, iv_str,
+                                            src_str_len, &iv_offset, iv_str,
                                             src_str, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, data_len );
+    mbedtls_test_hexify( dst_str, output, src_str_len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
@@ -414,7 +414,7 @@ void aria_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    int key_len, data_len;
+    size_t key_len, src_str_len;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
@@ -425,14 +425,14 @@ void aria_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
     TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT,
-                                            data_len, &iv_offset, iv_str,
+                                            src_str_len, &iv_offset, iv_str,
                                             src_str, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, data_len );
+    mbedtls_test_hexify( dst_str, output, src_str_len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
@@ -454,7 +454,7 @@ void aria_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
     unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    int key_len, data_len;
+    size_t key_len, src_str_len;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
@@ -465,13 +465,13 @@ void aria_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, data_len, &iv_offset, iv_str,
+    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str_len, &iv_offset, iv_str,
                                          blk, src_str, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, data_len );
+    mbedtls_test_hexify( dst_str, output, src_str_len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
@@ -493,7 +493,7 @@ void aria_decrypt_ctr( char *hex_key_string, char *hex_iv_string,
     unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    int key_len, data_len;
+    size_t key_len, src_str_len;
 
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
@@ -504,13 +504,13 @@ void aria_decrypt_ctr( char *hex_key_string, char *hex_iv_string,
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
-    data_len = mbedtls_test_unhexify( src_str, hex_src_string );
+    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
 
     mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, data_len, &iv_offset, iv_str,
+    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str_len, &iv_offset, iv_str,
                                          blk, src_str, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, data_len );
+    mbedtls_test_hexify( dst_str, output, src_str_len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 

From 4030833bfe0c0b4dc7836c65b1a67ed501744735 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 10:26:42 +0200
Subject: [PATCH 34/46] tests: hkdf: Prepare to char* to data_t* type change

In preparation of changing the type of some parameters
of test_hkdf() from `char *` to `data_t` to get rid of the
calls to mbedtls_test_unhexify():

- Align naming of variables related to the expected okm
- Rename `okm_hex[]` to `okm_string[]`
- Added TEST_ASSERT( expected_okm_len <= sizeof( okm ) ) to check
  that the okm[] buffer is large enough for the okm output.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_hkdf.function | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function
index 47e8ee63fa..0aefca5615 100644
--- a/tests/suites/test_suite_hkdf.function
+++ b/tests/suites/test_suite_hkdf.function
@@ -10,20 +10,20 @@
 
 /* BEGIN_CASE */
 void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string,
-                char *hex_info_string, char *hex_okm_string )
+                char *hex_info_string, char *hex_expected_okm_string )
 {
     int ret;
-    size_t ikm_len, salt_len, info_len, okm_len;
+    size_t ikm_len, salt_len, info_len, expected_okm_len;
     unsigned char ikm[128] = { '\0' };
     unsigned char salt[128] = { '\0' };
     unsigned char info[128] = { '\0' };
     unsigned char expected_okm[128] = { '\0' };
     unsigned char okm[128] = { '\0' };
     /*
-     * okm_hex is the string representation of okm,
+     * okm_string is the ASCII string representation of okm,
      * so its size is twice the size of okm, and an extra null-termination.
      */
-    unsigned char okm_hex[257] = { '\0' };
+    unsigned char okm_string[257] = { '\0' };
 
     const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
     TEST_ASSERT( md != NULL );
@@ -31,18 +31,21 @@ void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string,
     ikm_len = mbedtls_test_unhexify( ikm, hex_ikm_string );
     salt_len = mbedtls_test_unhexify( salt, hex_salt_string );
     info_len = mbedtls_test_unhexify( info, hex_info_string );
-    okm_len = mbedtls_test_unhexify( expected_okm, hex_okm_string );
+    expected_okm_len = mbedtls_test_unhexify( expected_okm,
+                                              hex_expected_okm_string );
+
+    TEST_ASSERT( expected_okm_len <= sizeof( okm ) );
 
     ret = mbedtls_hkdf( md, salt, salt_len, ikm, ikm_len, info, info_len, okm,
-                        okm_len);
+                        expected_okm_len);
     TEST_ASSERT( ret == 0 );
 
     /*
      * Run mbedtls_test_hexify on it so that it looks nicer if the assertion
      * fails.
      */
-    mbedtls_test_hexify( okm_hex, okm, okm_len );
-    TEST_ASSERT( !strcmp( (char *)okm_hex, hex_okm_string ) );
+    mbedtls_test_hexify( okm_string, okm, expected_okm_len );
+    TEST_ASSERT( !strcmp( (char *)okm_string, hex_expected_okm_string ) );
 }
 /* END_CASE */
 

From 7e512718fec19c8bceac73386262c5b8ef85429c Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 11:33:01 +0200
Subject: [PATCH 35/46] tests: chacha20: Prepare to char* to data_t* type
 change

In preparation of changing the type of some parameters of
test_chacha20() from `char *` to `data_t` to get rid of the
calls to mbedtls_test_unhexify():

- Reduce the size of output[] buffer to 375 as its content
  is "ASCII expended" into a buffer of 751 bytes.
- Align naming of variables to store and check the
  output of mbedtls_chacha20_crypt(). No *dst* variables
  anynore, only *output* variables.
- Use two different buffers to store the expected output
  of mbedtls_chacha20_crypt() (expected_output_str[]) and
  the ASCII string representation of the output of
  mbedtls_chacha20_crypt() (output_string[]). Both were
  stored in dst_str[] before.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_chacha20.function | 38 +++++++++++++----------
 1 file changed, 21 insertions(+), 17 deletions(-)

diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function
index 48ac9755a5..137b92a6e4 100644
--- a/tests/suites/test_suite_chacha20.function
+++ b/tests/suites/test_suite_chacha20.function
@@ -12,31 +12,33 @@ void chacha20_crypt( char *hex_key_string,
                      char *hex_nonce_string,
                      int counter,
                      char *hex_src_string,
-                     char *hex_dst_string )
+                     char *hex_expected_output_string )
 {
     unsigned char key_str[32]; /* size set by the standard */
     unsigned char nonce_str[12]; /* size set by the standard */
     unsigned char src_str[375]; /* max size of binary input */
-    unsigned char dst_str[751]; /* hex expansion of the above */
-    unsigned char output[751];
+    unsigned char expected_output_str[375];
+    unsigned char output[375];
+    unsigned char output_string[751]; /* ASCII string representation of output */
     size_t key_len;
     size_t nonce_len;
     size_t src_len;
-    size_t dst_len;
+    size_t expected_output_len;
     mbedtls_chacha20_context ctx;
 
-    memset( key_str,    0x00, sizeof( key_str ) );
-    memset( nonce_str,  0x00, sizeof( nonce_str ) );
-    memset( src_str,    0x00, sizeof( src_str ) );
-    memset( dst_str,    0x00, sizeof( dst_str ) );
-    memset( output,     0x00, sizeof( output ) );
+    memset( key_str,       0x00, sizeof( key_str ) );
+    memset( nonce_str,     0x00, sizeof( nonce_str ) );
+    memset( src_str,       0x00, sizeof( src_str ) );
+    memset( output,        0x00, sizeof( output ) );
+    memset( output_string, 0x00, sizeof( output_string ) );
 
     key_len   = mbedtls_test_unhexify( key_str, hex_key_string );
     nonce_len = mbedtls_test_unhexify( nonce_str, hex_nonce_string );
     src_len   = mbedtls_test_unhexify( src_str, hex_src_string );
-    dst_len   = mbedtls_test_unhexify( dst_str, hex_dst_string );
+    expected_output_len = mbedtls_test_unhexify( expected_output_str,
+                                                 hex_expected_output_string );
 
-    TEST_ASSERT( src_len   == dst_len );
+    TEST_ASSERT( src_len   == expected_output_len );
     TEST_ASSERT( key_len   == 32U );
     TEST_ASSERT( nonce_len == 12U );
 
@@ -45,8 +47,8 @@ void chacha20_crypt( char *hex_key_string,
      */
     TEST_ASSERT( mbedtls_chacha20_crypt( key_str, nonce_str, counter, src_len, src_str, output ) == 0 );
 
-    mbedtls_test_hexify( dst_str, output, src_len );
-    TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+    mbedtls_test_hexify( output_string, output, src_len );
+    TEST_ASSERT( strcmp( (char*) output_string, hex_expected_output_string ) == 0 );
 
     /*
      * Test the streaming API
@@ -60,8 +62,9 @@ void chacha20_crypt( char *hex_key_string,
     memset( output, 0x00, sizeof( output ) );
     TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len, src_str, output ) == 0 );
 
-    mbedtls_test_hexify( dst_str, output, src_len );
-    TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+    mbedtls_test_hexify( output_string, output, src_len );
+    TEST_ASSERT( strcmp( (char*) output_string,
+                         hex_expected_output_string ) == 0 );
 
     /*
      * Test the streaming API again, piecewise
@@ -75,8 +78,9 @@ void chacha20_crypt( char *hex_key_string,
     TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str, output ) == 0 );
     TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len - 1, src_str + 1, output + 1 ) == 0 );
 
-    mbedtls_test_hexify( dst_str, output, src_len );
-    TEST_ASSERT( strcmp( (char*) dst_str, hex_dst_string ) == 0 );
+    mbedtls_test_hexify( output_string, output, src_len );
+    TEST_ASSERT( strcmp( (char*) output_string,
+                         hex_expected_output_string ) == 0 );
 
     mbedtls_chacha20_free( &ctx );
 }

From 7370185ae357fbf0654725a6f63023614d35d3db Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 13:33:29 +0200
Subject: [PATCH 36/46] tests: nist_kw: Prepare to char* to data_t* type change

In preparation of changing the type of some parameters
of mbedtls_nist_kw_wrap/unwrap() from `char *` to `data_t`
to get rid of the calls to mbedtls_test_unhexify():

- Change the name of parameters and local variables to
  clarify which ones are related to the outputs of the
  library functions under test and which ones are
  related to the expected values of those outputs.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_nist_kw.function | 30 ++++++++++++------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function
index 827c6903a1..15370b2fdb 100644
--- a/tests/suites/test_suite_nist_kw.function
+++ b/tests/suites/test_suite_nist_kw.function
@@ -244,14 +244,14 @@ exit:
 /* BEGIN_CASE */
 void mbedtls_nist_kw_wrap( int cipher_id, int mode,
                            char *key_hex, char *msg_hex,
-                           char *result_hex )
+                           char *expected_result_hex )
 {
     unsigned char key[32];
     unsigned char msg[512];
     unsigned char result[528];
     unsigned char expected_result[528];
     mbedtls_nist_kw_context ctx;
-    size_t key_len, msg_len, output_len, result_len, i, padlen;
+    size_t key_len, msg_len, result_len, expected_result_len, i, padlen;
 
     mbedtls_nist_kw_init( &ctx );
 
@@ -261,19 +261,19 @@ void mbedtls_nist_kw_wrap( int cipher_id, int mode,
 
     key_len = mbedtls_test_unhexify( key, key_hex );
     msg_len = mbedtls_test_unhexify( msg, msg_hex );
-    result_len = mbedtls_test_unhexify( expected_result, result_hex );
-    output_len = sizeof( result );
+    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
+    result_len = sizeof( result );
 
     TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 1 )
                  == 0 );
 
     /* Test with input == output */
     TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg, msg_len,
-                 result, &output_len, sizeof( result ) ) == 0 );
+                 result, &result_len, sizeof( result ) ) == 0 );
 
-    TEST_ASSERT( output_len == result_len );
+    TEST_ASSERT( result_len == expected_result_len );
 
-    TEST_ASSERT( memcmp( expected_result, result, result_len ) == 0 );
+    TEST_ASSERT( memcmp( expected_result, result, expected_result_len ) == 0 );
 
     padlen = ( msg_len % 8 != 0 ) ? 8 - (msg_len % 8 ) : 0;
     /* Check that the function didn't write beyond the end of the buffer. */
@@ -290,14 +290,14 @@ exit:
 /* BEGIN_CASE */
 void mbedtls_nist_kw_unwrap( int cipher_id, int mode,
                              char *key_hex, char *msg_hex,
-                             char *result_hex, int expected_ret )
+                             char *expected_result_hex, int expected_ret )
 {
     unsigned char key[32];
     unsigned char msg[528];
     unsigned char result[528];
     unsigned char expected_result[528];
     mbedtls_nist_kw_context ctx;
-    size_t key_len, msg_len, output_len, result_len, i;
+    size_t key_len, msg_len, result_len, expected_result_len, i;
 
     mbedtls_nist_kw_init( &ctx );
 
@@ -308,23 +308,23 @@ void mbedtls_nist_kw_unwrap( int cipher_id, int mode,
 
     key_len = mbedtls_test_unhexify( key, key_hex );
     msg_len = mbedtls_test_unhexify( msg, msg_hex );
-    result_len = mbedtls_test_unhexify( expected_result, result_hex );
-    output_len = sizeof( result );
+    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
+    result_len = sizeof( result );
 
     TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 0 )
                  == 0 );
 
     /* Test with input == output */
     TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg, msg_len,
-                 result, &output_len, sizeof( result ) ) == expected_ret );
+                 result, &result_len, sizeof( result ) ) == expected_ret );
     if( expected_ret == 0 )
     {
-        TEST_ASSERT( output_len == result_len );
-        TEST_ASSERT( memcmp( expected_result, result, result_len ) == 0 );
+        TEST_ASSERT( result_len == expected_result_len );
+        TEST_ASSERT( memcmp( expected_result, result, expected_result_len ) == 0 );
     }
     else
     {
-        TEST_ASSERT( output_len == 0 );
+        TEST_ASSERT( result_len == 0 );
     }
 
     /* Check that the function didn't write beyond the end of the buffer. */

From df02eb00e00527179ce82471b973f3e2dae640e2 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 13:57:05 +0200
Subject: [PATCH 37/46] tests: aes.ofb: Prepare to char* to data_t* type change

In preparation of changing the type of some parameters
of aes_encrypt_ofb() from `char *` to `data_t` to get rid
of the calls to mbedtls_test_unhexify():

- Change the name of parameters and local variables to
  clarify which ones are related to the outputs of the
  library functions under test and which ones are
  related to the expected values of those outputs.

- Add assertion on fragment_size parameter

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_aes.function | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index f1be3cec2f..d5eb1ef108 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -329,13 +329,13 @@ exit:
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
 void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
                       char *hex_iv_string, char *hex_src_string,
-                      char *hex_dst_string )
+                      char *hex_expected_output_string )
 {
     unsigned char key_str[32];
     unsigned char iv_str[16];
     unsigned char src_str[64];
-    unsigned char dst_str[64];
     unsigned char output[32];
+    unsigned char output_string[65];
     mbedtls_aes_context ctx;
     size_t iv_offset = 0;
     int in_buffer_len;
@@ -345,14 +345,15 @@ void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
     memset( key_str, 0x00, sizeof( key_str ) );
     memset( iv_str, 0x00, sizeof( iv_str ) );
     memset( src_str, 0x00, sizeof( src_str ) );
-    memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
+    memset( output_string, 0x00, sizeof( output_string ) );
     mbedtls_aes_init( &ctx );
 
+    TEST_ASSERT( (size_t)fragment_size < sizeof( output ) );
     TEST_ASSERT( strlen( hex_key_string ) <= ( 32 * 2 ) );
     TEST_ASSERT( strlen( hex_iv_string ) <= ( 16 * 2 ) );
     TEST_ASSERT( strlen( hex_src_string ) <= ( 64 * 2 ) );
-    TEST_ASSERT( strlen( hex_dst_string ) <= ( 64 * 2 ) );
+    TEST_ASSERT( strlen( hex_expected_output_string ) <= ( 64 * 2 ) );
 
     key_len = mbedtls_test_unhexify( key_str, hex_key_string );
     mbedtls_test_unhexify( iv_str, hex_iv_string );
@@ -366,12 +367,12 @@ void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
         TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset,
                                             iv_str, src_str_next, output ) == 0 );
 
-        mbedtls_test_hexify( dst_str, output, fragment_size );
-        TEST_ASSERT( strncmp( (char *) dst_str, hex_dst_string,
+        mbedtls_test_hexify( output_string, output, fragment_size );
+        TEST_ASSERT( strncmp( (char *) output_string, hex_expected_output_string,
                               ( 2 * fragment_size ) ) == 0 );
 
         in_buffer_len -= fragment_size;
-        hex_dst_string += ( fragment_size * 2 );
+        hex_expected_output_string += ( fragment_size * 2 );
         src_str_next += fragment_size;
 
         if( in_buffer_len < fragment_size )

From c7ba5604811dc1f611e666c8863ee0fe2f4fef9f Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 14:47:40 +0200
Subject: [PATCH 38/46] tests: ccm: Prepare to char* to data_t* type change

In preparation of changing the type of some parameters
of mbedtls_ccm_star_encrypt_and_tag/auth_decrypt from
`char *` to `data_t` to get rid of the calls to
mbedtls_test_unhexify():

- Change the name of parameters and local variables to
  clarify which ones are related to the outputs of the
  library functions under test and which ones are
  related to the expected values of those outputs.

- Use two different buffers to store the plain and cipher
  text as expected by the library functions.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_ccm.function | 40 +++++++++++++++-------------
 1 file changed, 21 insertions(+), 19 deletions(-)

diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 01e1a173be..40ea278a67 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -195,17 +195,18 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
                             char *key_hex, char *msg_hex,
                             char *source_address_hex, char *frame_counter_hex,
                             int sec_level, char *add_hex,
-                            char *result_hex, int output_ret )
+                            char *expected_result_hex, int output_ret )
 {
     unsigned char key[32];
     unsigned char msg[50];
     unsigned char iv[13];
     unsigned char add[32];
     unsigned char result[50];
+    unsigned char expected_result[50];
     unsigned char source_address[8];
     unsigned char frame_counter[4];
     mbedtls_ccm_context ctx;
-    size_t i, key_len, msg_len, iv_len, add_len, result_len, source_address_len, frame_counter_len, tag_len;
+    size_t i, key_len, msg_len, iv_len, add_len, expected_result_len, source_address_len, frame_counter_len, tag_len;
     int ret;
 
     mbedtls_ccm_init( &ctx );
@@ -215,13 +216,14 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
     memset( iv, 0x00, sizeof( iv ) );
     memset( add, 0x00, sizeof( add ) );
     memset( result, 0x00, sizeof( result ) );
+    memset( expected_result, 0x00, sizeof( expected_result ) );
     memset( source_address, 0x00, sizeof( source_address ) );
     memset( frame_counter, 0x00, sizeof( frame_counter ) );
 
     key_len = mbedtls_test_unhexify( key, key_hex );
     msg_len = mbedtls_test_unhexify( msg, msg_hex );
     add_len = mbedtls_test_unhexify( add, add_hex );
-    result_len = mbedtls_test_unhexify( result, result_hex );
+    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
     source_address_len = mbedtls_test_unhexify( source_address,
                                                 source_address_hex );
     frame_counter_len = mbedtls_test_unhexify( frame_counter,
@@ -244,14 +246,15 @@ void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
     TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
 
     ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
-                 add, add_len, msg, msg, msg + msg_len, tag_len );
+                 add, add_len, msg, result, result + msg_len, tag_len );
 
     TEST_ASSERT( ret == output_ret );
 
-    TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
+    TEST_ASSERT( memcmp( result, expected_result, expected_result_len ) == 0 );
 
     /* Check we didn't write past the end */
-    TEST_ASSERT( msg[result_len] == 0 && msg[result_len + 1] == 0 );
+    TEST_ASSERT( result[expected_result_len] == 0 &&
+                 result[expected_result_len + 1] == 0 );
 
 exit:
     mbedtls_ccm_free( &ctx );
@@ -263,18 +266,18 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id,
                             char *key_hex, char *msg_hex,
                             char *source_address_hex, char *frame_counter_hex,
                             int sec_level, char *add_hex,
-                            char *result_hex, int output_ret )
+                            char *expected_result_hex, int output_ret )
 {
     unsigned char key[32];
     unsigned char msg[50];
     unsigned char iv[13];
     unsigned char add[32];
-    unsigned char tag[16];
     unsigned char result[50];
+    unsigned char expected_result[50];
     unsigned char source_address[8];
     unsigned char frame_counter[4];
     mbedtls_ccm_context ctx;
-    size_t i, key_len, msg_len, iv_len, add_len, tag_len, result_len, source_address_len, frame_counter_len;
+    size_t i, key_len, msg_len, iv_len, add_len, tag_len, expected_result_len, source_address_len, frame_counter_len;
     int ret;
 
     mbedtls_ccm_init( &ctx );
@@ -283,15 +286,15 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id,
     memset( msg, 0x00, sizeof( msg ) );
     memset( iv, 0x00, sizeof( iv ) );
     memset( add, 0x00, sizeof( add ) );
-    memset( result, 0x00, sizeof( result ) );
+    memset( result, '+', sizeof( result ) );
+    memset( expected_result, 0x00, sizeof( expected_result ) );
     memset( source_address, 0x00, sizeof( source_address ) );
     memset( frame_counter, 0x00, sizeof( frame_counter ) );
-    memset( tag, 0x00, sizeof( tag ) );
 
     key_len = mbedtls_test_unhexify( key, key_hex );
     msg_len = mbedtls_test_unhexify( msg, msg_hex );
     add_len = mbedtls_test_unhexify( add, add_hex );
-    result_len = mbedtls_test_unhexify( result, result_hex );
+    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
     source_address_len = mbedtls_test_unhexify( source_address,
                                                 source_address_hex );
     frame_counter_len = mbedtls_test_unhexify( frame_counter,
@@ -311,20 +314,19 @@ void mbedtls_ccm_star_auth_decrypt( int cipher_id,
     iv[source_address_len + frame_counter_len] = sec_level;
     iv_len = sizeof( iv );
 
-    msg_len -= tag_len;
-    memcpy( tag, msg + msg_len, tag_len );
-
     TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
 
-    ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len, iv, iv_len,
-                 add, add_len, msg, msg, msg + msg_len, tag_len );
+    ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len - tag_len, iv, iv_len,
+                 add, add_len, msg, result, msg + msg_len - tag_len, tag_len );
 
     TEST_ASSERT( ret == output_ret );
 
-    TEST_ASSERT( memcmp( msg, result, result_len ) == 0 );
+    TEST_ASSERT( memcmp( result, expected_result, expected_result_len ) == 0 );
 
     /* Check we didn't write past the end (where the original tag is) */
-    TEST_ASSERT( memcmp( msg + msg_len, tag, tag_len ) == 0 );
+    TEST_ASSERT( ( msg_len + 2 ) <= sizeof( result ) );
+    TEST_EQUAL( result[msg_len], '+' );
+    TEST_EQUAL( result[msg_len + 1], '+' );
 
 exit:
     mbedtls_ccm_free( &ctx );

From 9ed4073ea53fa934842a57e4ec795e2fc765f094 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 25 Jun 2020 09:03:34 +0200
Subject: [PATCH 39/46] tests: Get rid of mbedtls_test_unhexify() in unit test
 code

In test functions calling mbedtls_test_unhexify(), change the
type of the associated parameters from `char*` to `data_t`.

That way the `unhexify` operation is done by the test
framework and not by the unit test code.

Use for the new parameters of type data_t the name of the
local variable that use to store the `unhexify` version of
the `char*` parameter.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/suites/test_suite_aes.function        |  33 ++--
 tests/suites/test_suite_aria.function       | 184 ++++++--------------
 tests/suites/test_suite_ccm.function        | 113 ++++--------
 tests/suites/test_suite_chacha20.function   |  75 ++++----
 tests/suites/test_suite_chachapoly.function |  90 ++--------
 tests/suites/test_suite_cipher.function     |  29 +--
 tests/suites/test_suite_ecdh.function       |  24 +--
 tests/suites/test_suite_ecdsa.function      |  42 ++---
 tests/suites/test_suite_hkdf.function       |  37 ++--
 tests/suites/test_suite_nist_kw.function    |  61 ++-----
 tests/suites/test_suite_pk.function         |  12 +-
 tests/suites/test_suite_poly1305.function   |  35 ++--
 12 files changed, 238 insertions(+), 497 deletions(-)

diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index d5eb1ef108..1d453db19b 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -327,52 +327,39 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_OFB */
-void aes_encrypt_ofb( int fragment_size, char *hex_key_string,
-                      char *hex_iv_string, char *hex_src_string,
-                      char *hex_expected_output_string )
+void aes_encrypt_ofb( int fragment_size, data_t *key_str,
+                      data_t *iv_str, data_t *src_str,
+                      char *expected_output_string)
 {
-    unsigned char key_str[32];
-    unsigned char iv_str[16];
-    unsigned char src_str[64];
     unsigned char output[32];
     unsigned char output_string[65];
     mbedtls_aes_context ctx;
     size_t iv_offset = 0;
     int in_buffer_len;
     unsigned char* src_str_next;
-    int key_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( output, 0x00, sizeof( output ) );
     memset( output_string, 0x00, sizeof( output_string ) );
     mbedtls_aes_init( &ctx );
 
     TEST_ASSERT( (size_t)fragment_size < sizeof( output ) );
-    TEST_ASSERT( strlen( hex_key_string ) <= ( 32 * 2 ) );
-    TEST_ASSERT( strlen( hex_iv_string ) <= ( 16 * 2 ) );
-    TEST_ASSERT( strlen( hex_src_string ) <= ( 64 * 2 ) );
-    TEST_ASSERT( strlen( hex_expected_output_string ) <= ( 64 * 2 ) );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    in_buffer_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str, key_len * 8 ) == 0 );
-    src_str_next = src_str;
+    TEST_ASSERT( mbedtls_aes_setkey_enc( &ctx, key_str->x,
+                                         key_str->len * 8 ) == 0 );
+    in_buffer_len = src_str->len;
+    src_str_next = src_str->x;
 
     while( in_buffer_len > 0 )
     {
         TEST_ASSERT( mbedtls_aes_crypt_ofb( &ctx, fragment_size, &iv_offset,
-                                            iv_str, src_str_next, output ) == 0 );
+                                            iv_str->x, src_str_next, output ) == 0 );
 
         mbedtls_test_hexify( output_string, output, fragment_size );
-        TEST_ASSERT( strncmp( (char *) output_string, hex_expected_output_string,
+        TEST_ASSERT( strncmp( (char *) output_string, expected_output_string,
                               ( 2 * fragment_size ) ) == 0 );
 
         in_buffer_len -= fragment_size;
-        hex_expected_output_string += ( fragment_size * 2 );
+        expected_output_string += ( fragment_size * 2 );
         src_str_next += fragment_size;
 
         if( in_buffer_len < fragment_size )
diff --git a/tests/suites/test_suite_aria.function b/tests/suites/test_suite_aria.function
index d8a2971b4b..d08c39dc66 100644
--- a/tests/suites/test_suite_aria.function
+++ b/tests/suites/test_suite_aria.function
@@ -206,35 +206,28 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aria_encrypt_ecb( char *hex_key_string, char *hex_src_string,
+void aria_encrypt_ecb( data_t *key_str, data_t *src_str,
                        char *hex_dst_string, int setkey_result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    size_t key_len, src_str_len, i;
+    size_t i;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 )
+    TEST_ASSERT( mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 )
                  == setkey_result );
     if( setkey_result == 0 )
     {
-        for( i = 0; i < src_str_len; i += MBEDTLS_ARIA_BLOCKSIZE )
+        for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE )
         {
-            TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str + i, output + i )
-                                                 == 0 );
+            TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i,
+                                                 output + i ) == 0 );
         }
-        mbedtls_test_hexify( dst_str, output, src_str_len );
+        mbedtls_test_hexify( dst_str, output, src_str->len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -245,35 +238,28 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void aria_decrypt_ecb( char *hex_key_string, char *hex_src_string,
+void aria_decrypt_ecb( data_t *key_str, data_t *src_str,
                        char *hex_dst_string, int setkey_result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    size_t key_len, src_str_len, i;
+    size_t i;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 )
+    TEST_ASSERT( mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 )
                  == setkey_result );
     if( setkey_result == 0 )
     {
-        for( i = 0; i < src_str_len; i += MBEDTLS_ARIA_BLOCKSIZE )
+        for( i = 0; i < src_str->len; i += MBEDTLS_ARIA_BLOCKSIZE )
         {
-            TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str + i, output + i )
-                         == 0 );
+            TEST_ASSERT( mbedtls_aria_crypt_ecb( &ctx, src_str->x + i,
+                                                 output + i ) == 0 );
         }
-        mbedtls_test_hexify( dst_str, output, src_str_len );
+        mbedtls_test_hexify( dst_str, output, src_str->len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -284,36 +270,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aria_encrypt_cbc( char *hex_key_string, char *hex_iv_string,
-                       char *hex_src_string, char *hex_dst_string,
+void aria_encrypt_cbc( data_t *key_str, data_t *iv_str,
+                       data_t *src_str, char *hex_dst_string,
                        int cbc_result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char iv_str[ARIA_BLOCK_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    size_t key_len, src_str_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT, src_str_len,
-                                         iv_str, src_str, output )
-                 == cbc_result );
+    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_ENCRYPT,
+                                         src_str->len, iv_str->x, src_str->x,
+                                         output ) == cbc_result );
     if( cbc_result == 0 )
     {
-        mbedtls_test_hexify( dst_str, output, src_str_len );
+        mbedtls_test_hexify( dst_str, output, src_str->len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -324,36 +299,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void aria_decrypt_cbc( char *hex_key_string, char *hex_iv_string,
-                       char *hex_src_string, char *hex_dst_string,
+void aria_decrypt_cbc( data_t *key_str, data_t *iv_str,
+                       data_t *src_str, char *hex_dst_string,
                        int cbc_result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char iv_str[ARIA_BLOCK_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
-    size_t key_len, src_str_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    mbedtls_aria_setkey_dec( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT, src_str_len,
-                                         iv_str, src_str, output )
-                 == cbc_result );
+    mbedtls_aria_setkey_dec( &ctx, key_str->x, key_str->len * 8 );
+    TEST_ASSERT( mbedtls_aria_crypt_cbc( &ctx, MBEDTLS_ARIA_DECRYPT,
+                                         src_str->len, iv_str->x, src_str->x,
+                                         output ) == cbc_result );
     if( cbc_result == 0 )
     {
-        mbedtls_test_hexify( dst_str, output, src_str_len );
+        mbedtls_test_hexify( dst_str, output, src_str->len );
 
         TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
     }
@@ -364,36 +328,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aria_encrypt_cfb128( char *hex_key_string, char *hex_iv_string,
-                          char *hex_src_string, char *hex_dst_string,
+void aria_encrypt_cfb128( data_t *key_str, data_t *iv_str,
+                          data_t *src_str, char *hex_dst_string,
                           int result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char iv_str[ARIA_BLOCK_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    size_t key_len, src_str_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
+    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
     TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_ENCRYPT,
-                                            src_str_len, &iv_offset, iv_str,
-                                            src_str, output )
+                                            src_str->len, &iv_offset,
+                                            iv_str->x, src_str->x, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, src_str_len );
+    mbedtls_test_hexify( dst_str, output, src_str->len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
@@ -403,36 +356,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void aria_decrypt_cfb128( char *hex_key_string, char *hex_iv_string,
-                          char *hex_src_string, char *hex_dst_string,
+void aria_decrypt_cfb128( data_t *key_str, data_t *iv_str,
+                          data_t *src_str, char *hex_dst_string,
                           int result  )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char iv_str[ARIA_BLOCK_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    size_t key_len, src_str_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
+    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
     TEST_ASSERT( mbedtls_aria_crypt_cfb128( &ctx, MBEDTLS_ARIA_DECRYPT,
-                                            src_str_len, &iv_offset, iv_str,
-                                            src_str, output )
+                                            src_str->len, &iv_offset,
+                                            iv_str->x, src_str->x, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, src_str_len );
+    mbedtls_test_hexify( dst_str, output, src_str->len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
@@ -442,36 +384,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void aria_encrypt_ctr( char *hex_key_string, char *hex_iv_string,
-                       char *hex_src_string, char *hex_dst_string,
+void aria_encrypt_ctr( data_t *key_str, data_t *iv_str,
+                       data_t *src_str, char *hex_dst_string,
                        int result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char iv_str[ARIA_BLOCK_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    size_t key_len, src_str_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str_len, &iv_offset, iv_str,
-                                         blk, src_str, output )
+    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset,
+                                         iv_str->x, blk, src_str->x, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, src_str_len );
+    mbedtls_test_hexify( dst_str, output, src_str->len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
@@ -481,36 +412,25 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void aria_decrypt_ctr( char *hex_key_string, char *hex_iv_string,
-                       char *hex_src_string, char *hex_dst_string,
+void aria_decrypt_ctr( data_t *key_str, data_t *iv_str,
+                       data_t *src_str, char *hex_dst_string,
                        int result )
 {
-    unsigned char key_str[ARIA_MAX_KEY_STR];
-    unsigned char iv_str[ARIA_BLOCK_STR];
-    unsigned char src_str[ARIA_MAX_DATA_STR];
     unsigned char dst_str[ARIA_MAX_DATA_STR];
     unsigned char output[ARIA_MAX_DATASIZE];
     unsigned char blk[MBEDTLS_ARIA_BLOCKSIZE];
     mbedtls_aria_context ctx;
     size_t iv_offset = 0;
-    size_t key_len, src_str_len;
 
-    memset( key_str, 0x00, sizeof( key_str ) );
-    memset( iv_str, 0x00, sizeof( iv_str ) );
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( dst_str, 0x00, sizeof( dst_str ) );
     memset( output, 0x00, sizeof( output ) );
     mbedtls_aria_init( &ctx );
 
-    key_len = mbedtls_test_unhexify( key_str, hex_key_string );
-    mbedtls_test_unhexify( iv_str, hex_iv_string );
-    src_str_len = mbedtls_test_unhexify( src_str, hex_src_string );
-
-    mbedtls_aria_setkey_enc( &ctx, key_str, key_len * 8 );
-    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str_len, &iv_offset, iv_str,
-                                         blk, src_str, output )
+    mbedtls_aria_setkey_enc( &ctx, key_str->x, key_str->len * 8 );
+    TEST_ASSERT( mbedtls_aria_crypt_ctr( &ctx, src_str->len, &iv_offset,
+                                         iv_str->x, blk, src_str->x, output )
                  == result );
-    mbedtls_test_hexify( dst_str, output, src_str_len );
+    mbedtls_test_hexify( dst_str, output, src_str->len );
 
     TEST_ASSERT( strcasecmp( (char *) dst_str, hex_dst_string ) == 0 );
 
diff --git a/tests/suites/test_suite_ccm.function b/tests/suites/test_suite_ccm.function
index 40ea278a67..5724d8b269 100644
--- a/tests/suites/test_suite_ccm.function
+++ b/tests/suites/test_suite_ccm.function
@@ -192,69 +192,51 @@ exit:
 
 /* BEGIN_CASE */
 void mbedtls_ccm_star_encrypt_and_tag( int cipher_id,
-                            char *key_hex, char *msg_hex,
-                            char *source_address_hex, char *frame_counter_hex,
-                            int sec_level, char *add_hex,
-                            char *expected_result_hex, int output_ret )
+                            data_t *key, data_t *msg,
+                            data_t *source_address, data_t *frame_counter,
+                            int sec_level, data_t *add,
+                            data_t *expected_result, int output_ret )
 {
-    unsigned char key[32];
-    unsigned char msg[50];
     unsigned char iv[13];
-    unsigned char add[32];
     unsigned char result[50];
-    unsigned char expected_result[50];
-    unsigned char source_address[8];
-    unsigned char frame_counter[4];
     mbedtls_ccm_context ctx;
-    size_t i, key_len, msg_len, iv_len, add_len, expected_result_len, source_address_len, frame_counter_len, tag_len;
+    size_t i, iv_len, tag_len;
     int ret;
 
     mbedtls_ccm_init( &ctx );
 
-    memset( key, 0x00, sizeof( key ) );
-    memset( msg, 0x00, sizeof( msg ) );
     memset( iv, 0x00, sizeof( iv ) );
-    memset( add, 0x00, sizeof( add ) );
     memset( result, 0x00, sizeof( result ) );
-    memset( expected_result, 0x00, sizeof( expected_result ) );
-    memset( source_address, 0x00, sizeof( source_address ) );
-    memset( frame_counter, 0x00, sizeof( frame_counter ) );
-
-    key_len = mbedtls_test_unhexify( key, key_hex );
-    msg_len = mbedtls_test_unhexify( msg, msg_hex );
-    add_len = mbedtls_test_unhexify( add, add_hex );
-    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
-    source_address_len = mbedtls_test_unhexify( source_address,
-                                                source_address_hex );
-    frame_counter_len = mbedtls_test_unhexify( frame_counter,
-                                               frame_counter_hex );
 
     if( sec_level % 4 == 0)
         tag_len = 0;
     else
         tag_len = 1 << ( sec_level % 4 + 1);
 
-    for( i = 0; i < source_address_len; i++ )
-        iv[i] = source_address[i];
+    for( i = 0; i < source_address->len; i++ )
+        iv[i] = source_address->x[i];
 
-    for( i = 0; i < frame_counter_len; i++ )
-        iv[source_address_len + i] = frame_counter[i];
+    for( i = 0; i < frame_counter->len; i++ )
+        iv[source_address->len + i] = frame_counter->x[i];
 
-    iv[source_address_len + frame_counter_len] = sec_level;
+    iv[source_address->len + frame_counter->len] = sec_level;
     iv_len = sizeof( iv );
 
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
+    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id,
+                                     key->x, key->len * 8 ) == 0 );
 
-    ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg_len, iv, iv_len,
-                 add, add_len, msg, result, result + msg_len, tag_len );
+    ret = mbedtls_ccm_star_encrypt_and_tag( &ctx, msg->len, iv, iv_len,
+                                            add->x, add->len, msg->x,
+                                            result, result + msg->len, tag_len );
 
     TEST_ASSERT( ret == output_ret );
 
-    TEST_ASSERT( memcmp( result, expected_result, expected_result_len ) == 0 );
+    TEST_ASSERT( memcmp( result,
+                         expected_result->x, expected_result->len ) == 0 );
 
     /* Check we didn't write past the end */
-    TEST_ASSERT( result[expected_result_len] == 0 &&
-                 result[expected_result_len + 1] == 0 );
+    TEST_ASSERT( result[expected_result->len] == 0 &&
+                 result[expected_result->len + 1] == 0 );
 
 exit:
     mbedtls_ccm_free( &ctx );
@@ -263,70 +245,51 @@ exit:
 
 /* BEGIN_CASE */
 void mbedtls_ccm_star_auth_decrypt( int cipher_id,
-                            char *key_hex, char *msg_hex,
-                            char *source_address_hex, char *frame_counter_hex,
-                            int sec_level, char *add_hex,
-                            char *expected_result_hex, int output_ret )
+                            data_t *key, data_t *msg,
+                            data_t *source_address, data_t *frame_counter,
+                            int sec_level, data_t *add,
+                            data_t *expected_result, int output_ret )
 {
-    unsigned char key[32];
-    unsigned char msg[50];
     unsigned char iv[13];
-    unsigned char add[32];
     unsigned char result[50];
-    unsigned char expected_result[50];
-    unsigned char source_address[8];
-    unsigned char frame_counter[4];
     mbedtls_ccm_context ctx;
-    size_t i, key_len, msg_len, iv_len, add_len, tag_len, expected_result_len, source_address_len, frame_counter_len;
+    size_t i, iv_len, tag_len;
     int ret;
 
     mbedtls_ccm_init( &ctx );
 
-    memset( key, 0x00, sizeof( key ) );
-    memset( msg, 0x00, sizeof( msg ) );
     memset( iv, 0x00, sizeof( iv ) );
-    memset( add, 0x00, sizeof( add ) );
     memset( result, '+', sizeof( result ) );
-    memset( expected_result, 0x00, sizeof( expected_result ) );
-    memset( source_address, 0x00, sizeof( source_address ) );
-    memset( frame_counter, 0x00, sizeof( frame_counter ) );
-
-    key_len = mbedtls_test_unhexify( key, key_hex );
-    msg_len = mbedtls_test_unhexify( msg, msg_hex );
-    add_len = mbedtls_test_unhexify( add, add_hex );
-    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
-    source_address_len = mbedtls_test_unhexify( source_address,
-                                                source_address_hex );
-    frame_counter_len = mbedtls_test_unhexify( frame_counter,
-                                               frame_counter_hex );
 
     if( sec_level % 4 == 0)
         tag_len = 0;
     else
         tag_len = 1 << ( sec_level % 4 + 1);
 
-    for( i = 0; i < source_address_len; i++ )
-        iv[i] = source_address[i];
+    for( i = 0; i < source_address->len; i++ )
+        iv[i] = source_address->x[i];
 
-    for( i = 0; i < frame_counter_len; i++ )
-        iv[source_address_len + i] = frame_counter[i];
+    for( i = 0; i < frame_counter->len; i++ )
+        iv[source_address->len + i] = frame_counter->x[i];
 
-    iv[source_address_len + frame_counter_len] = sec_level;
+    iv[source_address->len + frame_counter->len] = sec_level;
     iv_len = sizeof( iv );
 
-    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key, key_len * 8 ) == 0 );
+    TEST_ASSERT( mbedtls_ccm_setkey( &ctx, cipher_id, key->x, key->len * 8 ) == 0 );
 
-    ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg_len - tag_len, iv, iv_len,
-                 add, add_len, msg, result, msg + msg_len - tag_len, tag_len );
+    ret = mbedtls_ccm_star_auth_decrypt( &ctx, msg->len - tag_len, iv, iv_len,
+                                         add->x, add->len, msg->x, result,
+                                         msg->x + msg->len - tag_len, tag_len );
 
     TEST_ASSERT( ret == output_ret );
 
-    TEST_ASSERT( memcmp( result, expected_result, expected_result_len ) == 0 );
+    TEST_ASSERT( memcmp( result, expected_result->x,
+                                 expected_result->len ) == 0 );
 
     /* Check we didn't write past the end (where the original tag is) */
-    TEST_ASSERT( ( msg_len + 2 ) <= sizeof( result ) );
-    TEST_EQUAL( result[msg_len], '+' );
-    TEST_EQUAL( result[msg_len + 1], '+' );
+    TEST_ASSERT( ( msg->len + 2 ) <= sizeof( result ) );
+    TEST_EQUAL( result[msg->len], '+' );
+    TEST_EQUAL( result[msg->len + 1], '+' );
 
 exit:
     mbedtls_ccm_free( &ctx );
diff --git a/tests/suites/test_suite_chacha20.function b/tests/suites/test_suite_chacha20.function
index 137b92a6e4..afe24183a3 100644
--- a/tests/suites/test_suite_chacha20.function
+++ b/tests/suites/test_suite_chacha20.function
@@ -8,63 +8,55 @@
  */
 
 /* BEGIN_CASE */
-void chacha20_crypt( char *hex_key_string,
-                     char *hex_nonce_string,
+void chacha20_crypt( data_t *key_str,
+                     data_t *nonce_str,
                      int counter,
-                     char *hex_src_string,
-                     char *hex_expected_output_string )
+                     data_t *src_str,
+                     data_t *expected_output_str )
 {
-    unsigned char key_str[32]; /* size set by the standard */
-    unsigned char nonce_str[12]; /* size set by the standard */
-    unsigned char src_str[375]; /* max size of binary input */
-    unsigned char expected_output_str[375];
     unsigned char output[375];
-    unsigned char output_string[751]; /* ASCII string representation of output */
-    size_t key_len;
-    size_t nonce_len;
-    size_t src_len;
-    size_t expected_output_len;
     mbedtls_chacha20_context ctx;
 
-    memset( key_str,       0x00, sizeof( key_str ) );
-    memset( nonce_str,     0x00, sizeof( nonce_str ) );
-    memset( src_str,       0x00, sizeof( src_str ) );
-    memset( output,        0x00, sizeof( output ) );
-    memset( output_string, 0x00, sizeof( output_string ) );
+    /*
+     * Buffers to store the ASCII string representation of output and
+     * expected_output_str.
+     */
+    unsigned char output_string[751] = { '\0' };
+    unsigned char expected_output_string[751] = { '\0' };
 
-    key_len   = mbedtls_test_unhexify( key_str, hex_key_string );
-    nonce_len = mbedtls_test_unhexify( nonce_str, hex_nonce_string );
-    src_len   = mbedtls_test_unhexify( src_str, hex_src_string );
-    expected_output_len = mbedtls_test_unhexify( expected_output_str,
-                                                 hex_expected_output_string );
+    memset( output, 0x00, sizeof( output ) );
 
-    TEST_ASSERT( src_len   == expected_output_len );
-    TEST_ASSERT( key_len   == 32U );
-    TEST_ASSERT( nonce_len == 12U );
+    TEST_ASSERT( src_str->len   == expected_output_str->len );
+    TEST_ASSERT( key_str->len   == 32U );
+    TEST_ASSERT( nonce_str->len == 12U );
 
     /*
      * Test the integrated API
      */
-    TEST_ASSERT( mbedtls_chacha20_crypt( key_str, nonce_str, counter, src_len, src_str, output ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_crypt( key_str->x, nonce_str->x, counter, src_str->len, src_str->x, output ) == 0 );
 
-    mbedtls_test_hexify( output_string, output, src_len );
-    TEST_ASSERT( strcmp( (char*) output_string, hex_expected_output_string ) == 0 );
+    mbedtls_test_hexify( expected_output_string,
+                         expected_output_str->x,
+                         expected_output_str->len);
+    mbedtls_test_hexify( output_string, output, src_str->len );
+    TEST_ASSERT( strcmp( (char *)output_string,
+                         (char *)expected_output_string ) == 0 );
 
     /*
      * Test the streaming API
      */
     mbedtls_chacha20_init( &ctx );
 
-    TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_setkey( &ctx, key_str->x ) == 0 );
 
-    TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 );
 
     memset( output, 0x00, sizeof( output ) );
-    TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len, src_str, output ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len, src_str->x, output ) == 0 );
 
-    mbedtls_test_hexify( output_string, output, src_len );
-    TEST_ASSERT( strcmp( (char*) output_string,
-                         hex_expected_output_string ) == 0 );
+    mbedtls_test_hexify( output_string, output, src_str->len );
+    TEST_ASSERT( strcmp( (char *)output_string,
+                         (char *)expected_output_string ) == 0 );
 
     /*
      * Test the streaming API again, piecewise
@@ -72,15 +64,16 @@ void chacha20_crypt( char *hex_key_string,
 
     /* Don't free/init the context nor set the key again,
      * in order to test that starts() does the right thing. */
-    TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str, counter ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_starts( &ctx, nonce_str->x, counter ) == 0 );
 
     memset( output, 0x00, sizeof( output ) );
-    TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str, output ) == 0 );
-    TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_len - 1, src_str + 1, output + 1 ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_update( &ctx, 1, src_str->x, output ) == 0 );
+    TEST_ASSERT( mbedtls_chacha20_update( &ctx, src_str->len - 1,
+                                          src_str->x + 1, output + 1 ) == 0 );
 
-    mbedtls_test_hexify( output_string, output, src_len );
-    TEST_ASSERT( strcmp( (char*) output_string,
-                         hex_expected_output_string ) == 0 );
+    mbedtls_test_hexify( output_string, output, src_str->len );
+    TEST_ASSERT( strcmp( (char *)output_string,
+                         (char *)expected_output_string ) == 0 );
 
     mbedtls_chacha20_free( &ctx );
 }
diff --git a/tests/suites/test_suite_chachapoly.function b/tests/suites/test_suite_chachapoly.function
index aeaf1d74a2..96128e4ec3 100644
--- a/tests/suites/test_suite_chachapoly.function
+++ b/tests/suites/test_suite_chachapoly.function
@@ -8,53 +8,27 @@
  */
 
 /* BEGIN_CASE */
-void mbedtls_chachapoly_enc( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string )
+void mbedtls_chachapoly_enc( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str )
 {
-    unsigned char key_str[32]; /* size set by the standard */
-    unsigned char nonce_str[12]; /* size set by the standard */
-    unsigned char aad_str[12]; /* max size of test data so far */
-    unsigned char input_str[265]; /* max size of binary input/output so far */
-    unsigned char output_str[265];
     unsigned char output[265];
-    unsigned char mac_str[16]; /* size set by the standard */
     unsigned char mac[16]; /* size set by the standard */
-    size_t input_len;
-    size_t output_len;
-    size_t aad_len;
-    size_t key_len;
-    size_t nonce_len;
-    size_t mac_len;
     mbedtls_chachapoly_context ctx;
 
-    memset( key_str,    0x00, sizeof( key_str ) );
-    memset( nonce_str,  0x00, sizeof( nonce_str ) );
-    memset( aad_str,    0x00, sizeof( aad_str ) );
-    memset( input_str,  0x00, sizeof( input_str ) );
-    memset( output_str, 0x00, sizeof( output_str ) );
-    memset( mac_str,    0x00, sizeof( mac_str ) );
-
-    aad_len    = mbedtls_test_unhexify( aad_str,    hex_aad_string    );
-    input_len  = mbedtls_test_unhexify( input_str,  hex_input_string  );
-    output_len = mbedtls_test_unhexify( output_str, hex_output_string );
-    key_len    = mbedtls_test_unhexify( key_str,    hex_key_string    );
-    nonce_len  = mbedtls_test_unhexify( nonce_str,  hex_nonce_string  );
-    mac_len    = mbedtls_test_unhexify( mac_str,    hex_mac_string    );
-
-    TEST_ASSERT( key_len   == 32 );
-    TEST_ASSERT( nonce_len == 12 );
-    TEST_ASSERT( mac_len   == 16 );
+    TEST_ASSERT( key_str->len   == 32 );
+    TEST_ASSERT( nonce_str->len == 12 );
+    TEST_ASSERT( mac_str->len   == 16 );
 
     mbedtls_chachapoly_init( &ctx );
 
-    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str ) == 0 );
+    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
 
     TEST_ASSERT( mbedtls_chachapoly_encrypt_and_tag( &ctx,
-                                      input_len, nonce_str,
-                                      aad_str, aad_len,
-                                      input_str, output, mac ) == 0 );
+                                      input_str->len, nonce_str->x,
+                                      aad_str->x, aad_str->len,
+                                      input_str->x, output, mac ) == 0 );
 
-    TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
-    TEST_ASSERT( memcmp( mac_str, mac, 16U ) == 0 );
+    TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
+    TEST_ASSERT( memcmp( mac_str->x, mac, 16U ) == 0 );
 
 exit:
     mbedtls_chachapoly_free( &ctx );
@@ -62,55 +36,29 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mbedtls_chachapoly_dec( char *hex_key_string, char *hex_nonce_string, char *hex_aad_string, char *hex_input_string, char *hex_output_string, char *hex_mac_string, int ret_exp )
+void mbedtls_chachapoly_dec( data_t *key_str, data_t *nonce_str, data_t *aad_str, data_t *input_str, data_t *output_str, data_t *mac_str, int ret_exp )
 {
-    unsigned char key_str[32]; /* size set by the standard */
-    unsigned char nonce_str[12]; /* size set by the standard */
-    unsigned char aad_str[12]; /* max size of test data so far */
-    unsigned char input_str[265]; /* max size of binary input/output so far */
-    unsigned char output_str[265];
     unsigned char output[265];
-    unsigned char mac_str[16]; /* size set by the standard */
-    size_t input_len;
-    size_t output_len;
-    size_t aad_len;
-    size_t key_len;
-    size_t nonce_len;
-    size_t mac_len;
     int ret;
     mbedtls_chachapoly_context ctx;
 
-    memset( key_str,    0x00, sizeof( key_str ) );
-    memset( nonce_str,  0x00, sizeof( nonce_str ) );
-    memset( aad_str,    0x00, sizeof( aad_str ) );
-    memset( input_str,  0x00, sizeof( input_str ) );
-    memset( output_str, 0x00, sizeof( output_str ) );
-    memset( mac_str,    0x00, sizeof( mac_str ) );
-
-    aad_len    = mbedtls_test_unhexify( aad_str,    hex_aad_string    );
-    input_len  = mbedtls_test_unhexify( input_str,  hex_input_string  );
-    output_len = mbedtls_test_unhexify( output_str, hex_output_string );
-    key_len    = mbedtls_test_unhexify( key_str,    hex_key_string    );
-    nonce_len  = mbedtls_test_unhexify( nonce_str,  hex_nonce_string  );
-    mac_len    = mbedtls_test_unhexify( mac_str,    hex_mac_string    );
-
-    TEST_ASSERT( key_len   == 32 );
-    TEST_ASSERT( nonce_len == 12 );
-    TEST_ASSERT( mac_len   == 16 );
+    TEST_ASSERT( key_str->len   == 32 );
+    TEST_ASSERT( nonce_str->len == 12 );
+    TEST_ASSERT( mac_str->len   == 16 );
 
     mbedtls_chachapoly_init( &ctx );
 
-    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str ) == 0 );
+    TEST_ASSERT( mbedtls_chachapoly_setkey( &ctx, key_str->x ) == 0 );
 
     ret = mbedtls_chachapoly_auth_decrypt( &ctx,
-                                           input_len, nonce_str,
-                                           aad_str, aad_len,
-                                           mac_str, input_str, output );
+                                           input_str->len, nonce_str->x,
+                                           aad_str->x, aad_str->len,
+                                           mac_str->x, input_str->x, output );
 
     TEST_ASSERT( ret == ret_exp );
     if( ret_exp == 0 )
     {
-        TEST_ASSERT( memcmp( output_str, output, output_len ) == 0 );
+        TEST_ASSERT( memcmp( output_str->x, output, output_str->len ) == 0 );
     }
 
 exit:
diff --git a/tests/suites/test_suite_cipher.function b/tests/suites/test_suite_cipher.function
index 8b2956f940..ea1e9ada54 100644
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@@ -1125,26 +1125,17 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_WITH_PADDING */
-void test_vec_crypt( int cipher_id, int operation, char *hex_key,
-                     char *hex_iv, char *hex_input, char *hex_result,
+void test_vec_crypt( int cipher_id, int operation, data_t *key,
+                     data_t *iv, data_t *input, data_t *result,
                      int finish_result, int use_psa )
 {
-    unsigned char key[50];
-    unsigned char input[16];
-    unsigned char result[16];
-    unsigned char iv[16];
-    size_t key_len, iv_len, inputlen, resultlen;
     mbedtls_cipher_context_t ctx;
     unsigned char output[32];
     size_t outlen;
 
     mbedtls_cipher_init( &ctx );
 
-    memset( key, 0x00, sizeof( key ) );
-    memset( input, 0x00, sizeof( input ) );
-    memset( result, 0x00, sizeof( result ) );
     memset( output, 0x00, sizeof( output ) );
-    memset( iv, 0x00, sizeof( iv ) );
 
     /* Prepare context */
 #if !defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -1161,23 +1152,17 @@ void test_vec_crypt( int cipher_id, int operation, char *hex_key,
     TEST_ASSERT( 0 == mbedtls_cipher_setup( &ctx,
                               mbedtls_cipher_info_from_type( cipher_id ) ) );
 
-    key_len = mbedtls_test_unhexify( key, hex_key );
-    inputlen =  mbedtls_test_unhexify( input, hex_input );
-    resultlen = mbedtls_test_unhexify( result, hex_result );
-
-    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key, 8 * key_len, operation ) );
+    TEST_ASSERT( 0 == mbedtls_cipher_setkey( &ctx, key->x, 8 * key->len, operation ) );
     if( MBEDTLS_MODE_CBC == ctx.cipher_info->mode )
         TEST_ASSERT( 0 == mbedtls_cipher_set_padding_mode( &ctx, MBEDTLS_PADDING_NONE ) );
 
-    iv_len = mbedtls_test_unhexify( iv, hex_iv );
-
-    TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv_len ? iv : NULL,
-                                                        iv_len, input, inputlen,
+    TEST_ASSERT( finish_result == mbedtls_cipher_crypt( &ctx, iv->len ? iv->x : NULL,
+                                                        iv->len, input->x, input->len,
                                                         output, &outlen ) );
-    TEST_ASSERT( resultlen == outlen );
+    TEST_ASSERT( result->len == outlen );
     /* check plaintext only if everything went fine */
     if( 0 == finish_result )
-        TEST_ASSERT( 0 == memcmp( output, result, outlen ) );
+        TEST_ASSERT( 0 == memcmp( output, result->x, outlen ) );
 
 exit:
     mbedtls_cipher_free( &ctx );
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 0caf091215..3ab96fa111 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -346,7 +346,7 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
+void ecdh_restart( int id, data_t *dA, data_t *dB, data_t *z,
                    int enable, int max_ops, int min_restart, int max_restart )
 {
     int ret;
@@ -354,10 +354,6 @@ void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
     unsigned char buf[1000];
     const unsigned char *vbuf;
     size_t len;
-    unsigned char z[MBEDTLS_ECP_MAX_BYTES];
-    size_t z_len;
-    unsigned char rnd_buf_A[MBEDTLS_ECP_MAX_BYTES];
-    unsigned char rnd_buf_B[MBEDTLS_ECP_MAX_BYTES];
     mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
     int cnt_restart;
     mbedtls_ecp_group grp;
@@ -366,13 +362,11 @@ void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
     mbedtls_ecdh_init( &srv );
     mbedtls_ecdh_init( &cli );
 
-    z_len = mbedtls_test_unhexify( z, z_str );
+    rnd_info_A.buf = dA->x;
+    rnd_info_A.length = dA->len;
 
-    rnd_info_A.buf = rnd_buf_A;
-    rnd_info_A.length = mbedtls_test_unhexify( rnd_buf_A, dA_str );
-
-    rnd_info_B.buf = rnd_buf_B;
-    rnd_info_B.length = mbedtls_test_unhexify( rnd_buf_B, dB_str );
+    rnd_info_B.buf = dB->x;
+    rnd_info_B.length = dB->len;
 
     /* The ECDH context is not guaranteed ot have an mbedtls_ecp_group structure
      * in every configuration, therefore we load it separately. */
@@ -444,8 +438,8 @@ void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
     TEST_ASSERT( cnt_restart >= min_restart );
     TEST_ASSERT( cnt_restart <= max_restart );
 
-    TEST_ASSERT( len == z_len );
-    TEST_ASSERT( memcmp( buf, z, len ) == 0 );
+    TEST_ASSERT( len == z->len );
+    TEST_ASSERT( memcmp( buf, z->x, len ) == 0 );
 
     /* client computes shared secret */
     memset( buf, 0, sizeof( buf ) );
@@ -461,8 +455,8 @@ void ecdh_restart( int id, char *dA_str, char *dB_str, char *z_str,
     TEST_ASSERT( cnt_restart >= min_restart );
     TEST_ASSERT( cnt_restart <= max_restart );
 
-    TEST_ASSERT( len == z_len );
-    TEST_ASSERT( memcmp( buf, z, len ) == 0 );
+    TEST_ASSERT( len == z->len );
+    TEST_ASSERT( memcmp( buf, z->x, len ) == 0 );
 
 exit:
     mbedtls_ecp_group_free( &grp );
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 76f72e2495..e6da884aaf 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -411,33 +411,26 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE */
-void ecdsa_read_restart( int id, char *k_str, char *h_str, char *s_str,
+void ecdsa_read_restart( int id, data_t *pk, data_t *hash, data_t *sig,
                          int max_ops, int min_restart, int max_restart )
 {
     mbedtls_ecdsa_context ctx;
     mbedtls_ecdsa_restart_ctx rs_ctx;
-    unsigned char hash[64];
-    unsigned char sig[200];
-    unsigned char pk[65];
-    size_t sig_len, hash_len, pk_len;
     int ret, cnt_restart;
 
     mbedtls_ecdsa_init( &ctx );
     mbedtls_ecdsa_restart_init( &rs_ctx );
 
-    hash_len = mbedtls_test_unhexify(hash, h_str);
-    sig_len = mbedtls_test_unhexify(sig, s_str);
-    pk_len = mbedtls_test_unhexify(pk, k_str);
-
     TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
-    TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q, pk, pk_len ) == 0 );
+    TEST_ASSERT( mbedtls_ecp_point_read_binary( &ctx.grp, &ctx.Q,
+                                                pk->x, pk->len ) == 0 );
 
     mbedtls_ecp_set_max_ops( max_ops );
 
     cnt_restart = 0;
     do {
         ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash, hash_len, sig, sig_len, &rs_ctx );
+                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
     } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
 
     TEST_ASSERT( ret == 0 );
@@ -445,29 +438,31 @@ void ecdsa_read_restart( int id, char *k_str, char *h_str, char *s_str,
     TEST_ASSERT( cnt_restart <= max_restart );
 
     /* try modifying r */
-    sig[10]++;
+
+    TEST_ASSERT( sig->len > 10 );
+    sig->x[10]++;
     do {
         ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash, hash_len, sig, sig_len, &rs_ctx );
+                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
     } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
     TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    sig[10]--;
+    sig->x[10]--;
 
     /* try modifying s */
-    sig[sig_len - 1]++;
+    sig->x[sig->len - 1]++;
     do {
         ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash, hash_len, sig, sig_len, &rs_ctx );
+                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
     } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
     TEST_ASSERT( ret == MBEDTLS_ERR_ECP_VERIFY_FAILED );
-    sig[sig_len - 1]--;
+    sig->x[sig->len - 1]--;
 
     /* Do we leak memory when aborting an operation?
      * This test only makes sense when we actually restart */
     if( min_restart > 0 )
     {
         ret = mbedtls_ecdsa_read_signature_restartable( &ctx,
-                            hash, hash_len, sig, sig_len, &rs_ctx );
+                            hash->x, hash->len, sig->x, sig->len, &rs_ctx );
         TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
     }
 
@@ -479,7 +474,7 @@ exit:
 
 /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_DETERMINISTIC */
 void ecdsa_write_restart( int id, char *d_str, int md_alg,
-                          char *msg, char *sig_str,
+                          char *msg, data_t *sig_check,
                           int max_ops, int min_restart, int max_restart )
 {
     int ret, cnt_restart;
@@ -487,19 +482,16 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg,
     mbedtls_ecdsa_context ctx;
     unsigned char hash[MBEDTLS_MD_MAX_SIZE];
     unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
-    unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
-    size_t hlen, slen, slen_check;
+    size_t hlen, slen;
     const mbedtls_md_info_t *md_info;
 
     mbedtls_ecdsa_restart_init( &rs_ctx );
     mbedtls_ecdsa_init( &ctx );
     memset( hash, 0, sizeof( hash ) );
     memset( sig, 0, sizeof( sig ) );
-    memset( sig_check, 0, sizeof( sig_check ) );
 
     TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
     TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
-    slen_check = mbedtls_test_unhexify( sig_check, sig_str );
 
     md_info = mbedtls_md_info_from_type( md_alg );
     TEST_ASSERT( md_info != NULL );
@@ -519,8 +511,8 @@ void ecdsa_write_restart( int id, char *d_str, int md_alg,
     } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
 
     TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( slen == slen_check );
-    TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
+    TEST_ASSERT( slen == sig_check->len );
+    TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 );
 
     TEST_ASSERT( cnt_restart >= min_restart );
     TEST_ASSERT( cnt_restart <= max_restart );
diff --git a/tests/suites/test_suite_hkdf.function b/tests/suites/test_suite_hkdf.function
index 0aefca5615..967df3690d 100644
--- a/tests/suites/test_suite_hkdf.function
+++ b/tests/suites/test_suite_hkdf.function
@@ -9,43 +9,36 @@
  */
 
 /* BEGIN_CASE */
-void test_hkdf( int md_alg, char *hex_ikm_string, char *hex_salt_string,
-                char *hex_info_string, char *hex_expected_okm_string )
+void test_hkdf( int md_alg, data_t *ikm, data_t *salt, data_t *info,
+                data_t *expected_okm )
 {
     int ret;
-    size_t ikm_len, salt_len, info_len, expected_okm_len;
-    unsigned char ikm[128] = { '\0' };
-    unsigned char salt[128] = { '\0' };
-    unsigned char info[128] = { '\0' };
-    unsigned char expected_okm[128] = { '\0' };
     unsigned char okm[128] = { '\0' };
     /*
-     * okm_string is the ASCII string representation of okm,
-     * so its size is twice the size of okm, and an extra null-termination.
+     * okm_string and expected_okm_string are the ASCII string representations
+     * of km and expected_okm, so their size should be twice the size of
+     * okm and expected_okm, and an extra null-termination.
      */
     unsigned char okm_string[257] = { '\0' };
+    unsigned char expected_okm_string[257] = { '\0' };
 
     const mbedtls_md_info_t *md = mbedtls_md_info_from_type( md_alg );
     TEST_ASSERT( md != NULL );
 
-    ikm_len = mbedtls_test_unhexify( ikm, hex_ikm_string );
-    salt_len = mbedtls_test_unhexify( salt, hex_salt_string );
-    info_len = mbedtls_test_unhexify( info, hex_info_string );
-    expected_okm_len = mbedtls_test_unhexify( expected_okm,
-                                              hex_expected_okm_string );
+    TEST_ASSERT( expected_okm->len <= sizeof( okm ) );
 
-    TEST_ASSERT( expected_okm_len <= sizeof( okm ) );
-
-    ret = mbedtls_hkdf( md, salt, salt_len, ikm, ikm_len, info, info_len, okm,
-                        expected_okm_len);
+    ret = mbedtls_hkdf( md, salt->x, salt->len, ikm->x, ikm->len,
+                        info->x, info->len, okm, expected_okm->len );
     TEST_ASSERT( ret == 0 );
 
     /*
-     * Run mbedtls_test_hexify on it so that it looks nicer if the assertion
-     * fails.
+     * Run mbedtls_test_hexify on okm and expected_okm so that it looks nicer
+     * if the assertion fails.
      */
-    mbedtls_test_hexify( okm_string, okm, expected_okm_len );
-    TEST_ASSERT( !strcmp( (char *)okm_string, hex_expected_okm_string ) );
+    mbedtls_test_hexify( okm_string, okm, expected_okm->len );
+    mbedtls_test_hexify( expected_okm_string,
+                         expected_okm->x, expected_okm->len );
+    TEST_ASSERT( !strcmp( (char *)okm_string, (char *)expected_okm_string ) );
 }
 /* END_CASE */
 
diff --git a/tests/suites/test_suite_nist_kw.function b/tests/suites/test_suite_nist_kw.function
index 15370b2fdb..6a810520f4 100644
--- a/tests/suites/test_suite_nist_kw.function
+++ b/tests/suites/test_suite_nist_kw.function
@@ -242,42 +242,31 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mbedtls_nist_kw_wrap( int cipher_id, int mode,
-                           char *key_hex, char *msg_hex,
-                           char *expected_result_hex )
+void mbedtls_nist_kw_wrap( int cipher_id, int mode, data_t *key, data_t *msg,
+                           data_t *expected_result )
 {
-    unsigned char key[32];
-    unsigned char msg[512];
     unsigned char result[528];
-    unsigned char expected_result[528];
     mbedtls_nist_kw_context ctx;
-    size_t key_len, msg_len, result_len, expected_result_len, i, padlen;
+    size_t result_len, i, padlen;
 
     mbedtls_nist_kw_init( &ctx );
 
-    memset( key, 0x00, sizeof( key ) );
-    memset( msg, 0x00, sizeof( msg ) );
     memset( result, '+', sizeof( result ) );
 
-    key_len = mbedtls_test_unhexify( key, key_hex );
-    msg_len = mbedtls_test_unhexify( msg, msg_hex );
-    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
-    result_len = sizeof( result );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 1 )
-                 == 0 );
+    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id,
+                                         key->x, key->len * 8, 1 ) == 0 );
 
     /* Test with input == output */
-    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg, msg_len,
+    TEST_ASSERT( mbedtls_nist_kw_wrap( &ctx, mode, msg->x, msg->len,
                  result, &result_len, sizeof( result ) ) == 0 );
 
-    TEST_ASSERT( result_len == expected_result_len );
+    TEST_ASSERT( result_len == expected_result->len );
 
-    TEST_ASSERT( memcmp( expected_result, result, expected_result_len ) == 0 );
+    TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 );
 
-    padlen = ( msg_len % 8 != 0 ) ? 8 - (msg_len % 8 ) : 0;
+    padlen = ( msg->len % 8 != 0 ) ? 8 - (msg->len % 8 ) : 0;
     /* Check that the function didn't write beyond the end of the buffer. */
-    for( i = msg_len + 8 + padlen; i < sizeof( result ); i++ )
+    for( i = msg->len + 8 + padlen; i < sizeof( result ); i++ )
     {
         TEST_ASSERT( result[i] == '+' );
     }
@@ -288,39 +277,27 @@ exit:
 /* END_CASE */
 
 /* BEGIN_CASE */
-void mbedtls_nist_kw_unwrap( int cipher_id, int mode,
-                             char *key_hex, char *msg_hex,
-                             char *expected_result_hex, int expected_ret )
+void mbedtls_nist_kw_unwrap( int cipher_id, int mode, data_t *key, data_t *msg,
+                             data_t *expected_result, int expected_ret )
 {
-    unsigned char key[32];
-    unsigned char msg[528];
     unsigned char result[528];
-    unsigned char expected_result[528];
     mbedtls_nist_kw_context ctx;
-    size_t key_len, msg_len, result_len, expected_result_len, i;
+    size_t result_len, i;
 
     mbedtls_nist_kw_init( &ctx );
 
-    memset( key, 0x00, sizeof( key ) );
-    memset( msg, 0x00, sizeof( msg ) );
     memset( result, '+', sizeof( result ) );
-    memset( expected_result, 0x00, sizeof( expected_result ) );
 
-    key_len = mbedtls_test_unhexify( key, key_hex );
-    msg_len = mbedtls_test_unhexify( msg, msg_hex );
-    expected_result_len = mbedtls_test_unhexify( expected_result, expected_result_hex );
-    result_len = sizeof( result );
-
-    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id, key, key_len * 8, 0 )
-                 == 0 );
+    TEST_ASSERT( mbedtls_nist_kw_setkey( &ctx, cipher_id,
+                                         key->x, key->len * 8, 0 ) == 0 );
 
     /* Test with input == output */
-    TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg, msg_len,
+    TEST_ASSERT( mbedtls_nist_kw_unwrap( &ctx, mode, msg->x, msg->len,
                  result, &result_len, sizeof( result ) ) == expected_ret );
     if( expected_ret == 0 )
     {
-        TEST_ASSERT( result_len == expected_result_len );
-        TEST_ASSERT( memcmp( expected_result, result, expected_result_len ) == 0 );
+        TEST_ASSERT( result_len == expected_result->len );
+        TEST_ASSERT( memcmp( expected_result->x, result, result_len ) == 0 );
     }
     else
     {
@@ -328,7 +305,7 @@ void mbedtls_nist_kw_unwrap( int cipher_id, int mode,
     }
 
     /* Check that the function didn't write beyond the end of the buffer. */
-    for( i = msg_len - 8; i < sizeof( result ); i++ )
+    for( i = msg->len - 8; i < sizeof( result ); i++ )
     {
         TEST_ASSERT( result[i] == '+' );
     }
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index dbc52e5d03..f9c10c9605 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -788,7 +788,7 @@ exit:
 /* BEGIN_CASE depends_on:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C:MBEDTLS_ECDSA_DETERMINISTIC */
 void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
                               char *QX_str, char *QY_str,
-                              int md_alg, char *msg, char *sig_str,
+                              int md_alg, char *msg, data_t *sig_check,
                               int max_ops, int min_restart, int max_restart )
 {
     int ret, cnt_restart;
@@ -796,8 +796,7 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
     mbedtls_pk_context prv, pub;
     unsigned char hash[MBEDTLS_MD_MAX_SIZE];
     unsigned char sig[MBEDTLS_ECDSA_MAX_LEN];
-    unsigned char sig_check[MBEDTLS_ECDSA_MAX_LEN];
-    size_t hlen, slen, slen_check;
+    size_t hlen, slen;
     const mbedtls_md_info_t *md_info;
 
     mbedtls_pk_restart_init( &rs_ctx );
@@ -805,7 +804,6 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
     mbedtls_pk_init( &pub );
     memset( hash, 0, sizeof( hash ) );
     memset( sig, 0, sizeof( sig ) );
-    memset( sig_check, 0, sizeof( sig_check ) );
 
     TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
     TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
@@ -815,8 +813,6 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
     TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
     TEST_ASSERT( mbedtls_ecp_point_read_string( &mbedtls_pk_ec( pub )->Q, 16, QX_str, QY_str ) == 0 );
 
-    slen_check = mbedtls_test_unhexify( sig_check, sig_str );
-
     md_info = mbedtls_md_info_from_type( md_alg );
     TEST_ASSERT( md_info != NULL );
 
@@ -835,8 +831,8 @@ void pk_sign_verify_restart( int pk_type, int grp_id, char *d_str,
     } while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
 
     TEST_ASSERT( ret == 0 );
-    TEST_ASSERT( slen == slen_check );
-    TEST_ASSERT( memcmp( sig, sig_check, slen ) == 0 );
+    TEST_ASSERT( slen == sig_check->len );
+    TEST_ASSERT( memcmp( sig, sig_check->x, slen ) == 0 );
 
     TEST_ASSERT( cnt_restart >= min_restart );
     TEST_ASSERT( cnt_restart <= max_restart );
diff --git a/tests/suites/test_suite_poly1305.function b/tests/suites/test_suite_poly1305.function
index eadb992fed..44617d98ef 100644
--- a/tests/suites/test_suite_poly1305.function
+++ b/tests/suites/test_suite_poly1305.function
@@ -9,27 +9,20 @@
  */
 
 /* BEGIN_CASE */
-void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src_string  )
+void mbedtls_poly1305( data_t *key, char *hex_mac_string, data_t *src_str )
 {
-    unsigned char src_str[375]; /* max size of binary input */
-    unsigned char key[32]; /* size set by the standard */
     unsigned char mac[16]; /* size set by the standard */
     unsigned char mac_str[33]; /* hex expansion of the above */
-    size_t src_len;
     mbedtls_poly1305_context ctx;
 
-    memset( src_str, 0x00, sizeof( src_str ) );
     memset( mac_str, 0x00, sizeof( mac_str ) );
-    memset( key,     0x00, sizeof( key ) );
     memset( mac,     0x00, sizeof( mac ) );
 
-    src_len = mbedtls_test_unhexify( src_str, hex_src_string );
-    mbedtls_test_unhexify( key, hex_key_string );
-
     /*
      * Test the integrated API
      */
-    TEST_ASSERT( mbedtls_poly1305_mac( key, src_str, src_len, mac ) == 0 );
+    TEST_ASSERT( mbedtls_poly1305_mac( key->x, src_str->x,
+                                       src_str->len, mac ) == 0 );
 
     mbedtls_test_hexify( mac_str, mac, 16 );
     TEST_ASSERT( strcmp( (char *) mac_str, hex_mac_string ) == 0 );
@@ -39,9 +32,9 @@ void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src
      */
     mbedtls_poly1305_init( &ctx );
 
-    TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+    TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
 
-    TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, src_len ) == 0 );
+    TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, src_str->len ) == 0 );
 
     TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
 
@@ -54,12 +47,12 @@ void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src
 
     /* Don't free/init the context, in order to test that starts() does the
      * right thing. */
-    if( src_len >= 1 )
+    if( src_str->len >= 1 )
     {
-        TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
 
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, src_len - 1 ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, src_str->len - 1 ) == 0 );
 
         TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
 
@@ -70,13 +63,13 @@ void mbedtls_poly1305( char *hex_key_string, char *hex_mac_string, char *hex_src
     /*
      * Again with more pieces
      */
-    if( src_len >= 2 )
+    if( src_str->len >= 2 )
     {
-        TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_starts( &ctx, key->x ) == 0 );
 
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 1, 1 ) == 0 );
-        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str + 2, src_len - 2 ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x, 1 ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 1, 1 ) == 0 );
+        TEST_ASSERT( mbedtls_poly1305_update( &ctx, src_str->x + 2, src_str->len - 2 ) == 0 );
 
         TEST_ASSERT( mbedtls_poly1305_finish( &ctx, mac ) == 0 );
 

From a0c2539c4ce052ed44d3d8fdada709d1851ce0c9 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 18 Jun 2020 10:10:46 +0200
Subject: [PATCH 40/46] Rework mbedtls_test_unhexify()

Rework mbedtls_test_unhexify to extend its scope of usage.
Return in error when the function detects an error instead
of calling mbedtls_exit().
Improve safety by checking the output buffer is not overrun.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 tests/include/test/helpers.h      | 24 +++++++++++-
 tests/src/helpers.c               | 63 ++++++++++++++++++-------------
 tests/suites/host_test.function   |  9 ++++-
 tests/suites/target_test.function | 15 ++++++--
 4 files changed, 79 insertions(+), 32 deletions(-)

diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index 36ec8e687d..69d882ca48 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -54,7 +54,29 @@
 int mbedtls_test_platform_setup( void );
 void mbedtls_test_platform_teardown( void );
 
-int mbedtls_test_unhexify( unsigned char *obuf, const char *ibuf );
+/**
+ * \brief          This function translates an ASCII string encoding an
+ *                 hexadecimal number into the encoded hexadecimal number. The
+ *                 hexadecimal number is represented as an array of
+ *                 unsigned char.
+ *
+ * \note           The output buffer can be the same as the input buffer. For
+ *                 any other overlapping of the input and output buffers, the
+ *                 behavior is undefined.
+ *
+ * \param obuf     Output buffer.
+ * \param obufmax  Size in number of bytes of \p obuf.
+ * \param ibuf     Input buffer.
+ * \param len      The number of unsigned char written in \p obuf. This must
+ *                 not be \c NULL.
+ *
+ * \return         \c 0 on success.
+ * \return         \c -1 if the output buffer is too small or the input string
+ *                 is not a valid ASCII encoding of an hexadecimal number.
+ */
+int mbedtls_test_unhexify( unsigned char *obuf, size_t obufmax,
+                           const char *ibuf, size_t *len );
+
 void mbedtls_test_hexify( unsigned char *obuf,
                           const unsigned char *ibuf,
                           int len );
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
index 08d88a5dc2..b9abf19aa3 100644
--- a/tests/src/helpers.c
+++ b/tests/src/helpers.c
@@ -41,38 +41,49 @@ void mbedtls_test_platform_teardown( void )
 #endif /* MBEDTLS_PLATFORM_C */
 }
 
-int mbedtls_test_unhexify( unsigned char *obuf, const char *ibuf )
+static int ascii2uc(const char c, unsigned char *uc)
 {
-    unsigned char c, c2;
-    int len = strlen( ibuf ) / 2;
-    TEST_HELPER_ASSERT( strlen( ibuf ) % 2 == 0 ); /* must be even number of bytes */
+    if( ( c >= '0' ) && ( c <= '9' ) )
+        *uc = c - '0';
+    else if( ( c >= 'a' ) && ( c <= 'f' ) )
+        *uc = c - 'a' + 10;
+    else if( ( c >= 'A' ) && ( c <= 'F' ) )
+        *uc = c - 'A' + 10;
+    else
+        return( -1 );
+
+    return( 0 );
+}
+
+int mbedtls_test_unhexify( unsigned char *obuf,
+                           size_t obufmax,
+                           const char *ibuf,
+                           size_t *len )
+{
+    unsigned char uc, uc2;
+
+    *len = strlen( ibuf );
+
+    /* Must be even number of bytes. */
+    if ( ( *len ) & 1 )
+        return( -1 );
+    *len /= 2;
+
+    if ( (*len) > obufmax )
+        return( -1 );
 
     while( *ibuf != 0 )
     {
-        c = *ibuf++;
-        if( c >= '0' && c <= '9' )
-            c -= '0';
-        else if( c >= 'a' && c <= 'f' )
-            c -= 'a' - 10;
-        else if( c >= 'A' && c <= 'F' )
-            c -= 'A' - 10;
-        else
-            TEST_HELPER_ASSERT( 0 );
+        if ( ascii2uc( *(ibuf++), &uc ) != 0 )
+            return( -1 );
 
-        c2 = *ibuf++;
-        if( c2 >= '0' && c2 <= '9' )
-            c2 -= '0';
-        else if( c2 >= 'a' && c2 <= 'f' )
-            c2 -= 'a' - 10;
-        else if( c2 >= 'A' && c2 <= 'F' )
-            c2 -= 'A' - 10;
-        else
-            TEST_HELPER_ASSERT( 0 );
+        if ( ascii2uc( *(ibuf++), &uc2 ) != 0 )
+            return( -1 );
 
-        *obuf++ = ( c << 4 ) | c2;
+        *(obuf++) = ( uc << 4 ) | uc2;
     }
 
-    return len;
+    return( 0 );
 }
 
 void mbedtls_test_hexify( unsigned char *obuf,
@@ -117,6 +128,7 @@ unsigned char *mbedtls_test_zero_alloc( size_t len )
 unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen )
 {
     unsigned char *obuf;
+    size_t len;
 
     *olen = strlen( ibuf ) / 2;
 
@@ -125,8 +137,7 @@ unsigned char *mbedtls_test_unhexify_alloc( const char *ibuf, size_t *olen )
 
     obuf = mbedtls_calloc( 1, *olen );
     TEST_HELPER_ASSERT( obuf != NULL );
-
-    (void) mbedtls_test_unhexify( obuf, ibuf );
+    TEST_HELPER_ASSERT( mbedtls_test_unhexify( obuf, *olen, ibuf, &len ) == 0 );
 
     return( obuf );
 }
diff --git a/tests/suites/host_test.function b/tests/suites/host_test.function
index c57fa0707c..a459eed564 100644
--- a/tests/suites/host_test.function
+++ b/tests/suites/host_test.function
@@ -277,8 +277,13 @@ static int convert_params( size_t cnt , char ** params , int * int_params_store
         {
             if ( verify_string( &val ) == 0 )
             {
-                *int_params_store = mbedtls_test_unhexify(
-                                        (unsigned char *) val, val );
+                size_t len;
+
+                TEST_HELPER_ASSERT(
+                  mbedtls_test_unhexify( (unsigned char *) val, strlen( val ),
+                                         val, &len ) == 0 );
+
+                *int_params_store = len;
                 *out++ = val;
                 *out++ = (char *)(int_params_store++);
             }
diff --git a/tests/suites/target_test.function b/tests/suites/target_test.function
index f7a9f0438b..8354b968c3 100644
--- a/tests/suites/target_test.function
+++ b/tests/suites/target_test.function
@@ -70,12 +70,16 @@ uint8_t receive_byte()
 {
     uint8_t byte;
     uint8_t c[3];
-    char *endptr;
+    size_t len;
+
     c[0] = greentea_getc();
     c[1] = greentea_getc();
     c[2] = '\0';
 
-    TEST_HELPER_ASSERT( mbedtls_test_unhexify( &byte, c ) != 2 );
+    TEST_HELPER_ASSERT( mbedtls_test_unhexify( &byte, sizeof( byte ),
+                                               c, &len ) == 0 );
+    TEST_HELPER_ASSERT( len != 2 );
+
     return( byte );
 }
 
@@ -90,6 +94,7 @@ uint8_t receive_byte()
 uint32_t receive_uint32()
 {
     uint32_t value;
+    size_t len;
     const uint8_t c_be[8] = { greentea_getc(),
                               greentea_getc(),
                               greentea_getc(),
@@ -101,7 +106,11 @@ uint32_t receive_uint32()
                              };
     const uint8_t c[9] = { c_be[6], c_be[7], c_be[4], c_be[5], c_be[2],
                            c_be[3], c_be[0], c_be[1], '\0' };
-    TEST_HELPER_ASSERT( mbedtls_test_unhexify( (uint8_t*)&value, c ) != 8 );
+
+    TEST_HELPER_ASSERT( mbedtls_test_unhexify( (uint8_t*)&value, sizeof( value ),
+                                               c, &len ) == 0 );
+    TEST_HELPER_ASSERT( len != 8 );
+
     return( value );
 }
 

From 7d8661618be3c6c462423c8050101c0d18eec528 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 18 Jun 2020 10:36:26 +0200
Subject: [PATCH 41/46] Use mbedtls_test_unhexify in programs

Use mbedtls_test_unhexify in programs instead of ad-hoc
implementations.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/ssl/ssl_client2.c | 77 ++++++--------------------------------
 programs/ssl/ssl_server2.c | 60 +++++------------------------
 2 files changed, 21 insertions(+), 116 deletions(-)

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 486b6a6b08..2e8e105b78 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -74,6 +74,8 @@ int main( void )
 #include "mbedtls/psa_util.h"
 #endif
 
+#include <test/helpers.h>
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -1016,45 +1018,6 @@ int idle( mbedtls_net_context *fd,
     return( 0 );
 }
 
-/* Unhexify `hex` into `dst`. `dst` must have
- * size at least `strlen( hex ) / 2`. */
-int unhexify( char const *hex, unsigned char *dst )
-{
-    unsigned char c;
-    size_t j;
-    size_t len = strlen( hex );
-
-    if( len % 2 != 0 )
-        return( -1 );
-
-    for( j = 0; j < len; j += 2 )
-    {
-        c = hex[j];
-        if( c >= '0' && c <= '9' )
-            c -= '0';
-        else if( c >= 'a' && c <= 'f' )
-            c -= 'a' - 10;
-        else if( c >= 'A' && c <= 'F' )
-            c -= 'A' - 10;
-        else
-            return( -1 );
-        dst[ j / 2 ] = c << 4;
-
-        c = hex[j + 1];
-        if( c >= '0' && c <= '9' )
-            c -= '0';
-        else if( c >= 'a' && c <= 'f' )
-            c -= 'a' - 10;
-        else if( c >= 'A' && c <= 'F' )
-            c -= 'A' - 10;
-        else
-            return( -1 );
-        dst[ j / 2 ] |= c;
-    }
-
-    return( 0 );
-}
-
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
 int report_cid_usage( mbedtls_ssl_context *ssl,
                       const char *additional_description )
@@ -1785,16 +1748,10 @@ int main( int argc, char *argv[] )
      */
     if( strlen( opt.psk ) )
     {
-        psk_len = strlen( opt.psk ) / 2;
-        if( psk_len > sizeof( psk ) )
+        if( mbedtls_test_unhexify( psk, sizeof( psk ),
+                                   opt.psk, &psk_len ) != 0 )
         {
-            mbedtls_printf( "pre-shared key too long\n" );
-            goto exit;
-        }
-
-        if( unhexify( opt.psk, psk ) != 0 )
-        {
-            mbedtls_printf( "pre-shared key not valid hex\n" );
+            mbedtls_printf( "pre-shared key not valid\n" );
             goto exit;
         }
     }
@@ -1896,16 +1853,10 @@ int main( int argc, char *argv[] )
     }
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    cid_len = strlen( opt.cid_val ) / 2;
-    if( cid_len > sizeof( cid ) )
+    if( mbedtls_test_unhexify( cid, sizeof( cid ),
+                               opt.cid_val, &cid_len ) != 0 )
     {
-        mbedtls_printf( "CID too long\n" );
-        goto exit;
-    }
-
-    if( unhexify( opt.cid_val, cid ) != 0 )
-    {
-        mbedtls_printf( "CID not valid hex\n" );
+        mbedtls_printf( "CID not valid\n" );
         goto exit;
     }
 
@@ -1916,16 +1867,10 @@ int main( int argc, char *argv[] )
     if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
         opt.cid_val_renego = opt.cid_val;
 
-    cid_renego_len = strlen( opt.cid_val_renego ) / 2;
-    if( cid_renego_len > sizeof( cid_renego ) )
+    if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
+                               opt.cid_val_renego, &cid_renego_len ) != 0 )
     {
-        mbedtls_printf( "CID too long\n" );
-        goto exit;
-    }
-
-    if( unhexify( opt.cid_val_renego, cid_renego ) != 0 )
-    {
-        mbedtls_printf( "CID not valid hex\n" );
+        mbedtls_printf( "CID not valid\n" );
         goto exit;
     }
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 3fd065ef07..15346070cd 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -70,6 +70,8 @@ int main( void )
 #include "mbedtls/psa_util.h"
 #endif
 
+#include <test/helpers.h>
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -1202,52 +1204,6 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl,
 
 #endif /* SNI_OPTION */
 
-#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) || \
-    defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-
-#define HEX2NUM( c )                        \
-    do                                      \
-    {                                       \
-        if( (c) >= '0' && (c) <= '9' )      \
-            (c) -= '0';                     \
-        else if( (c) >= 'a' && (c) <= 'f' ) \
-            (c) -= 'a' - 10;                \
-        else if( (c) >= 'A' && (c) <= 'F' ) \
-            (c) -= 'A' - 10;                \
-        else                                \
-            return( -1 );                   \
-    } while( 0 )
-
-/*
- * Convert a hex string to bytes.
- * Return 0 on success, -1 on error.
- */
-int unhexify( unsigned char *output, const char *input, size_t *olen )
-{
-    unsigned char c;
-    size_t j;
-
-    *olen = strlen( input );
-    if( *olen % 2 != 0 || *olen / 2 > MBEDTLS_PSK_MAX_LEN )
-        return( -1 );
-    *olen /= 2;
-
-    for( j = 0; j < *olen * 2; j += 2 )
-    {
-        c = input[j];
-        HEX2NUM( c );
-        output[ j / 2 ] = c << 4;
-
-        c = input[j + 1];
-        HEX2NUM( c );
-        output[ j / 2 ] |= c;
-    }
-
-    return( 0 );
-}
-
-#endif
-
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
 
 typedef struct _psk_entry psk_entry;
@@ -1319,7 +1275,8 @@ psk_entry *psk_parse( char *psk_string )
         GET_ITEM( new->name );
         GET_ITEM( key_hex );
 
-        if( unhexify( new->key, key_hex, &new->key_len ) != 0 )
+        if( mbedtls_test_unhexify( new->key, MBEDTLS_PSK_MAX_LEN,
+                                   key_hex, &new->key_len ) != 0 )
             goto error;
 
         new->next = cur;
@@ -2632,7 +2589,8 @@ int main( int argc, char *argv[] )
     }
 
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    if( unhexify( cid, opt.cid_val, &cid_len ) != 0 )
+    if( mbedtls_test_unhexify( cid, sizeof( cid ),
+                               opt.cid_val, &cid_len ) != 0 )
     {
         mbedtls_printf( "CID not valid hex\n" );
         goto exit;
@@ -2645,7 +2603,8 @@ int main( int argc, char *argv[] )
     if( opt.cid_val_renego == DFL_CID_VALUE_RENEGO )
         opt.cid_val_renego = opt.cid_val;
 
-    if( unhexify( cid_renego, opt.cid_val_renego, &cid_renego_len ) != 0 )
+    if( mbedtls_test_unhexify( cid_renego, sizeof( cid_renego ),
+                               opt.cid_val_renego, &cid_renego_len ) != 0 )
     {
         mbedtls_printf( "CID not valid hex\n" );
         goto exit;
@@ -2656,7 +2615,8 @@ int main( int argc, char *argv[] )
     /*
      * Unhexify the pre-shared key and parse the list if any given
      */
-    if( unhexify( psk, opt.psk, &psk_len ) != 0 )
+    if( mbedtls_test_unhexify( psk, sizeof( psk ),
+                               opt.psk, &psk_len ) != 0 )
     {
         mbedtls_printf( "pre-shared key not valid hex\n" );
         goto exit;

From 00890e3d10535077eb5e8b5b143e9f7c47d1086c Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Tue, 23 Jun 2020 16:44:41 +0200
Subject: [PATCH 42/46] programs: psa: Link against mbedcrypto not mbedtls

All programs in programs/psa are crypto only thus
just link against mbedcrypto instead of mbedtls.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 programs/psa/CMakeLists.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
index 6ad6dadc4e..e519696b10 100644
--- a/programs/psa/CMakeLists.txt
+++ b/programs/psa/CMakeLists.txt
@@ -6,7 +6,7 @@ set(executables
 
 foreach(exe IN LISTS executables)
     add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
-    target_link_libraries(${exe} mbedtls)
+    target_link_libraries(${exe} mbedcrypto)
     target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
 endforeach()
 

From dd6bdb505647861da88ea2b001d457127a62d4e6 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 26 Jun 2020 16:37:02 +0200
Subject: [PATCH 43/46] cmake: Add comment about mbedtls_test target

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 CMakeLists.txt | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index af7400c9ff..f7e2ed08bf 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -238,6 +238,20 @@ list(APPEND libs ${thirdparty_lib})
 
 add_subdirectory(library)
 
+#
+# The C files in tests/src directory contain test code shared among test suites
+# and programs. This shared test code is compiled and linked to test suites and
+# programs objects as a set of compiled objects. The compiled objects are NOT
+# built into a library that the test suite and program objects would link
+# against as they link against the mbedcrypto, mbedx509 and mbedtls libraries.
+# The reason is that such library is expected to have mutual dependencies with
+# the aforementioned libraries and that there is as of today no portable way of
+# handling such dependencies (only toolchain specific solutions).
+#
+# Thus the below definition of the `mbedtls_test` CMake library of objects
+# target. This library of objects is used by tests and programs CMake files
+# to define the test executables.
+#
 if(ENABLE_TESTING OR ENABLE_PROGRAMS)
     file(GLOB MBEDTLS_TEST_FILES ${CMAKE_CURRENT_SOURCE_DIR}/tests/src/*.c)
     add_library(mbedtls_test OBJECT ${MBEDTLS_TEST_FILES})

From 1959010c4be11a62d99e95354d9244e8bf3df581 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 26 Jun 2020 11:26:02 +0100
Subject: [PATCH 44/46] Assemble changelog

Executed scripts/assemble_changelog.py and manually fixed style where it
diverged from the instructions in ChangeLog.d/00README.md.

Manually added ChangeLog.d/bugfix_PR3405 which didn't have the .txt
extension as prescribed in ChangeLog.d/00README.md and deleted it
afterwards.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog                                     | 123 ++++++++++++++++++
 ChangeLog.d/add_win2k_net_socket.txt          |   2 -
 ChangeLog.d/align-msvc-flags.txt              |   3 -
 ChangeLog.d/bugfix.txt                        |   4 -
 ChangeLog.d/bugfix_PR2855.txt                 |   2 -
 ChangeLog.d/bugfix_PR3333.txt                 |   2 -
 ChangeLog.d/bugfix_PR3405                     |   5 -
 ChangeLog.d/bugfix_PR3421.txt                 |   2 -
 ChangeLog.d/bugfix_PR3422.txt                 |   2 -
 ChangeLog.d/ecp-internal-rng.txt              |  15 ---
 ChangeLog.d/error-asn1.txt                    |   2 -
 ChangeLog.d/error_const.txt                   |   6 -
 ChangeLog.d/fix-ecp-mul-memory-leak.txt       |   3 -
 ChangeLog.d/fix-ecp_double_add_mxz.txt        |   4 -
 .../fix-gcc-format-signedness-warnings.txt    |   4 -
 .../fix-masked-hw-record-init-error.txt       |   3 -
 ...fix-null-ptr-deref-in-mbedtls_ssl_free.txt |   3 -
 ...n-ascii-string-in-mbedtls_x509_dn_gets.txt |   3 -
 ChangeLog.d/fix-typo-in-xts-test.txt          |   2 -
 .../inline-mbedtls_gcc_group_to_psa.txt       |   4 -
 ChangeLog.d/l13-hw-accel.txt                  |   7 -
 ChangeLog.d/make-cpp-check-happy.txt          |   3 -
 ChangeLog.d/max_pathlen.txt                   |   5 -
 ChangeLog.d/md_switch.txt                     |   3 -
 ChangeLog.d/midipix-support.txt               |   2 -
 ChangeLog.d/montmul-cmp-branch.txt            |   6 -
 ...x509_crt_parse_der_with_ext_cb_routine.txt |   5 -
 .../pass-unsupported-policies-to-callback.txt |   4 -
 ChangeLog.d/psa-lifetime-locations.txt        |   8 --
 ChangeLog.d/remove-extra-assignment.txt       |   3 -
 ChangeLog.d/ssl_context_info.txt              |   3 -
 ChangeLog.d/ssl_write_certificate_request.txt |   3 -
 ChangeLog.d/sysctl-arnd-support.txt           |   2 -
 ChangeLog.d/tests-common-code.txt             |   5 -
 ChangeLog.d/unified-exit-in-examples.txt      |   4 -
 ChangeLog.d/uniformize_bounds_checks.txt      |   9 --
 ChangeLog.d/use-find-python3-cmake.txt        |   2 -
 37 files changed, 123 insertions(+), 145 deletions(-)
 delete mode 100644 ChangeLog.d/add_win2k_net_socket.txt
 delete mode 100644 ChangeLog.d/align-msvc-flags.txt
 delete mode 100644 ChangeLog.d/bugfix.txt
 delete mode 100644 ChangeLog.d/bugfix_PR2855.txt
 delete mode 100644 ChangeLog.d/bugfix_PR3333.txt
 delete mode 100644 ChangeLog.d/bugfix_PR3405
 delete mode 100644 ChangeLog.d/bugfix_PR3421.txt
 delete mode 100644 ChangeLog.d/bugfix_PR3422.txt
 delete mode 100644 ChangeLog.d/ecp-internal-rng.txt
 delete mode 100644 ChangeLog.d/error-asn1.txt
 delete mode 100644 ChangeLog.d/error_const.txt
 delete mode 100644 ChangeLog.d/fix-ecp-mul-memory-leak.txt
 delete mode 100644 ChangeLog.d/fix-ecp_double_add_mxz.txt
 delete mode 100644 ChangeLog.d/fix-gcc-format-signedness-warnings.txt
 delete mode 100644 ChangeLog.d/fix-masked-hw-record-init-error.txt
 delete mode 100644 ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt
 delete mode 100644 ChangeLog.d/fix-print-non-ascii-string-in-mbedtls_x509_dn_gets.txt
 delete mode 100644 ChangeLog.d/fix-typo-in-xts-test.txt
 delete mode 100644 ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt
 delete mode 100644 ChangeLog.d/l13-hw-accel.txt
 delete mode 100644 ChangeLog.d/make-cpp-check-happy.txt
 delete mode 100644 ChangeLog.d/max_pathlen.txt
 delete mode 100644 ChangeLog.d/md_switch.txt
 delete mode 100644 ChangeLog.d/midipix-support.txt
 delete mode 100644 ChangeLog.d/montmul-cmp-branch.txt
 delete mode 100644 ChangeLog.d/new-mbedtls_x509_crt_parse_der_with_ext_cb_routine.txt
 delete mode 100644 ChangeLog.d/pass-unsupported-policies-to-callback.txt
 delete mode 100644 ChangeLog.d/psa-lifetime-locations.txt
 delete mode 100644 ChangeLog.d/remove-extra-assignment.txt
 delete mode 100644 ChangeLog.d/ssl_context_info.txt
 delete mode 100644 ChangeLog.d/ssl_write_certificate_request.txt
 delete mode 100644 ChangeLog.d/sysctl-arnd-support.txt
 delete mode 100644 ChangeLog.d/tests-common-code.txt
 delete mode 100644 ChangeLog.d/unified-exit-in-examples.txt
 delete mode 100644 ChangeLog.d/uniformize_bounds_checks.txt
 delete mode 100644 ChangeLog.d/use-find-python3-cmake.txt

diff --git a/ChangeLog b/ChangeLog
index 062a1ad320..e18ef0bd5a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,128 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS x.x.x branch released xxxx-xx-xx
+
+Default behavior changes
+   * In the experimental PSA secure element interface, change the encoding of
+     key lifetimes to encode a persistence level and the location. Although C
+     prototypes do not effectively change, code calling
+     psa_register_se_driver() must be modified to pass the driver's location
+     instead of the keys' lifetime. If the library is upgraded on an existing
+     device, keys created with the old lifetime value will not be readable or
+     removable through Mbed TLS after the upgrade.
+
+Features
+   * New functions in the error module return constant strings for
+     high- and low-level error codes, complementing mbedtls_strerror()
+     which constructs a string for any error code, including compound
+     ones, but requires a writable buffer. Contributed by Gaurav Aggarwal
+     in #3176.
+   * The new utility programs/ssl/ssl_context_info prints a human-readable
+     dump of an SSL context saved with mbedtls_ssl_context_save().
+   * Add support for midipix, a POSIX layer for Microsoft Windows.
+   * Add new mbedtls_x509_crt_parse_der_with_ext_cb() routine which allows
+     parsing unsupported certificate extensions via user provided callback.
+     Contributed by Nicola Di Lieto <nicola.dilieto@gmail.com> in #3243 as
+     a solution to #3241.
+   * Pass the "certificate policies" extension to the callback supplied to
+     mbedtls_x509_crt_parse_der_with_ext_cb() if it contains unsupported
+     policies (#3419).
+   * Added support to entropy_poll for the kern.arandom syscall supported on
+     some BSD systems. Contributed by Nia Alarie in #3423.
+   * Add support for Windows 2000 in net_sockets. Contributed by opatomic. #3239
+
+Security
+   * Fix a side channel vulnerability in modular exponentiation that could
+     reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee,
+     Ming-Wei Shih, Prasun Gera, Taesoo Kim and Hyesoon Kim (Georgia Institute
+     of Technology); and Marcus Peinado (Microsoft Research). Reported by Raoul
+     Strackx (Fortanix) in #3394.
+   * Fix side channel in mbedtls_ecp_check_pub_priv() and
+     mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
+     private key that didn't include the uncompressed public key), as well as
+     mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
+     f_rng argument. An attacker with access to precise enough timing and
+     memory access information (typically an untrusted operating system
+     attacking a secure enclave) could fully recover the ECC private key.
+     Found and reported by Alejandro Cabrera Aldaya and Billy Brumley.
+   * Fix issue in Lucky 13 counter-measure that could make it ineffective when
+     hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
+     macros). This would cause the original Lucky 13 attack to be possible in
+     those configurations, allowing an active network attacker to recover
+     plaintext after repeated timing measurements under some conditions.
+     Reported and fix suggested by Luc Perneel in #3246.
+
+Bugfix
+   * Fix the Visual Studio Release x64 build configuration for mbedtls itself.
+     Completes a previous fix in Mbed TLS 2.19 that only fixed the build for
+     the example programs. Reported in #1430 and fix contributed by irwir.
+   * Fix undefined behavior in X.509 certificate parsing if the
+     pathLenConstraint basic constraint value is equal to INT_MAX.
+     The actual effect with almost every compiler is the intended
+     behavior, so this is unlikely to be exploitable anywhere. #3192
+   * Fix issue with a detected HW accelerated record error not being exposed
+     due to shadowed variable. Contributed by Sander Visser in #3310.
+   * Avoid NULL pointer dereferencing if mbedtls_ssl_free() is called with a
+     NULL pointer argument. Contributed by Sander Visser in #3312.
+   * Fix potential linker errors on dual world platforms by inlining
+     mbedtls_gcc_group_to_psa(). This allows the pk.c module to link separately
+     from psa_crypto.c. Fixes #3300.
+   * Remove dead code in X.509 certificate parsing. Contributed by irwir in
+     #2855.
+   * Include asn1.h in error.c. Fixes #3328 reported by David Hu.
+   * Fix potential memory leaks in ecp_randomize_jac() and ecp_randomize_mxz()
+     when PRNG function fails. Contributed by Jonas Lejeune in #3318.
+   * Remove unused macros from MSVC projects. Reported in #3297 and fix
+     submitted in #3333 by irwir.
+   * Add additional bounds checks in ssl_write_client_hello() preventing
+     output buffer overflow if the configuration declared a buffer that was
+     too small.
+   * Set _POSIX_C_SOURCE to at least 200112L in C99 code. Reported in #3420 and
+     fix submitted in #3421 by Nia Alarie.
+   * Fix building library/net_sockets.c and the ssl_mail_client program on
+     NetBSD. Contributed by Nia Alarie in #3422.
+   * Fix false positive uninitialised variable reported by cpp-check.
+     Contributed by Sander Visser in #3311.
+   * Update iv and len context pointers manually when reallocating buffers
+     using the MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH feature. This caused issues
+     when receiving a connection with CID, when these fields were shifted
+     in ssl_parse_record_header().
+
+Changes
+   * Fix warnings about signedness issues in format strings. The build is now
+     clean of -Wformat-signedness warnings. Contributed by Kenneth Soerensen
+     in #3153.
+   * Fix minor performance issue in operations on Curve25519 caused by using a
+     suboptimal modular reduction in one place. Found and fix contributed by
+     Aurelien Jarno in #3209.
+   * Combine identical cases in switch statements in md.c. Contributed
+     by irwir in #3208.
+   * Simplify a bounds check in ssl_write_certificate_request(). Contributed
+     by irwir in #3150.
+   * Unify the example programs termination to call mbedtls_exit() instead of
+     using a return command. This has been done to enable customization of the
+     behavior in bare metal environments.
+   * Fix mbedtls_x509_dn_gets to escape non-ASCII characters as "?".
+     Contributed by Koh M. Nakagawa in #3326.
+   * Use FindPython3 when cmake version >= 3.15.0
+   * Abort the ClientHello writing function as soon as some extension doesn't
+     fit into the record buffer. Previously, such extensions were silently
+     dropped. As a consequence, the TLS handshake now fails when the output
+     buffer is not large enough to hold the ClientHello.
+   * The unit tests now rely on header files in tests/include/test and source
+     files in tests/src. When building with make or cmake, the files in
+     tests/src are compiled and the resulting object linked into each test
+     executable.
+   * The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
+     `MBEDTLS_CTR_DRBG_C` or `MBEDTLS_HMAC_DRBG_C` for some side-channel
+     coutermeasures. If side channels are not a concern, this dependency can
+     be avoided by enabling the new option `MBEDTLS_ECP_NO_INTERNAL_RNG`.
+   * Align MSVC error flag with GCC and Clang. Contributed by Carlos Gomes
+     Martinho. #3147
+   * Remove superfluous assignment in mbedtls_ssl_parse_certificate(). Reported
+     in #3182 and fix submitted by irwir. #3217
+   * Fix typo in XTS tests. Reported and fix submitted by Kxuan. #3319
+
 = mbed TLS 2.22.0 branch released 2020-04-14
 
 New deprecations
diff --git a/ChangeLog.d/add_win2k_net_socket.txt b/ChangeLog.d/add_win2k_net_socket.txt
deleted file mode 100644
index 9842c5d874..0000000000
--- a/ChangeLog.d/add_win2k_net_socket.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Features
-   * Add support for Windows 2000 in net_sockets. Contributed by opatomic. #3239
diff --git a/ChangeLog.d/align-msvc-flags.txt b/ChangeLog.d/align-msvc-flags.txt
deleted file mode 100644
index 02de3fd34f..0000000000
--- a/ChangeLog.d/align-msvc-flags.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
-   *  Align MSVC error flag with GCC and Clang. Contributed by Carlos Gomes
-      Martinho. #3147
diff --git a/ChangeLog.d/bugfix.txt b/ChangeLog.d/bugfix.txt
deleted file mode 100644
index 922bd318b6..0000000000
--- a/ChangeLog.d/bugfix.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
-   * Fix the Visual Studio Release x64 build configuration for mbedtls itself.
-     Completes a previous fix in Mbed TLS 2.19 that only fixed the build for
-     the example programs. Reported in #1430 and fix contributed by irwir.
diff --git a/ChangeLog.d/bugfix_PR2855.txt b/ChangeLog.d/bugfix_PR2855.txt
deleted file mode 100644
index 6e29710ec5..0000000000
--- a/ChangeLog.d/bugfix_PR2855.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
-   * Remove dead code in X.509 certificate parsing. Contributed by irwir in #2855.
diff --git a/ChangeLog.d/bugfix_PR3333.txt b/ChangeLog.d/bugfix_PR3333.txt
deleted file mode 100644
index 90766ac714..0000000000
--- a/ChangeLog.d/bugfix_PR3333.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
-   * Remove unused macros from MSVC projects. Reported in #3297 and fix submitted in #3333 by irwir.
diff --git a/ChangeLog.d/bugfix_PR3405 b/ChangeLog.d/bugfix_PR3405
deleted file mode 100644
index 73c57c081e..0000000000
--- a/ChangeLog.d/bugfix_PR3405
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
-   * Update iv and len context pointers manually when reallocating buffers
-     using the MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH feature. This caused issues
-     when receiving a connection with CID, when these fields were shifted
-     in ssl_parse_record_header().
diff --git a/ChangeLog.d/bugfix_PR3421.txt b/ChangeLog.d/bugfix_PR3421.txt
deleted file mode 100644
index b52dee00fc..0000000000
--- a/ChangeLog.d/bugfix_PR3421.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
-   * Set _POSIX_C_SOURCE to at least 200112L in C99 code. Reported in #3420 and fix submitted in #3421 by Nia Alarie.
diff --git a/ChangeLog.d/bugfix_PR3422.txt b/ChangeLog.d/bugfix_PR3422.txt
deleted file mode 100644
index dfe152c369..0000000000
--- a/ChangeLog.d/bugfix_PR3422.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
-   * Fix building library/net_sockets.c and the ssl_mail_client program on NetBSD. Contributed by Nia Alarie in #3422.
diff --git a/ChangeLog.d/ecp-internal-rng.txt b/ChangeLog.d/ecp-internal-rng.txt
deleted file mode 100644
index c0419acad5..0000000000
--- a/ChangeLog.d/ecp-internal-rng.txt
+++ /dev/null
@@ -1,15 +0,0 @@
-Changes
-   * The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
-     `MBEDTLS_CTR_DRBG_C` or `MBEDTLS_HMAC_DRBG_C` for some side-channel
-     coutermeasures. If side channels are not a concern, this dependency can
-     be avoided by enabling the new option `MBEDTLS_ECP_NO_INTERNAL_RNG`.
-
-Security
-   * Fix side channel in mbedtls_ecp_check_pub_priv() and
-     mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
-     private key that didn't include the uncompressed public key), as well as
-     mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
-     f_rng argument. An attacker with access to precise enough timing and
-     memory access information (typically an untrusted operating system
-     attacking a secure enclave) could fully recover the ECC private key.
-     Found and reported by Alejandro Cabrera Aldaya and Billy Brumley.
diff --git a/ChangeLog.d/error-asn1.txt b/ChangeLog.d/error-asn1.txt
deleted file mode 100644
index c165696fd7..0000000000
--- a/ChangeLog.d/error-asn1.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Bugfix
-   * Include asn1.h in error.c. Fixes #3328 reported by David Hu.
diff --git a/ChangeLog.d/error_const.txt b/ChangeLog.d/error_const.txt
deleted file mode 100644
index e0086b74cf..0000000000
--- a/ChangeLog.d/error_const.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Features
-   * New functions in the error module return constant strings for
-     high- and low-level error codes, complementing mbedtls_strerror()
-     which constructs a string for any error code, including compound
-     ones, but requires a writable buffer. Contributed by Gaurav Aggarwal
-     in #3176.
diff --git a/ChangeLog.d/fix-ecp-mul-memory-leak.txt b/ChangeLog.d/fix-ecp-mul-memory-leak.txt
deleted file mode 100644
index e82cadc2d9..0000000000
--- a/ChangeLog.d/fix-ecp-mul-memory-leak.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
-   * Fix potential memory leaks in ecp_randomize_jac() and ecp_randomize_mxz()
-     when PRNG function fails. Contributed by Jonas Lejeune in #3318.
diff --git a/ChangeLog.d/fix-ecp_double_add_mxz.txt b/ChangeLog.d/fix-ecp_double_add_mxz.txt
deleted file mode 100644
index 91531b2bbd..0000000000
--- a/ChangeLog.d/fix-ecp_double_add_mxz.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Changes
-   * Fix minor performance issue in operations on Curve25519 caused by using a
-     suboptimal modular reduction in one place. Found and fix contributed by
-     Aurelien Jarno in #3209.
diff --git a/ChangeLog.d/fix-gcc-format-signedness-warnings.txt b/ChangeLog.d/fix-gcc-format-signedness-warnings.txt
deleted file mode 100644
index 2d22b942d5..0000000000
--- a/ChangeLog.d/fix-gcc-format-signedness-warnings.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Changes
-   * Fix warnings about signedness issues in format strings. The build is now
-     clean of -Wformat-signedness warnings. Contributed by Kenneth Soerensen
-     in #3153.
diff --git a/ChangeLog.d/fix-masked-hw-record-init-error.txt b/ChangeLog.d/fix-masked-hw-record-init-error.txt
deleted file mode 100644
index 2ef80daaef..0000000000
--- a/ChangeLog.d/fix-masked-hw-record-init-error.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
-   * Fix issue with a detected HW accelerated record error not being exposed
-     due to shadowed variable. Contributed by Sander Visser in #3310.
diff --git a/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt b/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt
deleted file mode 100644
index e631f4d026..0000000000
--- a/ChangeLog.d/fix-null-ptr-deref-in-mbedtls_ssl_free.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
-   * Avoid NULL pointer dereferencing if mbedtls_ssl_free() is called with a
-     NULL pointer argument. Contributed by Sander Visser in #3312.
diff --git a/ChangeLog.d/fix-print-non-ascii-string-in-mbedtls_x509_dn_gets.txt b/ChangeLog.d/fix-print-non-ascii-string-in-mbedtls_x509_dn_gets.txt
deleted file mode 100644
index 6be1e5b54d..0000000000
--- a/ChangeLog.d/fix-print-non-ascii-string-in-mbedtls_x509_dn_gets.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
-   * Fix mbedtls_x509_dn_gets to escape non-ASCII characters as "?".
-     Contributed by Koh M. Nakagawa in #3326.
diff --git a/ChangeLog.d/fix-typo-in-xts-test.txt b/ChangeLog.d/fix-typo-in-xts-test.txt
deleted file mode 100644
index 4711b8cf9f..0000000000
--- a/ChangeLog.d/fix-typo-in-xts-test.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Changes
-   * Fix typo in XTS tests. Reported and fix submitted by Kxuan. #3319
diff --git a/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt b/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt
deleted file mode 100644
index d0bd1dc6a9..0000000000
--- a/ChangeLog.d/inline-mbedtls_gcc_group_to_psa.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
-   * Fix potential linker errors on dual world platforms by inlining
-     mbedtls_gcc_group_to_psa(). This allows the pk.c module to link separately
-     from psa_crypto.c. Fixes #3300.
diff --git a/ChangeLog.d/l13-hw-accel.txt b/ChangeLog.d/l13-hw-accel.txt
deleted file mode 100644
index 53c79243b7..0000000000
--- a/ChangeLog.d/l13-hw-accel.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-Security
-   * Fix issue in Lucky 13 counter-measure that could make it ineffective when
-     hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
-     macros). This would cause the original Lucky 13 attack to be possible in
-     those configurations, allowing an active network attacker to recover
-     plaintext after repeated timing measurements under some conditions.
-     Reported and fix suggested by Luc Perneel in #3246.
diff --git a/ChangeLog.d/make-cpp-check-happy.txt b/ChangeLog.d/make-cpp-check-happy.txt
deleted file mode 100644
index 2ae74cb0a9..0000000000
--- a/ChangeLog.d/make-cpp-check-happy.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
-   * Fix false positive uninitialised variable reported by cpp-check.
-     Contributed by Sander Visser in #3311.
diff --git a/ChangeLog.d/max_pathlen.txt b/ChangeLog.d/max_pathlen.txt
deleted file mode 100644
index 08f9c65a80..0000000000
--- a/ChangeLog.d/max_pathlen.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
-   * Fix undefined behavior in X.509 certificate parsing if the
-     pathLenConstraint basic constraint value is equal to INT_MAX.
-     The actual effect with almost every compiler is the intended
-     behavior, so this is unlikely to be exploitable anywhere. #3192
diff --git a/ChangeLog.d/md_switch.txt b/ChangeLog.d/md_switch.txt
deleted file mode 100644
index a4d369b51f..0000000000
--- a/ChangeLog.d/md_switch.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
-   * Combine identical cases in switch statements in md.c. Contributed
-     by irwir in #3208.
diff --git a/ChangeLog.d/midipix-support.txt b/ChangeLog.d/midipix-support.txt
deleted file mode 100644
index 53599abe4b..0000000000
--- a/ChangeLog.d/midipix-support.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Features
-   * Add support for midipix, a POSIX layer for Microsoft Windows.
diff --git a/ChangeLog.d/montmul-cmp-branch.txt b/ChangeLog.d/montmul-cmp-branch.txt
deleted file mode 100644
index 59945188a6..0000000000
--- a/ChangeLog.d/montmul-cmp-branch.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Security
-   * Fix a side channel vulnerability in modular exponentiation that could
-     reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee,
-     Ming-Wei Shih, Prasun Gera, Taesoo Kim and Hyesoon Kim (Georgia Institute
-     of Technology); and Marcus Peinado (Microsoft Research). Reported by Raoul
-     Strackx (Fortanix) in #3394.
diff --git a/ChangeLog.d/new-mbedtls_x509_crt_parse_der_with_ext_cb_routine.txt b/ChangeLog.d/new-mbedtls_x509_crt_parse_der_with_ext_cb_routine.txt
deleted file mode 100644
index fdea746de1..0000000000
--- a/ChangeLog.d/new-mbedtls_x509_crt_parse_der_with_ext_cb_routine.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Features
-   * Add new mbedtls_x509_crt_parse_der_with_ext_cb() routine which allows
-     parsing unsupported certificate extensions via user provided callback.
-     Contributed by Nicola Di Lieto <nicola.dilieto@gmail.com> in #3243 as
-     a solution to #3241.
diff --git a/ChangeLog.d/pass-unsupported-policies-to-callback.txt b/ChangeLog.d/pass-unsupported-policies-to-callback.txt
deleted file mode 100644
index d139b4c189..0000000000
--- a/ChangeLog.d/pass-unsupported-policies-to-callback.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
-   * Pass the "certificate policies" extension to the callback supplied to
-     mbedtls_x509_crt_parse_der_with_ext_cb() if it contains unsupported
-     policies (#3419).
diff --git a/ChangeLog.d/psa-lifetime-locations.txt b/ChangeLog.d/psa-lifetime-locations.txt
deleted file mode 100644
index 6ac02bc612..0000000000
--- a/ChangeLog.d/psa-lifetime-locations.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-Default behavior changes
-   * In the experimental PSA secure element interface, change the encoding of
-     key lifetimes to encode a persistence level and the location. Although C
-     prototypes do not effectively change, code calling
-     psa_register_se_driver() must be modified to pass the driver's location
-     instead of the keys' lifetime. If the library is upgraded on an existing
-     device, keys created with the old lifetime value will not be readable or
-     removable through Mbed TLS after the upgrade.
diff --git a/ChangeLog.d/remove-extra-assignment.txt b/ChangeLog.d/remove-extra-assignment.txt
deleted file mode 100644
index a98c423478..0000000000
--- a/ChangeLog.d/remove-extra-assignment.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
-   * Remove superfluous assignment in mbedtls_ssl_parse_certificate(). Reported
-     in #3182 and fix submitted by irwir. #3217
diff --git a/ChangeLog.d/ssl_context_info.txt b/ChangeLog.d/ssl_context_info.txt
deleted file mode 100644
index 6a15061faa..0000000000
--- a/ChangeLog.d/ssl_context_info.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Features
-   * The new utility programs/ssl/ssl_context_info prints a human-readable
-     dump of an SSL context saved with mbedtls_ssl_context_save().
diff --git a/ChangeLog.d/ssl_write_certificate_request.txt b/ChangeLog.d/ssl_write_certificate_request.txt
deleted file mode 100644
index 2d3067aba8..0000000000
--- a/ChangeLog.d/ssl_write_certificate_request.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Changes
-   * Simplify a bounds check in ssl_write_certificate_request(). Contributed
-     by irwir in #3150.
diff --git a/ChangeLog.d/sysctl-arnd-support.txt b/ChangeLog.d/sysctl-arnd-support.txt
deleted file mode 100644
index 14ad674123..0000000000
--- a/ChangeLog.d/sysctl-arnd-support.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Features
-   * Added support to entropy_poll for the kern.arandom syscall supported on some BSD systems. Contributed by Nia Alarie in #3423.
diff --git a/ChangeLog.d/tests-common-code.txt b/ChangeLog.d/tests-common-code.txt
deleted file mode 100644
index 0af2da5262..0000000000
--- a/ChangeLog.d/tests-common-code.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Changes
-   * The unit tests now rely on header files in tests/include/test and source
-     files in tests/src. When building with make or cmake, the files in
-     tests/src are compiled and the resulting object linked into each test
-     executable.
diff --git a/ChangeLog.d/unified-exit-in-examples.txt b/ChangeLog.d/unified-exit-in-examples.txt
deleted file mode 100644
index 3ef9798ad1..0000000000
--- a/ChangeLog.d/unified-exit-in-examples.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Changes
-   * Unify the example programs termination to call mbedtls_exit() instead of
-     using a return command. This has been done to enable customization of the
-     behavior in bare metal environments.
diff --git a/ChangeLog.d/uniformize_bounds_checks.txt b/ChangeLog.d/uniformize_bounds_checks.txt
deleted file mode 100644
index 210ab1051d..0000000000
--- a/ChangeLog.d/uniformize_bounds_checks.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-Bugfix
-   * Add additional bounds checks in ssl_write_client_hello() preventing
-     output buffer overflow if the configuration declared a buffer that was
-     too small.
-Changes
-   * Abort the ClientHello writing function as soon as some extension doesn't
-     fit into the record buffer. Previously, such extensions were silently
-     dropped. As a consequence, the TLS handshake now fails when the output
-     buffer is not large enough to hold the ClientHello.
diff --git a/ChangeLog.d/use-find-python3-cmake.txt b/ChangeLog.d/use-find-python3-cmake.txt
deleted file mode 100644
index 36a5171ee8..0000000000
--- a/ChangeLog.d/use-find-python3-cmake.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Changes
-  * Use FindPython3 when cmake version >= 3.15.0

From 0435cd8c232b9f8399db3153eef9d71abe77b636 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 26 Jun 2020 12:26:55 +0100
Subject: [PATCH 45/46] Bump version to Mbed TLS 2.23.0

Executed "./scripts/bump_version.sh --version 2.23.0 --so-crypto 5"

A symbol has been removed from the mbedcrypto library since the last
release:
mbedtls_ecc_group_to_psa ( enum mbedtls_ecp_group_id grpid,
                           size_t* bits )

This is an ABI break and we need to increase the SO version.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 doxygen/input/doc_mainpage.h         | 2 +-
 doxygen/mbedtls.doxyfile             | 2 +-
 include/mbedtls/version.h            | 8 ++++----
 library/CMakeLists.txt               | 6 +++---
 library/Makefile                     | 2 +-
 tests/suites/test_suite_version.data | 4 ++--
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/doxygen/input/doc_mainpage.h b/doxygen/input/doc_mainpage.h
index 749d5c1ebe..27a840a5b6 100644
--- a/doxygen/input/doc_mainpage.h
+++ b/doxygen/input/doc_mainpage.h
@@ -24,7 +24,7 @@
  */
 
 /**
- * @mainpage mbed TLS v2.22.0 source code documentation
+ * @mainpage mbed TLS v2.23.0 source code documentation
  *
  * This documentation describes the internal structure of mbed TLS.  It was
  * automatically generated from specially formatted comment blocks in
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 418318da59..e89021a210 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -28,7 +28,7 @@ DOXYFILE_ENCODING      = UTF-8
 # identify the project. Note that if you do not use Doxywizard you need
 # to put quotes around the project name if it contains spaces.
 
-PROJECT_NAME           = "mbed TLS v2.22.0"
+PROJECT_NAME           = "mbed TLS v2.23.0"
 
 # The PROJECT_NUMBER tag can be used to enter a project or revision number.
 # This could be handy for archiving the generated documentation or
diff --git a/include/mbedtls/version.h b/include/mbedtls/version.h
index b89e36efd5..0ae4d22711 100644
--- a/include/mbedtls/version.h
+++ b/include/mbedtls/version.h
@@ -39,7 +39,7 @@
  * Major, Minor, Patchlevel
  */
 #define MBEDTLS_VERSION_MAJOR  2
-#define MBEDTLS_VERSION_MINOR  22
+#define MBEDTLS_VERSION_MINOR  23
 #define MBEDTLS_VERSION_PATCH  0
 
 /**
@@ -47,9 +47,9 @@
  *    MMNNPP00
  *    Major version | Minor version | Patch version
  */
-#define MBEDTLS_VERSION_NUMBER         0x02160000
-#define MBEDTLS_VERSION_STRING         "2.22.0"
-#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.22.0"
+#define MBEDTLS_VERSION_NUMBER         0x02170000
+#define MBEDTLS_VERSION_STRING         "2.23.0"
+#define MBEDTLS_VERSION_STRING_FULL    "mbed TLS 2.23.0"
 
 #if defined(MBEDTLS_VERSION_C)
 
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index f6a186faef..05196e86cb 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -181,19 +181,19 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
 if(USE_SHARED_MBEDTLS_LIBRARY)
 
     add_library(mbedcrypto SHARED ${src_crypto})
-    set_target_properties(mbedcrypto PROPERTIES VERSION 2.22.0 SOVERSION 4)
+    set_target_properties(mbedcrypto PROPERTIES VERSION 2.23.0 SOVERSION 5)
     target_link_libraries(mbedcrypto ${libs})
     target_include_directories(mbedcrypto
         PUBLIC ${MBEDTLS_DIR}/include/)
 
     add_library(mbedx509 SHARED ${src_x509})
-    set_target_properties(mbedx509 PROPERTIES VERSION 2.22.0 SOVERSION 1)
+    set_target_properties(mbedx509 PROPERTIES VERSION 2.23.0 SOVERSION 1)
     target_link_libraries(mbedx509 ${libs} mbedcrypto)
     target_include_directories(mbedx509
         PUBLIC ${MBEDTLS_DIR}/include/)
 
     add_library(mbedtls SHARED ${src_tls})
-    set_target_properties(mbedtls PROPERTIES VERSION 2.22.0 SOVERSION 13)
+    set_target_properties(mbedtls PROPERTIES VERSION 2.23.0 SOVERSION 13)
     target_link_libraries(mbedtls ${libs} mbedx509)
     target_include_directories(mbedtls
         PUBLIC ${MBEDTLS_DIR}/include/)
diff --git a/library/Makefile b/library/Makefile
index dbdd3b679a..87ea56d379 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -37,7 +37,7 @@ endif
 
 SOEXT_TLS=so.13
 SOEXT_X509=so.1
-SOEXT_CRYPTO=so.4
+SOEXT_CRYPTO=so.5
 
 # Set AR_DASH= (empty string) to use an ar implementation that does not accept
 # the - prefix for command line options (e.g. llvm-ar)
diff --git a/tests/suites/test_suite_version.data b/tests/suites/test_suite_version.data
index 5dc81d3346..846ebb7310 100644
--- a/tests/suites/test_suite_version.data
+++ b/tests/suites/test_suite_version.data
@@ -1,8 +1,8 @@
 Check compiletime library version
-check_compiletime_version:"2.22.0"
+check_compiletime_version:"2.23.0"
 
 Check runtime library version
-check_runtime_version:"2.22.0"
+check_runtime_version:"2.23.0"
 
 Check for MBEDTLS_VERSION_C
 check_feature:"MBEDTLS_VERSION_C":0

From 13cba685be200410907e7652fc79fd3209a4d1ab Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 26 Jun 2020 12:40:52 +0100
Subject: [PATCH 46/46] Update ChangeLog header.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 ChangeLog | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index e18ef0bd5a..32853ce433 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,6 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
-= mbed TLS x.x.x branch released xxxx-xx-xx
+= mbed TLS 2.23.0 branch released 2020-07-01
 
 Default behavior changes
    * In the experimental PSA secure element interface, change the encoding of