Merge pull request #5270 from davidhorstmann-arm/improve-cmac-docs
Reword documentation of CMAC operations
diff --git a/ChangeLog.d/add_psa_m_aead_ccm.txt b/ChangeLog.d/add_psa_m_aead_ccm.txt
new file mode 100644
index 0000000..d7588ee
--- /dev/null
+++ b/ChangeLog.d/add_psa_m_aead_ccm.txt
@@ -0,0 +1,3 @@
+Features
+ * Add the internal implementation of and support for CCM to the PSA multipart
+ AEAD interface.
diff --git a/ChangeLog.d/build-without-sha.txt b/ChangeLog.d/build-without-sha.txt
new file mode 100644
index 0000000..78ba276
--- /dev/null
+++ b/ChangeLog.d/build-without-sha.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix the build when no SHA2 module is included. Fixes #4930.
+ * Fix the build when only the bignum module is included. Fixes #4929.
diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md
index 8848d66..0dceeeb 100644
--- a/docs/architecture/tls13-experimental.md
+++ b/docs/architecture/tls13-experimental.md
@@ -133,17 +133,23 @@
(1) This is just for comparison.
- (2) The MVP sends one shared secret corresponding to the configured preferred
- group. The preferred group is the group of the first curve in the list of
- allowed curves as defined by the configuration. The allowed curves are
- by default ordered as follow: `secp256r1`, `x25519`, `secp384r1`
- and finally `secp521r1`. This default order is aligned with the
- list of mandatory-to-implement groups (in absence of an application
- profile standard specifying otherwise) defined in section 9.1 of the
- specification. The list of allowed curves can be changed through the
- `mbedtls_ssl_conf_curves()` API.
+ (2) The MVP sends only one shared secret corresponding to the configured
+ preferred group. This could end up with connection failure if the
+ server does not support our preferred curve, as the MVP does not implement
+ HelloRetryRequest. The preferred group is the group of the first curve in
+ the list of allowed curves as defined by the configuration. The allowed
+ curves are by default ordered as follows: `x25519`, `secp256r1`,
+ `secp384r1` and finally `secp521r1`. Note that, in the absence of an
+ application profile standard specifying otherwise, section 9.1 of the
+ specification rather promotes curve `secp256r1` to be supported over
+ curve `x25519`. The MVP would, however, rather keep the preference order
+ currently promoted by Mbed TLS as this applies to TLS 1.2 as well, and
+ changing the order only for TLS1.3 would be potentially difficult.
+ In the unlikely event a server does not support curve `x25519` but does
+ support curve `secp256r1`, curve `secp256r1` can be set as the preferred
+ curve through the `mbedtls_ssl_conf_curves()` API.
- (3) The MVP proposes only TLS 1.3 and does not support version negociation.
+ (3) The MVP proposes only TLS 1.3 and does not support version negotiation.
Out-of-protocol fallback is supported though if the Mbed TLS library
has been built to support both TLS 1.3 and TLS 1.2: just set the
maximum of the minor version of the SSL configuration to
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index 5615a68..68dda0f 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -93,6 +93,10 @@
#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
#endif /* PSA_WANT_ALG_ECDSA */
@@ -225,6 +229,8 @@
#define MBEDTLS_PK_PARSE_C
#define MBEDTLS_PK_WRITE_C
#define MBEDTLS_PK_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR */
#endif /* PSA_WANT_KEY_TYPE_RSA_KEY_PAIR */
@@ -237,6 +243,8 @@
#define MBEDTLS_PK_PARSE_C
#define MBEDTLS_PK_WRITE_C
#define MBEDTLS_PK_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
#endif /* !MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY */
#endif /* PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY */
@@ -418,10 +426,12 @@
#endif /* PSA_WANT_ALG_GCM */
#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
#define MBEDTLS_CHACHAPOLY_C
#define MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 1
#endif /* PSA_WANT_KEY_TYPE_CHACHA20 */
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 */
#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
#if defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
diff --git a/include/mbedtls/entropy.h b/include/mbedtls/entropy.h
index 128ec82..fede05f 100644
--- a/include/mbedtls/entropy.h
+++ b/include/mbedtls/entropy.h
@@ -124,7 +124,7 @@
* -1 after free. */
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_context MBEDTLS_PRIVATE(accumulator);
-#else
+#elif defined(MBEDTLS_ENTROPY_SHA256_ACCUMULATOR)
mbedtls_sha256_context MBEDTLS_PRIVATE(accumulator);
#endif
int MBEDTLS_PRIVATE(source_count); /* Number of entries used in source. */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index d42e180..c99e8f9 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1108,6 +1108,17 @@
*/
struct mbedtls_ssl_session
{
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
+#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
+
+ unsigned char MBEDTLS_PRIVATE(exported);
+
+ /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver.
+ * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs
+ * to be studied whether one of them can be removed. */
+ unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */
+
#if defined(MBEDTLS_HAVE_TIME)
mbedtls_time_t MBEDTLS_PRIVATE(start); /*!< starting time */
#endif
@@ -1117,13 +1128,6 @@
unsigned char MBEDTLS_PRIVATE(id)[32]; /*!< session identifier */
unsigned char MBEDTLS_PRIVATE(master)[48]; /*!< the master secret */
- unsigned char MBEDTLS_PRIVATE(exported);
-
- /* This field is temporarily duplicated with mbedtls_ssl_context.minor_ver.
- * Once runtime negotiation of TLS 1.2 and TLS 1.3 is implemented, it needs
- * to be studied whether one of them can be removed. */
- unsigned char MBEDTLS_PRIVATE(minor_ver); /*!< The TLS version used in the session. */
-
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_x509_crt *MBEDTLS_PRIVATE(peer_cert); /*!< peer X.509 cert chain */
@@ -1143,10 +1147,6 @@
uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< ticket lifetime hint */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
-#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */
#endif
@@ -1210,7 +1210,62 @@
*/
struct mbedtls_ssl_config
{
- /* Group items by size (largest first) to minimize padding overhead */
+ /* Group items mostly by size. This helps to reduce memory wasted to
+ * padding. It also helps to keep smaller fields early in the structure,
+ * so that elements tend to be in the 128-element direct access window
+ * on Arm Thumb, which reduces the code size. */
+
+ unsigned char MBEDTLS_PRIVATE(max_major_ver); /*!< max. major version used */
+ unsigned char MBEDTLS_PRIVATE(max_minor_ver); /*!< max. minor version used */
+ unsigned char MBEDTLS_PRIVATE(min_major_ver); /*!< min. major version used */
+ unsigned char MBEDTLS_PRIVATE(min_minor_ver); /*!< min. minor version used */
+
+ /*
+ * Flags (could be bit-fields to save RAM, but separate bytes make
+ * the code smaller on architectures with an instruction for direct
+ * byte access).
+ */
+
+ uint8_t MBEDTLS_PRIVATE(endpoint); /*!< 0: client, 1: server */
+ uint8_t MBEDTLS_PRIVATE(transport); /*!< 0: stream (TLS), 1: datagram (DTLS) */
+ uint8_t MBEDTLS_PRIVATE(authmode); /*!< MBEDTLS_SSL_VERIFY_XXX */
+ /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */
+ uint8_t MBEDTLS_PRIVATE(allow_legacy_renegotiation); /*!< MBEDTLS_LEGACY_XXX */
+#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
+ uint8_t MBEDTLS_PRIVATE(mfl_code); /*!< desired fragment length indicator
+ (MBEDTLS_SSL_MAX_FRAG_LEN_XXX) */
+#endif
+#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
+ uint8_t MBEDTLS_PRIVATE(encrypt_then_mac); /*!< negotiate encrypt-then-mac? */
+#endif
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+ uint8_t MBEDTLS_PRIVATE(extended_ms); /*!< negotiate extended master secret? */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
+ uint8_t MBEDTLS_PRIVATE(anti_replay); /*!< detect and prevent replay? */
+#endif
+#if defined(MBEDTLS_SSL_RENEGOTIATION)
+ uint8_t MBEDTLS_PRIVATE(disable_renegotiation); /*!< disable renegotiation? */
+#endif
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+ uint8_t MBEDTLS_PRIVATE(session_tickets); /*!< use session tickets? */
+#endif
+#if defined(MBEDTLS_SSL_SRV_C)
+ uint8_t MBEDTLS_PRIVATE(cert_req_ca_list); /*!< enable sending CA list in
+ Certificate Request messages? */
+ uint8_t MBEDTLS_PRIVATE(respect_cli_pref); /*!< pick the ciphersuite according to
+ the client's preferences rather
+ than ours? */
+#endif
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ uint8_t MBEDTLS_PRIVATE(ignore_unexpected_cid); /*!< Should DTLS record with
+ * unexpected CID
+ * lead to failure? */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ uint8_t MBEDTLS_PRIVATE(dtls_srtp_mki_support); /* support having mki_value
+ in the use_srtp extension? */
+#endif
/*
* Pointers
@@ -1365,7 +1420,7 @@
#endif /* MBEDTLS_SSL_DTLS_SRTP */
/*
- * Numerical settings (int then char)
+ * Numerical settings (int)
*/
uint32_t MBEDTLS_PRIVATE(read_timeout); /*!< timeout for mbedtls_ssl_read (ms) */
@@ -1388,55 +1443,6 @@
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
unsigned int MBEDTLS_PRIVATE(dhm_min_bitlen); /*!< min. bit length of the DHM prime */
#endif
-
- unsigned char MBEDTLS_PRIVATE(max_major_ver); /*!< max. major version used */
- unsigned char MBEDTLS_PRIVATE(max_minor_ver); /*!< max. minor version used */
- unsigned char MBEDTLS_PRIVATE(min_major_ver); /*!< min. major version used */
- unsigned char MBEDTLS_PRIVATE(min_minor_ver); /*!< min. minor version used */
-
- /*
- * Flags (bitfields)
- */
-
- unsigned int MBEDTLS_PRIVATE(endpoint) : 1; /*!< 0: client, 1: server */
- unsigned int MBEDTLS_PRIVATE(transport) : 1; /*!< stream (TLS) or datagram (DTLS) */
- unsigned int MBEDTLS_PRIVATE(authmode) : 2; /*!< MBEDTLS_SSL_VERIFY_XXX */
- /* needed even with renego disabled for LEGACY_BREAK_HANDSHAKE */
- unsigned int MBEDTLS_PRIVATE(allow_legacy_renegotiation) : 2 ; /*!< MBEDTLS_LEGACY_XXX */
-#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
- unsigned int MBEDTLS_PRIVATE(mfl_code) : 3; /*!< desired fragment length */
-#endif
-#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
- unsigned int MBEDTLS_PRIVATE(encrypt_then_mac) : 1 ; /*!< negotiate encrypt-then-mac? */
-#endif
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
- unsigned int MBEDTLS_PRIVATE(extended_ms) : 1; /*!< negotiate extended master secret? */
-#endif
-#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
- unsigned int MBEDTLS_PRIVATE(anti_replay) : 1; /*!< detect and prevent replay? */
-#endif
-#if defined(MBEDTLS_SSL_RENEGOTIATION)
- unsigned int MBEDTLS_PRIVATE(disable_renegotiation) : 1; /*!< disable renegotiation? */
-#endif
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- unsigned int MBEDTLS_PRIVATE(session_tickets) : 1; /*!< use session tickets? */
-#endif
-#if defined(MBEDTLS_SSL_SRV_C)
- unsigned int MBEDTLS_PRIVATE(cert_req_ca_list) : 1; /*!< enable sending CA list in
- Certificate Request messages? */
- unsigned int MBEDTLS_PRIVATE(respect_cli_pref) : 1; /*!< pick the ciphersuite according to
- the client's preferences rather
- than ours */
-#endif
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
- unsigned int MBEDTLS_PRIVATE(ignore_unexpected_cid) : 1; /*!< Determines whether DTLS
- * record with unexpected CID
- * should lead to failure. */
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#if defined(MBEDTLS_SSL_DTLS_SRTP)
- unsigned int MBEDTLS_PRIVATE(dtls_srtp_mki_support) : 1; /* support having mki_value
- in the use_srtp extension */
-#endif
};
struct mbedtls_ssl_context
diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h
index 8075caf..e11e239 100644
--- a/include/psa/crypto_builtin_composites.h
+++ b/include/psa/crypto_builtin_composites.h
@@ -112,21 +112,4 @@
#define MBEDTLS_PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, {0}}
-/*
- * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
- */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-typedef mbedtls_psa_mac_operation_t mbedtls_transparent_test_driver_mac_operation_t;
-typedef mbedtls_psa_mac_operation_t mbedtls_opaque_test_driver_mac_operation_t;
-
-#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
-#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT MBEDTLS_PSA_MAC_OPERATION_INIT
-
-typedef mbedtls_psa_aead_operation_t mbedtls_transparent_test_driver_aead_operation_t;
-
-#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT MBEDTLS_PSA_AEAD_OPERATION_INIT
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_BUILTIN_COMPOSITES_H */
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index 31f4aa6..d3cf33a 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -61,21 +61,23 @@
psa_algorithm_t MBEDTLS_PRIVATE(alg);
union
{
- unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD5_C)
- mbedtls_md5_context MBEDTLS_PRIVATE(md5);
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
+ mbedtls_md5_context md5;
#endif
-#if defined(MBEDTLS_RIPEMD160_C)
- mbedtls_ripemd160_context MBEDTLS_PRIVATE(ripemd160);
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
+ mbedtls_ripemd160_context ripemd160;
#endif
-#if defined(MBEDTLS_SHA1_C)
- mbedtls_sha1_context MBEDTLS_PRIVATE(sha1);
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
+ mbedtls_sha1_context sha1;
#endif
-#if defined(MBEDTLS_SHA256_C)
- mbedtls_sha256_context MBEDTLS_PRIVATE(sha256);
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
+ mbedtls_sha256_context sha256;
#endif
-#if defined(MBEDTLS_SHA512_C)
- mbedtls_sha512_context MBEDTLS_PRIVATE(sha512);
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
+ mbedtls_sha512_context sha512;
#endif
} MBEDTLS_PRIVATE(ctx);
} mbedtls_psa_hash_operation_t;
@@ -112,29 +114,4 @@
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
-/*
- * BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
- */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operation_t;
-
-#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT MBEDTLS_PSA_HASH_OPERATION_INIT
-
-typedef mbedtls_psa_cipher_operation_t
- mbedtls_transparent_test_driver_cipher_operation_t;
-
-typedef struct {
- unsigned int initialised : 1;
- mbedtls_transparent_test_driver_cipher_operation_t ctx;
-} mbedtls_opaque_test_driver_cipher_operation_t;
-
-#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
- MBEDTLS_PSA_CIPHER_OPERATION_INIT
-
-#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
- { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_BUILTIN_PRIMITIVES_H */
diff --git a/include/psa/crypto_driver_common.h b/include/psa/crypto_driver_common.h
index 1b6f322..26363c6 100644
--- a/include/psa/crypto_driver_common.h
+++ b/include/psa/crypto_driver_common.h
@@ -42,6 +42,9 @@
* of these types. */
#include "crypto_types.h"
#include "crypto_values.h"
+/* Include size definitions which are used to size some arrays in operation
+ * structures. */
+#include <psa/crypto_sizes.h>
/** For encrypt-decrypt functions, whether the operation is an encryption
* or a decryption. */
diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h
index 957986c..3f1c8af 100644
--- a/include/psa/crypto_driver_contexts_composites.h
+++ b/include/psa/crypto_driver_contexts_composites.h
@@ -36,11 +36,59 @@
#include "psa/crypto_driver_common.h"
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_composites.h"
+
/* Include the context structure definitions for those drivers that were
* declared during the autogeneration process. */
-/* Include the context structure definitions for the Mbed TLS software drivers */
-#include "psa/crypto_builtin_composites.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include <libtestdriver1/include/psa/crypto.h>
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
+typedef libtestdriver1_mbedtls_psa_mac_operation_t
+ mbedtls_transparent_test_driver_mac_operation_t;
+typedef libtestdriver1_mbedtls_psa_mac_operation_t
+ mbedtls_opaque_test_driver_mac_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
+ LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
+#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
+ LIBTESTDRIVER1_MBEDTLS_PSA_MAC_OPERATION_INIT
+
+#else
+typedef mbedtls_psa_mac_operation_t
+ mbedtls_transparent_test_driver_mac_operation_t;
+typedef mbedtls_psa_mac_operation_t
+ mbedtls_opaque_test_driver_mac_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_MAC_OPERATION_INIT \
+ MBEDTLS_PSA_MAC_OPERATION_INIT
+#define MBEDTLS_OPAQUE_TEST_DRIVER_MAC_OPERATION_INIT \
+ MBEDTLS_PSA_MAC_OPERATION_INIT
+
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC */
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+typedef libtestdriver1_mbedtls_psa_aead_operation_t
+ mbedtls_transparent_test_driver_aead_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \
+ LIBTESTDRIVER1_MBEDTLS_PSA_AEAD_OPERATION_INIT
+#else
+typedef mbedtls_psa_aead_operation_t
+ mbedtls_transparent_test_driver_aead_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_AEAD_OPERATION_INIT \
+ MBEDTLS_PSA_AEAD_OPERATION_INIT
+
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 && LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD */
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
/* Define the context to be used for an operation that is executed through the
* PSA Driver wrapper layer as the union of all possible driver's contexts.
diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h
index 104d4bd..2bb01ed 100644
--- a/include/psa/crypto_driver_contexts_primitives.h
+++ b/include/psa/crypto_driver_contexts_primitives.h
@@ -35,11 +35,59 @@
#include "psa/crypto_driver_common.h"
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_primitives.h"
+
/* Include the context structure definitions for those drivers that were
* declared during the autogeneration process. */
-/* Include the context structure definitions for the Mbed TLS software drivers */
-#include "psa/crypto_builtin_primitives.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include <libtestdriver1/include/psa/crypto.h>
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+typedef libtestdriver1_mbedtls_psa_cipher_operation_t
+ mbedtls_transparent_test_driver_cipher_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
+ LIBTESTDRIVER1_MBEDTLS_PSA_CIPHER_OPERATION_INIT
+#else
+typedef mbedtls_psa_cipher_operation_t
+ mbedtls_transparent_test_driver_cipher_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT \
+ MBEDTLS_PSA_CIPHER_OPERATION_INIT
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
+ LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER */
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+typedef libtestdriver1_mbedtls_psa_hash_operation_t
+ mbedtls_transparent_test_driver_hash_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
+ LIBTESTDRIVER1_MBEDTLS_PSA_HASH_OPERATION_INIT
+#else
+typedef mbedtls_psa_hash_operation_t
+ mbedtls_transparent_test_driver_hash_operation_t;
+
+#define MBEDTLS_TRANSPARENT_TEST_DRIVER_HASH_OPERATION_INIT \
+ MBEDTLS_PSA_HASH_OPERATION_INIT
+#endif /* MBEDTLS_TEST_LIBTESTDRIVER1 &&
+ LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH */
+
+typedef struct {
+ unsigned int initialised : 1;
+ mbedtls_transparent_test_driver_cipher_operation_t ctx;
+} mbedtls_opaque_test_driver_cipher_operation_t;
+
+#define MBEDTLS_OPAQUE_TEST_DRIVER_CIPHER_OPERATION_INIT \
+ { 0, MBEDTLS_TRANSPARENT_TEST_DRIVER_CIPHER_OPERATION_INIT }
+
+#endif /* PSA_CRYPTO_DRIVER_TEST */
/* Define the context to be used for an operation that is executed through the
* PSA Driver wrapper layer as the union of all possible driver's contexts.
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 2c0b106..1f68925 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -31,6 +31,7 @@
#include "mbedtls/platform_util.h"
+#include "crypto_types.h"
#include "crypto_compat.h"
#ifdef __cplusplus
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index af8a4a6..9bbcb34 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -121,7 +121,7 @@
/* Note: for HMAC-SHA-3, the block size is 144 bytes for HMAC-SHA3-226,
* 136 bytes for HMAC-SHA3-256, 104 bytes for SHA3-384, 72 bytes for
* HMAC-SHA3-512. */
-#if defined(MBEDTLS_SHA512_C)
+#if defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_384)
#define PSA_HASH_MAX_SIZE 64
#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
#else
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 2689415..2c61e53 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -186,9 +186,6 @@
{
uint8_t *MBEDTLS_PRIVATE(info);
size_t MBEDTLS_PRIVATE(info_length);
- psa_mac_operation_t MBEDTLS_PRIVATE(hmac);
- uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE];
- uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
#if PSA_HASH_MAX_SIZE > 0xff
#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
#endif
@@ -196,6 +193,9 @@
uint8_t MBEDTLS_PRIVATE(block_number);
unsigned int MBEDTLS_PRIVATE(state) : 2;
unsigned int MBEDTLS_PRIVATE(info_set) : 1;
+ uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
+ uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE];
+ struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac);
} psa_hkdf_key_derivation_t;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
diff --git a/library/base64.c b/library/base64.c
index a516c1d..83daa0b 100644
--- a/library/base64.c
+++ b/library/base64.c
@@ -22,7 +22,7 @@
#if defined(MBEDTLS_BASE64_C)
#include "mbedtls/base64.h"
-#include "base64_invasive.h"
+#include "constant_time_internal.h"
#include <stdint.h>
@@ -38,41 +38,6 @@
#define BASE64_SIZE_T_MAX ( (size_t) -1 ) /* SIZE_T_MAX is not standard */
-/* Return 0xff if low <= c <= high, 0 otherwise.
- *
- * Constant flow with respect to c.
- */
-MBEDTLS_STATIC_TESTABLE
-unsigned char mbedtls_base64_mask_of_range( unsigned char low,
- unsigned char high,
- unsigned char c )
-{
- /* low_mask is: 0 if low <= c, 0x...ff if low > c */
- unsigned low_mask = ( (unsigned) c - low ) >> 8;
- /* high_mask is: 0 if c <= high, 0x...ff if c > high */
- unsigned high_mask = ( (unsigned) high - c ) >> 8;
- return( ~( low_mask | high_mask ) & 0xff );
-}
-
-/* Given a value in the range 0..63, return the corresponding Base64 digit.
- * The implementation assumes that letters are consecutive (e.g. ASCII
- * but not EBCDIC).
- */
-MBEDTLS_STATIC_TESTABLE
-unsigned char mbedtls_base64_enc_char( unsigned char val )
-{
- unsigned char digit = 0;
- /* For each range of values, if val is in that range, mask digit with
- * the corresponding value. Since val can only be in a single range,
- * only at most one masking will change digit. */
- digit |= mbedtls_base64_mask_of_range( 0, 25, val ) & ( 'A' + val );
- digit |= mbedtls_base64_mask_of_range( 26, 51, val ) & ( 'a' + val - 26 );
- digit |= mbedtls_base64_mask_of_range( 52, 61, val ) & ( '0' + val - 52 );
- digit |= mbedtls_base64_mask_of_range( 62, 62, val ) & '+';
- digit |= mbedtls_base64_mask_of_range( 63, 63, val ) & '/';
- return( digit );
-}
-
/*
* Encode a buffer into base64 format
*/
@@ -113,12 +78,12 @@
C2 = *src++;
C3 = *src++;
- *p++ = mbedtls_base64_enc_char( ( C1 >> 2 ) & 0x3F );
- *p++ = mbedtls_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
+ *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F );
+ *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
& 0x3F );
- *p++ = mbedtls_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) )
+ *p++ = mbedtls_ct_base64_enc_char( ( ( ( C2 & 15 ) << 2 ) + ( C3 >> 6 ) )
& 0x3F );
- *p++ = mbedtls_base64_enc_char( C3 & 0x3F );
+ *p++ = mbedtls_ct_base64_enc_char( C3 & 0x3F );
}
if( i < slen )
@@ -126,12 +91,12 @@
C1 = *src++;
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
- *p++ = mbedtls_base64_enc_char( ( C1 >> 2 ) & 0x3F );
- *p++ = mbedtls_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
+ *p++ = mbedtls_ct_base64_enc_char( ( C1 >> 2 ) & 0x3F );
+ *p++ = mbedtls_ct_base64_enc_char( ( ( ( C1 & 3 ) << 4 ) + ( C2 >> 4 ) )
& 0x3F );
if( ( i + 1 ) < slen )
- *p++ = mbedtls_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F );
+ *p++ = mbedtls_ct_base64_enc_char( ( ( C2 & 15 ) << 2 ) & 0x3F );
else *p++ = '=';
*p++ = '=';
@@ -143,35 +108,6 @@
return( 0 );
}
-/* Given a Base64 digit, return its value.
- * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'),
- * return -1.
- *
- * The implementation assumes that letters are consecutive (e.g. ASCII
- * but not EBCDIC).
- *
- * The implementation is constant-flow (no branch or memory access depending
- * on the value of c) unless the compiler inlines and optimizes a specific
- * access.
- */
-MBEDTLS_STATIC_TESTABLE
-signed char mbedtls_base64_dec_value( unsigned char c )
-{
- unsigned char val = 0;
- /* For each range of digits, if c is in that range, mask val with
- * the corresponding value. Since c can only be in a single range,
- * only at most one masking will change val. Set val to one plus
- * the desired value so that it stays 0 if c is in none of the ranges. */
- val |= mbedtls_base64_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 );
- val |= mbedtls_base64_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 );
- val |= mbedtls_base64_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 );
- val |= mbedtls_base64_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 );
- val |= mbedtls_base64_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 );
- /* At this point, val is 0 if c is an invalid digit and v+1 if c is
- * a digit with the value v. */
- return( val - 1 );
-}
-
/*
* Decode a base64-formatted buffer
*/
@@ -224,7 +160,7 @@
{
if( equals != 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
- if( mbedtls_base64_dec_value( src[i] ) < 0 )
+ if( mbedtls_ct_base64_dec_value( src[i] ) < 0 )
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
}
n++;
@@ -259,7 +195,7 @@
if( *src == '=' )
++equals;
else
- x |= mbedtls_base64_dec_value( *src );
+ x |= mbedtls_ct_base64_dec_value( *src );
if( ++accumulated_digits == 4 )
{
diff --git a/library/base64_invasive.h b/library/base64_invasive.h
deleted file mode 100644
index ed5f7cb..0000000
--- a/library/base64_invasive.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * \file base_invasive.h
- *
- * \brief Base64 module: interfaces for invasive testing only.
- *
- * The interfaces in this file are intended for testing purposes only.
- * They SHOULD NOT be made available in library integrations except when
- * building the library for testing.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef MBEDTLS_BASE64_INVASIVE_H
-#define MBEDTLS_BASE64_INVASIVE_H
-
-#include "common.h"
-
-#if defined(MBEDTLS_TEST_HOOKS)
-/* Return 0xff if low <= c <= high, 0 otherwise.
- *
- * Constant flow with respect to c.
- */
-unsigned char mbedtls_base64_mask_of_range( unsigned char low,
- unsigned char high,
- unsigned char c );
-
-/* Given a value in the range 0..63, return the corresponding Base64 digit.
- *
- * Operates in constant time (no branches or memory access depending on val).
- */
-unsigned char mbedtls_base64_enc_char( unsigned char val );
-
-/* Given a Base64 digit, return its value.
- * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'),
- * return -1.
- *
- * Operates in constant time (no branches or memory access depending on c).
- */
-signed char mbedtls_base64_dec_value( unsigned char c );
-#endif /* MBEDTLS_TEST_HOOKS */
-
-#endif /* MBEDTLS_BASE64_INVASIVE_H */
diff --git a/library/bignum.c b/library/bignum.c
index fdf8c9a..e47e259 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -43,6 +43,7 @@
#include "mbedtls/error.h"
#include "constant_time_internal.h"
+#include <limits.h>
#include <string.h>
#if defined(MBEDTLS_PLATFORM_C)
diff --git a/library/constant_time.c b/library/constant_time.c
index 9bb275c..d8870ae 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -40,6 +40,10 @@
#include "mbedtls/rsa.h"
#endif
+#if defined(MBEDTLS_BASE64_C)
+#include "constant_time_invasive.h"
+#endif
+
#include <string.h>
int mbedtls_ct_memcmp( const void *a,
@@ -150,6 +154,26 @@
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC */
+#if defined(MBEDTLS_BASE64_C)
+
+/* Return 0xff if low <= c <= high, 0 otherwise.
+ *
+ * Constant flow with respect to c.
+ */
+MBEDTLS_STATIC_TESTABLE
+unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low,
+ unsigned char high,
+ unsigned char c )
+{
+ /* low_mask is: 0 if low <= c, 0x...ff if low > c */
+ unsigned low_mask = ( (unsigned) c - low ) >> 8;
+ /* high_mask is: 0 if c <= high, 0x...ff if c > high */
+ unsigned high_mask = ( (unsigned) high - c ) >> 8;
+ return( ~( low_mask | high_mask ) & 0xff );
+}
+
+#endif /* MBEDTLS_BASE64_C */
+
unsigned mbedtls_ct_size_bool_eq( size_t x,
size_t y )
{
@@ -301,6 +325,41 @@
#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_BASE64_C)
+
+unsigned char mbedtls_ct_base64_enc_char( unsigned char value )
+{
+ unsigned char digit = 0;
+ /* For each range of values, if value is in that range, mask digit with
+ * the corresponding value. Since value can only be in a single range,
+ * only at most one masking will change digit. */
+ digit |= mbedtls_ct_uchar_mask_of_range( 0, 25, value ) & ( 'A' + value );
+ digit |= mbedtls_ct_uchar_mask_of_range( 26, 51, value ) & ( 'a' + value - 26 );
+ digit |= mbedtls_ct_uchar_mask_of_range( 52, 61, value ) & ( '0' + value - 52 );
+ digit |= mbedtls_ct_uchar_mask_of_range( 62, 62, value ) & '+';
+ digit |= mbedtls_ct_uchar_mask_of_range( 63, 63, value ) & '/';
+ return( digit );
+}
+
+signed char mbedtls_ct_base64_dec_value( unsigned char c )
+{
+ unsigned char val = 0;
+ /* For each range of digits, if c is in that range, mask val with
+ * the corresponding value. Since c can only be in a single range,
+ * only at most one masking will change val. Set val to one plus
+ * the desired value so that it stays 0 if c is in none of the ranges. */
+ val |= mbedtls_ct_uchar_mask_of_range( 'A', 'Z', c ) & ( c - 'A' + 0 + 1 );
+ val |= mbedtls_ct_uchar_mask_of_range( 'a', 'z', c ) & ( c - 'a' + 26 + 1 );
+ val |= mbedtls_ct_uchar_mask_of_range( '0', '9', c ) & ( c - '0' + 52 + 1 );
+ val |= mbedtls_ct_uchar_mask_of_range( '+', '+', c ) & ( c - '+' + 62 + 1 );
+ val |= mbedtls_ct_uchar_mask_of_range( '/', '/', c ) & ( c - '/' + 63 + 1 );
+ /* At this point, val is 0 if c is an invalid digit and v+1 if c is
+ * a digit with the value v. */
+ return( val - 1 );
+}
+
+#endif /* MBEDTLS_BASE64_C */
+
#if defined(MBEDTLS_PKCS1_V15) && defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_RSA_ALT)
/** Shift some data towards the left inside a buffer.
diff --git a/library/constant_time_internal.h b/library/constant_time_internal.h
index ac18b56..053cf12 100644
--- a/library/constant_time_internal.h
+++ b/library/constant_time_internal.h
@@ -167,6 +167,35 @@
#endif /* MBEDTLS_BIGNUM_C */
+#if defined(MBEDTLS_BASE64_C)
+
+/** Given a value in the range 0..63, return the corresponding Base64 digit.
+ *
+ * The implementation assumes that letters are consecutive (e.g. ASCII
+ * but not EBCDIC).
+ *
+ * \param value A value in the range 0..63.
+ *
+ * \return A base64 digit converted from \p value.
+ */
+unsigned char mbedtls_ct_base64_enc_char( unsigned char value );
+
+/** Given a Base64 digit, return its value.
+ *
+ * If c is not a Base64 digit ('A'..'Z', 'a'..'z', '0'..'9', '+' or '/'),
+ * return -1.
+ *
+ * The implementation assumes that letters are consecutive (e.g. ASCII
+ * but not EBCDIC).
+ *
+ * \param c A base64 digit.
+ *
+ * \return The value of the base64 digit \p c.
+ */
+signed char mbedtls_ct_base64_dec_value( unsigned char c );
+
+#endif /* MBEDTLS_BASE64_C */
+
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC)
/** Conditional memcpy without branches.
diff --git a/library/constant_time_invasive.h b/library/constant_time_invasive.h
new file mode 100644
index 0000000..4620ca1
--- /dev/null
+++ b/library/constant_time_invasive.h
@@ -0,0 +1,51 @@
+/**
+ * \file constant_time_invasive.h
+ *
+ * \brief Constant-time module: interfaces for invasive testing only.
+ *
+ * The interfaces in this file are intended for testing purposes only.
+ * They SHOULD NOT be made available in library integrations except when
+ * building the library for testing.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_CONSTANT_TIME_INVASIVE_H
+#define MBEDTLS_CONSTANT_TIME_INVASIVE_H
+
+#include "common.h"
+
+#if defined(MBEDTLS_TEST_HOOKS)
+
+/** Turn a value into a mask:
+ * - if \p low <= \p c <= \p high,
+ * return the all-bits 1 mask, aka (unsigned) -1
+ * - otherwise, return the all-bits 0 mask, aka 0
+ *
+ * \param low The value to analyze.
+ * \param high The value to analyze.
+ * \param c The value to analyze.
+ *
+ * \return All-bits-one if \p low <= \p c <= \p high, otherwise zero.
+ */
+unsigned char mbedtls_ct_uchar_mask_of_range( unsigned char low,
+ unsigned char high,
+ unsigned char c );
+
+#endif /* MBEDTLS_TEST_HOOKS */
+
+#endif /* MBEDTLS_CONSTANT_TIME_INVASIVE_H */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0a04ba1..9f5b946 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -103,9 +103,9 @@
typedef struct
{
- mbedtls_psa_random_context_t rng;
unsigned initialized : 1;
unsigned rng_state : 2;
+ mbedtls_psa_random_context_t rng;
} psa_global_data_t;
static psa_global_data_t global_data;
@@ -324,15 +324,11 @@
/* Key management */
/****************************************************************/
-/* For now the MBEDTLS_PSA_ACCEL_ guards are also used here since the
- * current test driver in key_management.c is using this function
- * when accelerators are used for ECC key pair and public key.
- * Once that dependency is resolved these guards can be removed.
- */
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa( psa_ecc_family_t curve,
size_t bits,
int bits_is_sloppy )
@@ -428,9 +424,10 @@
return( MBEDTLS_ECP_DP_NONE );
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
- * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
psa_status_t psa_validate_unstructured_key_bit_size( psa_key_type_t type,
size_t bits )
@@ -2193,7 +2190,7 @@
const uint8_t *hash,
size_t hash_length )
{
- uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
+ uint8_t actual_hash[PSA_HASH_MAX_SIZE];
size_t actual_hash_length;
psa_status_t status = psa_hash_finish(
operation,
@@ -2236,7 +2233,7 @@
const uint8_t *input, size_t input_length,
const uint8_t *hash, size_t hash_length )
{
- uint8_t actual_hash[MBEDTLS_MD_MAX_SIZE];
+ uint8_t actual_hash[PSA_HASH_MAX_SIZE];
size_t actual_hash_length;
if( !PSA_ALG_IS_HASH( alg ) )
@@ -2909,8 +2906,7 @@
return( PSA_ERROR_INVALID_ARGUMENT );
}
}
- else
- if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
+ else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
{
if( PSA_ALG_IS_ECDSA( alg ) )
{
@@ -2980,8 +2976,7 @@
return( PSA_ERROR_INVALID_ARGUMENT );
}
}
- else
- if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
+ else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
{
if( PSA_ALG_IS_ECDSA( alg ) )
{
@@ -3071,10 +3066,10 @@
goto exit;
}
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
mbedtls_rsa_context *rsa = NULL;
status = mbedtls_psa_rsa_load_representation( slot->attr.type,
slot->key.data,
@@ -3088,9 +3083,11 @@
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto rsa_exit;
}
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
status = mbedtls_to_psa_error(
mbedtls_rsa_pkcs1_encrypt( rsa,
mbedtls_psa_get_random,
@@ -3098,12 +3095,14 @@
input_length,
input,
output ) );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
}
else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
if( PSA_ALG_IS_RSA_OAEP( alg ) )
{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
status = mbedtls_to_psa_error(
psa_rsa_oaep_set_padding_mode( alg, rsa ) );
if( status != PSA_SUCCESS )
@@ -3117,23 +3116,26 @@
input_length,
input,
output ) );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
}
else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
{
status = PSA_ERROR_INVALID_ARGUMENT;
- goto rsa_exit;
}
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
rsa_exit:
if( status == PSA_SUCCESS )
*output_length = mbedtls_rsa_get_len( rsa );
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
- }
- else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+ }
+ else
{
status = PSA_ERROR_NOT_SUPPORTED;
}
@@ -3179,10 +3181,10 @@
goto exit;
}
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
if( slot->attr.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
mbedtls_rsa_context *rsa = NULL;
status = mbedtls_psa_rsa_load_representation( slot->attr.type,
slot->key.data,
@@ -3196,10 +3198,12 @@
status = PSA_ERROR_INVALID_ARGUMENT;
goto rsa_exit;
}
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
if( alg == PSA_ALG_RSA_PKCS1V15_CRYPT )
{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT)
status = mbedtls_to_psa_error(
mbedtls_rsa_pkcs1_decrypt( rsa,
mbedtls_psa_get_random,
@@ -3208,12 +3212,14 @@
input,
output,
output_size ) );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
}
else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
if( PSA_ALG_IS_RSA_OAEP( alg ) )
{
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
status = mbedtls_to_psa_error(
psa_rsa_oaep_set_padding_mode( alg, rsa ) );
if( status != PSA_SUCCESS )
@@ -3228,20 +3234,24 @@
input,
output,
output_size ) );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
}
else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP */
{
status = PSA_ERROR_INVALID_ARGUMENT;
}
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP)
rsa_exit:
mbedtls_rsa_free( rsa );
mbedtls_free( rsa );
- }
- else
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) */
+ }
+ else
{
status = PSA_ERROR_NOT_SUPPORTED;
}
@@ -3884,6 +3894,15 @@
goto exit;
}
+ /* For CCM, this size may not be correct according to the PSA
+ * specification. The PSA Crypto 1.0.1 specification states:
+ *
+ * CCM encodes the plaintext length pLen in L octets, with L the smallest
+ * integer >= 2 where pLen < 2^(8L). The nonce length is then 15 - L bytes.
+ *
+ * However this restriction that L has to be the smallest integer is not
+ * applied in practice, and it is not implementable here since the
+ * plaintext length may or may not be known at this time. */
required_nonce_size = PSA_AEAD_NONCE_LENGTH( operation->key_type,
operation->alg );
if( nonce_size < required_nonce_size )
@@ -4046,6 +4065,13 @@
operation->ad_remaining -= input_length;
}
+#if defined(PSA_WANT_ALG_CCM)
+ else if( operation->alg == PSA_ALG_CCM )
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
+#endif /* PSA_WANT_ALG_CCM */
status = psa_driver_wrapper_aead_update_ad( operation, input,
input_length );
@@ -4103,6 +4129,13 @@
operation->body_remaining -= input_length;
}
+#if defined(PSA_WANT_ALG_CCM)
+ else if( operation->alg == PSA_ALG_CCM )
+ {
+ status = PSA_ERROR_BAD_STATE;
+ goto exit;
+ }
+#endif /* PSA_WANT_ALG_CCM */
status = psa_driver_wrapper_aead_update( operation, input, input_length,
output, output_size,
@@ -5805,11 +5838,9 @@
* In particular, this sets all state indicator to the value
* indicating "uninitialized". */
mbedtls_platform_zeroize( &global_data, sizeof( global_data ) );
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- /* Unregister all secure element drivers, so that we restart from
- * a pristine state. */
- psa_unregister_all_se_drivers( );
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+ /* Terminate drivers */
+ psa_driver_wrapper_free( );
}
#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
@@ -5858,11 +5889,10 @@
if( status != PSA_SUCCESS )
goto exit;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
- status = psa_init_all_se_drivers( );
+ /* Init drivers */
+ status = psa_driver_wrapper_init( );
if( status != PSA_SUCCESS )
goto exit;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
#if defined(PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS)
status = psa_crypto_load_transaction( );
diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index c7f7352..714d950 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -119,6 +119,8 @@
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
default:
+ (void) status;
+ (void) key_buffer;
return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -214,6 +216,11 @@
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
{
(void) tag;
+ (void) nonce;
+ (void) nonce_length;
+ (void) additional_data;
+ (void) additional_data_length;
+ (void) plaintext;
return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -321,6 +328,11 @@
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
{
+ (void) nonce;
+ (void) nonce_length;
+ (void) additional_data;
+ (void) additional_data_length;
+ (void) plaintext;
return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -346,13 +358,6 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
- if( operation->alg == PSA_ALG_CCM )
- {
- return( PSA_ERROR_NOT_SUPPORTED );
- }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
-
status = psa_aead_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@@ -373,13 +378,6 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
- if( operation->alg == PSA_ALG_CCM )
- {
- return( PSA_ERROR_NOT_SUPPORTED );
- }
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
-
status = psa_aead_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@@ -409,6 +407,18 @@
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_starts( &operation->ctx.ccm,
+ operation->is_encrypt ?
+ MBEDTLS_CCM_ENCRYPT : MBEDTLS_CCM_DECRYPT,
+ nonce,
+ nonce_length ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
if( operation->alg == PSA_ALG_CHACHA20_POLY1305 )
{
@@ -432,7 +442,9 @@
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
{
+ ( void ) operation;
( void ) nonce;
+ ( void ) nonce_length;
return ( PSA_ERROR_NOT_SUPPORTED );
}
@@ -446,11 +458,21 @@
size_t ad_length,
size_t plaintext_length )
{
- /* Nothing here yet, work is currently done in PSA Core, however support
- * for CCM will require this function. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ return( mbedtls_to_psa_error(
+ mbedtls_ccm_set_lengths( &operation->ctx.ccm,
+ ad_length,
+ plaintext_length,
+ operation->tag_length ) ) );
+
+ }
+#else /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
( void ) operation;
( void ) ad_length;
( void ) plaintext_length;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
return ( PSA_SUCCESS );
}
@@ -471,6 +493,14 @@
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_update_ad( &operation->ctx.ccm, input, input_length ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
if( operation->alg == PSA_ALG_CHACHA20_POLY1305 )
{
@@ -518,6 +548,20 @@
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ if( output_size < input_length )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_update( &operation->ctx.ccm,
+ input, input_length,
+ output, output_size,
+ &update_output_length ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
if( operation->alg == PSA_ALG_CHACHA20_POLY1305 )
{
@@ -533,8 +577,10 @@
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
{
+ ( void ) operation;
( void ) input;
- ( void ) input_length;
+ ( void ) output;
+ ( void ) output_size;
return ( PSA_ERROR_NOT_SUPPORTED );
}
@@ -571,6 +617,20 @@
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ /* tag must be big enough to store a tag of size passed into set
+ * lengths. */
+ if( tag_size < operation->tag_length )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ccm_finish( &operation->ctx.ccm,
+ tag, operation->tag_length ) );
+ }
+ else
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
if( operation->alg == PSA_ALG_CHACHA20_POLY1305 )
{
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 07c6a00..09bd28c 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -31,30 +31,6 @@
#include <string.h>
-#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_DES) ) )
-#define BUILTIN_KEY_TYPE_DES 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING) ) )
-#define BUILTIN_ALG_CBC_NO_PADDING 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7) ) )
-#define BUILTIN_ALG_CBC_PKCS7 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CHACHA20) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20) ) )
-#define BUILTIN_KEY_TYPE_CHACHA20 1
-#endif
-
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
psa_algorithm_t alg,
psa_key_type_t key_type,
@@ -150,9 +126,9 @@
(int) key_bits, mode ) );
}
-#if defined(MBEDTLS_PSA_BUILTIN_CIPHER) || defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
-static psa_status_t cipher_setup(
+static psa_status_t psa_cipher_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
@@ -179,7 +155,7 @@
if( ret != 0 )
goto exit;
-#if defined(BUILTIN_KEY_TYPE_DES)
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
{
/* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
@@ -199,8 +175,8 @@
if( ret != 0 )
goto exit;
-#if defined(BUILTIN_ALG_CBC_NO_PADDING) || \
- defined(BUILTIN_ALG_CBC_PKCS7)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
switch( alg )
{
case PSA_ALG_CBC_NO_PADDING:
@@ -218,7 +194,8 @@
}
if( ret != 0 )
goto exit;
-#endif /* BUILTIN_ALG_CBC_NO_PADDING || BUILTIN_ALG_CBC_PKCS7 */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING ||
+ MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */
operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
@@ -228,30 +205,31 @@
return( mbedtls_to_psa_error( ret ) );
}
-static psa_status_t cipher_encrypt_setup(
+psa_status_t mbedtls_psa_cipher_encrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
- return( cipher_setup( operation, attributes,
- key_buffer, key_buffer_size,
- alg, MBEDTLS_ENCRYPT ) );
+ return( psa_cipher_setup( operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_ENCRYPT ) );
}
-static psa_status_t cipher_decrypt_setup(
+psa_status_t mbedtls_psa_cipher_decrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
{
- return( cipher_setup( operation, attributes,
- key_buffer, key_buffer_size,
- alg, MBEDTLS_DECRYPT ) );
+ return( psa_cipher_setup( operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_DECRYPT ) );
}
-static psa_status_t cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *iv, size_t iv_length )
+psa_status_t mbedtls_psa_cipher_set_iv(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *iv, size_t iv_length )
{
if( iv_length != operation->iv_length )
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -365,12 +343,10 @@
return( status );
}
-static psa_status_t cipher_update( mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
+psa_status_t mbedtls_psa_cipher_update(
+ mbedtls_psa_cipher_operation_t *operation,
+ const uint8_t *input, size_t input_length,
+ uint8_t *output, size_t output_size, size_t *output_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t expected_output_size;
@@ -417,10 +393,9 @@
return( status );
}
-static psa_status_t cipher_finish( mbedtls_psa_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
+psa_status_t mbedtls_psa_cipher_finish(
+ mbedtls_psa_cipher_operation_t *operation,
+ uint8_t *output, size_t output_size, size_t *output_length )
{
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
@@ -456,7 +431,8 @@
return( status );
}
-static psa_status_t cipher_abort( mbedtls_psa_cipher_operation_t *operation )
+psa_status_t mbedtls_psa_cipher_abort(
+ mbedtls_psa_cipher_operation_t *operation )
{
/* Sanity check (shouldn't happen: operation->alg should
* always have been initialized to a valid value). */
@@ -468,46 +444,50 @@
return( PSA_SUCCESS );
}
-static psa_status_t cipher_encrypt( const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
+psa_status_t mbedtls_psa_cipher_encrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
size_t olength, accumulated_length;
- status = cipher_encrypt_setup( &operation, attributes,
- key_buffer, key_buffer_size, alg );
+ status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size,
+ alg );
if( status != PSA_SUCCESS )
goto exit;
accumulated_length = 0;
if( operation.iv_length > 0 )
{
- status = cipher_set_iv( &operation, output, operation.iv_length );
+ status = mbedtls_psa_cipher_set_iv( &operation,
+ output, operation.iv_length );
if( status != PSA_SUCCESS )
goto exit;
accumulated_length = operation.iv_length;
}
- status = cipher_update( &operation, input, input_length,
- output + operation.iv_length,
- output_size - operation.iv_length,
- &olength );
+ status = mbedtls_psa_cipher_update( &operation, input, input_length,
+ output + operation.iv_length,
+ output_size - operation.iv_length,
+ &olength );
if( status != PSA_SUCCESS )
goto exit;
accumulated_length += olength;
- status = cipher_finish( &operation, output + accumulated_length,
- output_size - accumulated_length, &olength );
+ status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length,
+ &olength );
if( status != PSA_SUCCESS )
goto exit;
@@ -515,48 +495,53 @@
exit:
if( status == PSA_SUCCESS )
- status = cipher_abort( &operation );
+ status = mbedtls_psa_cipher_abort( &operation );
else
- cipher_abort( &operation );
+ mbedtls_psa_cipher_abort( &operation );
+
return( status );
}
-static psa_status_t cipher_decrypt( const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
+psa_status_t mbedtls_psa_cipher_decrypt(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
size_t olength, accumulated_length;
- status = cipher_decrypt_setup( &operation, attributes,
- key_buffer, key_buffer_size, alg );
+ status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes,
+ key_buffer, key_buffer_size,
+ alg );
if( status != PSA_SUCCESS )
goto exit;
if( operation.iv_length > 0 )
{
- status = cipher_set_iv( &operation, input, operation.iv_length );
+ status = mbedtls_psa_cipher_set_iv( &operation,
+ input, operation.iv_length );
if( status != PSA_SUCCESS )
goto exit;
}
- status = cipher_update( &operation, input + operation.iv_length,
- input_length - operation.iv_length,
- output, output_size, &olength );
+ status = mbedtls_psa_cipher_update( &operation, input + operation.iv_length,
+ input_length - operation.iv_length,
+ output, output_size, &olength );
if( status != PSA_SUCCESS )
goto exit;
accumulated_length = olength;
- status = cipher_finish( &operation, output + accumulated_length,
- output_size - accumulated_length, &olength );
+ status = mbedtls_psa_cipher_finish( &operation, output + accumulated_length,
+ output_size - accumulated_length,
+ &olength );
if( status != PSA_SUCCESS )
goto exit;
@@ -564,181 +549,12 @@
exit:
if ( status == PSA_SUCCESS )
- status = cipher_abort( &operation );
+ status = mbedtls_psa_cipher_abort( &operation );
else
- cipher_abort( &operation );
+ mbedtls_psa_cipher_abort( &operation );
+
return( status );
}
-#endif /* MBEDTLS_PSA_BUILTIN_CIPHER || PSA_CRYPTO_DRIVER_TEST */
-
-#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
-psa_status_t mbedtls_psa_cipher_encrypt_setup(
- mbedtls_psa_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- return( cipher_encrypt_setup(
- operation, attributes, key_buffer, key_buffer_size, alg ) );
-}
-
-psa_status_t mbedtls_psa_cipher_decrypt_setup(
- mbedtls_psa_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- return( cipher_decrypt_setup(
- operation, attributes, key_buffer, key_buffer_size, alg ) );
-}
-
-psa_status_t mbedtls_psa_cipher_set_iv( mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *iv,
- size_t iv_length )
-{
- return( cipher_set_iv( operation, iv, iv_length ) );
-}
-
-psa_status_t mbedtls_psa_cipher_update( mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- return( cipher_update( operation, input, input_length,
- output, output_size, output_length ) );
-}
-
-psa_status_t mbedtls_psa_cipher_finish( mbedtls_psa_cipher_operation_t *operation,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- return( cipher_finish( operation, output, output_size, output_length ) );
-}
-
-psa_status_t mbedtls_psa_cipher_abort( mbedtls_psa_cipher_operation_t *operation )
-{
- return( cipher_abort( operation ) );
-}
-
-psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
- alg, input, input_length,
- output, output_size, output_length ) );
-}
-
-psa_status_t mbedtls_psa_cipher_decrypt( const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
- alg, input, input_length,
- output, output_size, output_length ) );
-}
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup(
- mbedtls_psa_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- return( cipher_encrypt_setup(
- operation, attributes, key_buffer, key_buffer_size, alg ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup(
- mbedtls_psa_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- return( cipher_decrypt_setup(
- operation, attributes, key_buffer, key_buffer_size, alg ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_set_iv(
- mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *iv, size_t iv_length )
-{
- return( cipher_set_iv( operation, iv, iv_length ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_update(
- mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length )
-{
- return( cipher_update( operation, input, input_length,
- output, output_size, output_length ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_finish(
- mbedtls_psa_cipher_operation_t *operation,
- uint8_t *output, size_t output_size, size_t *output_length )
-{
- return( cipher_finish( operation, output, output_size, output_length ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_abort(
- mbedtls_psa_cipher_operation_t *operation )
-{
- return( cipher_abort( operation ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- return( cipher_encrypt( attributes, key_buffer, key_buffer_size,
- alg, input, input_length,
- output, output_size, output_length ) );
-}
-
-psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
-{
- return( cipher_decrypt( attributes, key_buffer, key_buffer_size,
- alg, input, input_length,
- output, output_size, output_length ) );
-}
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_cipher.h b/library/psa_crypto_cipher.h
index 5971e8d..bb4657d 100644
--- a/library/psa_crypto_cipher.h
+++ b/library/psa_crypto_cipher.h
@@ -304,60 +304,4 @@
size_t output_size,
size_t *output_length );
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-psa_status_t mbedtls_transparent_test_driver_cipher_encrypt_setup(
- mbedtls_psa_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_decrypt_setup(
- mbedtls_psa_cipher_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_set_iv(
- mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *iv, size_t iv_length );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_update(
- mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_finish(
- mbedtls_psa_cipher_operation_t *operation,
- uint8_t *output, size_t output_size, size_t *output_length );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_abort(
- mbedtls_psa_cipher_operation_t *operation );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_encrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length );
-
-psa_status_t mbedtls_transparent_test_driver_cipher_decrypt(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length );
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_CIPHER_H */
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index cfc77fb..9679715 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -67,6 +67,44 @@
#include "psa_crypto_se.h"
#endif
+psa_status_t psa_driver_wrapper_init( void )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ status = psa_init_all_se_drivers( );
+ if( status != PSA_SUCCESS )
+ return( status );
+#endif
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = mbedtls_test_transparent_init( );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ status = mbedtls_test_opaque_init( );
+ if( status != PSA_SUCCESS )
+ return( status );
+#endif
+
+ (void) status;
+ return( PSA_SUCCESS );
+}
+
+void psa_driver_wrapper_free( void )
+{
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ /* Unregister all secure element drivers, so that we restart from
+ * a pristine state. */
+ psa_unregister_all_se_drivers( );
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ mbedtls_test_transparent_free( );
+ mbedtls_test_opaque_free( );
+#endif
+}
+
/* Start delegation functions */
psa_status_t psa_driver_wrapper_sign_message(
const psa_key_attributes_t *attributes,
@@ -1059,6 +1097,7 @@
default:
/* Key is declared with a lifetime not known to us */
(void)status;
+ (void)operation;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
@@ -1130,6 +1169,7 @@
default:
/* Key is declared with a lifetime not known to us */
(void)status;
+ (void)operation;
(void)key_buffer;
(void)key_buffer_size;
(void)alg;
@@ -2076,6 +2116,7 @@
default:
/* Key is declared with a lifetime not known to us */
(void) status;
+ (void) operation;
(void) key_buffer;
(void) key_buffer_size;
(void) alg;
@@ -2147,6 +2188,7 @@
default:
/* Key is declared with a lifetime not known to us */
(void) status;
+ (void) operation;
(void) key_buffer;
(void) key_buffer_size;
(void) alg;
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index 0873b73..6026b82 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -26,6 +26,12 @@
#include "psa/crypto_driver_common.h"
/*
+ * Initialization and termination functions
+ */
+psa_status_t psa_driver_wrapper_init( void );
+void psa_driver_wrapper_free( void );
+
+/*
* Signature functions
*/
psa_status_t psa_driver_wrapper_sign_message(
diff --git a/library/psa_crypto_ecp.c b/library/psa_crypto_ecp.c
index 144ba1c..db6682c 100644
--- a/library/psa_crypto_ecp.c
+++ b/library/psa_crypto_ecp.c
@@ -40,36 +40,10 @@
#include <mbedtls/ecp.h>
#include <mbedtls/error.h>
-#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ) )
-#define BUILTIN_KEY_TYPE_ECC_KEY_PAIR 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) ) )
-#define BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) && \
- defined(MBEDTLS_ECDSA_C) ) )
-#define BUILTIN_ALG_ECDSA 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) && \
- defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) ) )
-#define BUILTIN_ALG_DETERMINISTIC_ECDSA 1
-#endif
-
-#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
- defined(BUILTIN_ALG_ECDSA) || \
- defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
psa_status_t mbedtls_psa_ecp_load_representation(
psa_key_type_t type, size_t curve_bits,
@@ -181,16 +155,16 @@
return( status );
}
-#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
- * defined(BUILTIN_ALG_ECDSA) ||
- * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
-#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-static psa_status_t ecp_import_key(
+psa_status_t mbedtls_psa_ecp_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size,
@@ -281,7 +255,7 @@
}
}
-static psa_status_t ecp_export_public_key(
+psa_status_t mbedtls_psa_ecp_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
@@ -305,11 +279,11 @@
return( status );
}
-#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-#if defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
-static psa_status_t ecp_generate_key(
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+psa_status_t mbedtls_psa_ecp_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
@@ -351,15 +325,15 @@
return( status );
}
-#endif /* defined(BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
/****************************************************************/
/* ECDSA sign/verify */
/****************************************************************/
-#if defined(BUILTIN_ALG_ECDSA) || \
- defined(BUILTIN_ALG_DETERMINISTIC_ECDSA)
-static psa_status_t ecdsa_sign_hash(
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+psa_status_t mbedtls_psa_ecdsa_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@@ -391,7 +365,7 @@
if( PSA_ALG_ECDSA_IS_DETERMINISTIC( alg ) )
{
-#if defined(BUILTIN_ALG_DETERMINISTIC_ECDSA)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_psa( hash_alg );
mbedtls_md_type_t md_alg = mbedtls_md_get_type( md_info );
@@ -404,7 +378,7 @@
#else
ret = MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
goto cleanup;
-#endif /* defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
}
else
{
@@ -433,7 +407,7 @@
return( mbedtls_to_psa_error( ret ) );
}
-static psa_status_t ecdsa_verify_hash(
+psa_status_t mbedtls_psa_ecdsa_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@@ -492,177 +466,7 @@
return( mbedtls_to_psa_error( ret ) );
}
-#endif /* defined(BUILTIN_ALG_ECDSA) || \
- * defined(BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
-
-psa_status_t mbedtls_psa_ecp_import_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length,
- uint8_t *key_buffer, size_t key_buffer_size,
- size_t *key_buffer_length, size_t *bits )
-{
- return( ecp_import_key( attributes, data, data_length,
- key_buffer, key_buffer_size,
- key_buffer_length, bits ) );
-}
-
-psa_status_t mbedtls_psa_ecp_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- return( ecp_export_public_key( attributes, key_buffer, key_buffer_size,
- data, data_size, data_length ) );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
-psa_status_t mbedtls_psa_ecp_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
-{
- return( ecp_generate_key( attributes, key_buffer, key_buffer_size,
- key_buffer_length ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) */
-
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
-
-psa_status_t mbedtls_psa_ecdsa_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
-
- return( ecdsa_sign_hash( attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_size, signature_length ) );
-}
-
-psa_status_t mbedtls_psa_ecdsa_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length )
-{
- return( ecdsa_verify_hash( attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_length ) );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
-
-psa_status_t mbedtls_test_driver_ecp_import_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length,
- uint8_t *key_buffer, size_t key_buffer_size,
- size_t *key_buffer_length, size_t *bits )
-{
- return( ecp_import_key( attributes, data, data_length,
- key_buffer, key_buffer_size,
- key_buffer_length, bits ) );
-}
-
-psa_status_t mbedtls_test_driver_ecp_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- return( ecp_export_public_key( attributes, key_buffer, key_buffer_size,
- data, data_size, data_length ) );
-}
-
-#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) ||
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) && \
- defined(MBEDTLS_GENPRIME)
-psa_status_t mbedtls_transparent_test_driver_ecp_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
-{
- return( ecp_generate_key( attributes, key_buffer, key_buffer_size,
- key_buffer_length ) );
-}
-#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) &&
- defined(MBEDTLS_GENPRIME) */
-
-#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
-
-psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
-
-#if defined(MBEDTLS_ECDSA_C)
- return( ecdsa_sign_hash( attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_size, signature_length ) );
-#else
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_size;
- (void)signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-}
-
-psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length )
-{
-#if defined(MBEDTLS_ECDSA_C)
- return( ecdsa_verify_hash( attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_length ) );
-#else
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-}
-
-#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_ecp.h b/library/psa_crypto_ecp.h
index dc9e887..429c062 100644
--- a/library/psa_crypto_ecp.h
+++ b/library/psa_crypto_ecp.h
@@ -218,39 +218,4 @@
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length );
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-psa_status_t mbedtls_test_driver_ecp_import_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length,
- uint8_t *key_buffer, size_t key_buffer_size,
- size_t *key_buffer_length, size_t *bits );
-
-psa_status_t mbedtls_test_driver_ecp_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- uint8_t *data, size_t data_size, size_t *data_length );
-
-psa_status_t mbedtls_transparent_test_driver_ecp_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length );
-
-psa_status_t mbedtls_transparent_test_driver_ecdsa_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length );
-
-psa_status_t mbedtls_transparent_test_driver_ecdsa_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length );
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_ECP_H */
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index 92dcbba..536c6c1 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -29,37 +29,6 @@
#include <mbedtls/error.h>
#include <string.h>
-/* Use builtin defines specific to this compilation unit, since the test driver
- * relies on the software driver. */
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) )
-#define BUILTIN_ALG_MD5 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160) ) )
-#define BUILTIN_ALG_RIPEMD160 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1) ) )
-#define BUILTIN_ALG_SHA_1 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224) ) )
-#define BUILTIN_ALG_SHA_224 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256) ) )
-#define BUILTIN_ALG_SHA_256 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384) ) )
-#define BUILTIN_ALG_SHA_384 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512) ) )
-#define BUILTIN_ALG_SHA_512 1
-#endif
-
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
@@ -105,10 +74,8 @@
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
-/* Implement the PSA driver hash interface on top of mbed TLS if either the
- * software driver or the test driver requires it. */
-#if defined(MBEDTLS_PSA_BUILTIN_HASH) || defined(PSA_CRYPTO_DRIVER_TEST)
-static psa_status_t hash_abort(
+#if defined(MBEDTLS_PSA_BUILTIN_HASH)
+psa_status_t mbedtls_psa_hash_abort(
mbedtls_psa_hash_operation_t *operation )
{
switch( operation->alg )
@@ -118,37 +85,37 @@
* in use. It's ok to call abort on such an object, and there's
* nothing to do. */
break;
-#if defined(BUILTIN_ALG_MD5)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_free( &operation->ctx.md5 );
break;
#endif
-#if defined(BUILTIN_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_free( &operation->ctx.ripemd160 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
mbedtls_sha1_free( &operation->ctx.sha1 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
mbedtls_sha256_free( &operation->ctx.sha256 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
mbedtls_sha256_free( &operation->ctx.sha256 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
mbedtls_sha512_free( &operation->ctx.sha512 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
mbedtls_sha512_free( &operation->ctx.sha512 );
break;
@@ -160,7 +127,7 @@
return( PSA_SUCCESS );
}
-static psa_status_t hash_setup(
+psa_status_t mbedtls_psa_hash_setup(
mbedtls_psa_hash_operation_t *operation,
psa_algorithm_t alg )
{
@@ -174,43 +141,43 @@
switch( alg )
{
-#if defined(BUILTIN_ALG_MD5)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_init( &operation->ctx.md5 );
ret = mbedtls_md5_starts( &operation->ctx.md5 );
break;
#endif
-#if defined(BUILTIN_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
ret = mbedtls_ripemd160_starts( &operation->ctx.ripemd160 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
mbedtls_sha1_init( &operation->ctx.sha1 );
ret = mbedtls_sha1_starts( &operation->ctx.sha1 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
mbedtls_sha256_init( &operation->ctx.sha256 );
ret = mbedtls_sha256_starts( &operation->ctx.sha256, 1 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
mbedtls_sha256_init( &operation->ctx.sha256 );
ret = mbedtls_sha256_starts( &operation->ctx.sha256, 0 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
mbedtls_sha512_init( &operation->ctx.sha512 );
ret = mbedtls_sha512_starts( &operation->ctx.sha512, 1 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
mbedtls_sha512_init( &operation->ctx.sha512 );
ret = mbedtls_sha512_starts( &operation->ctx.sha512, 0 );
@@ -224,11 +191,11 @@
if( ret == 0 )
operation->alg = alg;
else
- hash_abort( operation );
+ mbedtls_psa_hash_abort( operation );
return( mbedtls_to_psa_error( ret ) );
}
-static psa_status_t hash_clone(
+psa_status_t mbedtls_psa_hash_clone(
const mbedtls_psa_hash_operation_t *source_operation,
mbedtls_psa_hash_operation_t *target_operation )
{
@@ -236,43 +203,43 @@
{
case 0:
return( PSA_ERROR_BAD_STATE );
-#if defined(BUILTIN_ALG_MD5)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_clone( &target_operation->ctx.md5,
&source_operation->ctx.md5 );
break;
#endif
-#if defined(BUILTIN_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_clone( &target_operation->ctx.ripemd160,
&source_operation->ctx.ripemd160 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
mbedtls_sha1_clone( &target_operation->ctx.sha1,
&source_operation->ctx.sha1 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
mbedtls_sha256_clone( &target_operation->ctx.sha256,
&source_operation->ctx.sha256 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
mbedtls_sha256_clone( &target_operation->ctx.sha256,
&source_operation->ctx.sha256 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
mbedtls_sha512_clone( &target_operation->ctx.sha512,
&source_operation->ctx.sha512 );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
mbedtls_sha512_clone( &target_operation->ctx.sha512,
&source_operation->ctx.sha512 );
@@ -288,7 +255,7 @@
return( PSA_SUCCESS );
}
-static psa_status_t hash_update(
+psa_status_t mbedtls_psa_hash_update(
mbedtls_psa_hash_operation_t *operation,
const uint8_t *input,
size_t input_length )
@@ -297,43 +264,43 @@
switch( operation->alg )
{
-#if defined(BUILTIN_ALG_MD5)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
ret = mbedtls_md5_update( &operation->ctx.md5,
input, input_length );
break;
#endif
-#if defined(BUILTIN_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
ret = mbedtls_ripemd160_update( &operation->ctx.ripemd160,
input, input_length );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
ret = mbedtls_sha1_update( &operation->ctx.sha1,
input, input_length );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
ret = mbedtls_sha256_update( &operation->ctx.sha256,
input, input_length );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
ret = mbedtls_sha256_update( &operation->ctx.sha256,
input, input_length );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
ret = mbedtls_sha512_update( &operation->ctx.sha512,
input, input_length );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
ret = mbedtls_sha512_update( &operation->ctx.sha512,
input, input_length );
@@ -348,7 +315,7 @@
return( mbedtls_to_psa_error( ret ) );
}
-static psa_status_t hash_finish(
+psa_status_t mbedtls_psa_hash_finish(
mbedtls_psa_hash_operation_t *operation,
uint8_t *hash,
size_t hash_size,
@@ -375,37 +342,37 @@
switch( operation->alg )
{
-#if defined(BUILTIN_ALG_MD5)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
ret = mbedtls_md5_finish( &operation->ctx.md5, hash );
break;
#endif
-#if defined(BUILTIN_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
ret = mbedtls_ripemd160_finish( &operation->ctx.ripemd160, hash );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
ret = mbedtls_sha1_finish( &operation->ctx.sha1, hash );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash );
break;
#endif
-#if defined(BUILTIN_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash );
break;
@@ -422,7 +389,7 @@
return( status );
}
-static psa_status_t hash_compute(
+psa_status_t mbedtls_psa_hash_compute(
psa_algorithm_t alg,
const uint8_t *input,
size_t input_length,
@@ -435,183 +402,24 @@
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
*hash_length = hash_size;
- status = hash_setup( &operation, alg );
+ status = mbedtls_psa_hash_setup( &operation, alg );
if( status != PSA_SUCCESS )
goto exit;
- status = hash_update( &operation, input, input_length );
+ status = mbedtls_psa_hash_update( &operation, input, input_length );
if( status != PSA_SUCCESS )
goto exit;
- status = hash_finish( &operation, hash, hash_size, hash_length );
+ status = mbedtls_psa_hash_finish( &operation, hash, hash_size, hash_length );
if( status != PSA_SUCCESS )
goto exit;
exit:
- abort_status = hash_abort( &operation );
+ abort_status = mbedtls_psa_hash_abort( &operation );
if( status == PSA_SUCCESS )
return( abort_status );
else
return( status );
}
-#endif /* MBEDTLS_PSA_BUILTIN_HASH || PSA_CRYPTO_DRIVER_TEST */
-
-#if defined(MBEDTLS_PSA_BUILTIN_HASH)
-psa_status_t mbedtls_psa_hash_compute(
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length)
-{
- return( hash_compute( alg, input, input_length,
- hash, hash_size, hash_length ) );
-}
-
-psa_status_t mbedtls_psa_hash_setup(
- mbedtls_psa_hash_operation_t *operation,
- psa_algorithm_t alg )
-{
- return( hash_setup( operation, alg ) );
-}
-
-psa_status_t mbedtls_psa_hash_clone(
- const mbedtls_psa_hash_operation_t *source_operation,
- mbedtls_psa_hash_operation_t *target_operation )
-{
- return( hash_clone( source_operation, target_operation ) );
-}
-
-psa_status_t mbedtls_psa_hash_update(
- mbedtls_psa_hash_operation_t *operation,
- const uint8_t *input,
- size_t input_length )
-{
- return( hash_update( operation, input, input_length ) );
-}
-
-psa_status_t mbedtls_psa_hash_finish(
- mbedtls_psa_hash_operation_t *operation,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length )
-{
- return( hash_finish( operation, hash, hash_size, hash_length ) );
-}
-
-psa_status_t mbedtls_psa_hash_abort(
- mbedtls_psa_hash_operation_t *operation )
-{
- return( hash_abort( operation ) );
-}
#endif /* MBEDTLS_PSA_BUILTIN_HASH */
- /*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-static int is_hash_accelerated( psa_algorithm_t alg )
-{
- switch( alg )
- {
-#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
- case PSA_ALG_MD5:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
- case PSA_ALG_RIPEMD160:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
- case PSA_ALG_SHA_1:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
- case PSA_ALG_SHA_224:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
- case PSA_ALG_SHA_256:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
- case PSA_ALG_SHA_384:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
- case PSA_ALG_SHA_512:
- return( 1 );
-#endif
- default:
- return( 0 );
- }
-}
-
-psa_status_t mbedtls_transparent_test_driver_hash_compute(
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length)
-{
- if( is_hash_accelerated( alg ) )
- return( hash_compute( alg, input, input_length,
- hash, hash_size, hash_length ) );
- else
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_transparent_test_driver_hash_setup(
- mbedtls_transparent_test_driver_hash_operation_t *operation,
- psa_algorithm_t alg )
-{
- if( is_hash_accelerated( alg ) )
- return( hash_setup( operation, alg ) );
- else
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_transparent_test_driver_hash_clone(
- const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
- mbedtls_transparent_test_driver_hash_operation_t *target_operation )
-{
- if( is_hash_accelerated( source_operation->alg ) )
- return( hash_clone( source_operation, target_operation ) );
- else
- return( PSA_ERROR_BAD_STATE );
-}
-
-psa_status_t mbedtls_transparent_test_driver_hash_update(
- mbedtls_transparent_test_driver_hash_operation_t *operation,
- const uint8_t *input,
- size_t input_length )
-{
- if( is_hash_accelerated( operation->alg ) )
- return( hash_update( operation, input, input_length ) );
- else
- return( PSA_ERROR_BAD_STATE );
-}
-
-psa_status_t mbedtls_transparent_test_driver_hash_finish(
- mbedtls_transparent_test_driver_hash_operation_t *operation,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length )
-{
- if( is_hash_accelerated( operation->alg ) )
- return( hash_finish( operation, hash, hash_size, hash_length ) );
- else
- return( PSA_ERROR_BAD_STATE );
-}
-
-psa_status_t mbedtls_transparent_test_driver_hash_abort(
- mbedtls_transparent_test_driver_hash_operation_t *operation )
-{
- return( hash_abort( operation ) );
-}
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_hash.h b/library/psa_crypto_hash.h
index 6655643..7091dc5 100644
--- a/library/psa_crypto_hash.h
+++ b/library/psa_crypto_hash.h
@@ -231,42 +231,4 @@
psa_status_t mbedtls_psa_hash_abort(
mbedtls_psa_hash_operation_t *operation );
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-psa_status_t mbedtls_transparent_test_driver_hash_compute(
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length);
-
-psa_status_t mbedtls_transparent_test_driver_hash_setup(
- mbedtls_transparent_test_driver_hash_operation_t *operation,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_transparent_test_driver_hash_clone(
- const mbedtls_transparent_test_driver_hash_operation_t *source_operation,
- mbedtls_transparent_test_driver_hash_operation_t *target_operation );
-
-psa_status_t mbedtls_transparent_test_driver_hash_update(
- mbedtls_transparent_test_driver_hash_operation_t *operation,
- const uint8_t *input,
- size_t input_length );
-
-psa_status_t mbedtls_transparent_test_driver_hash_finish(
- mbedtls_transparent_test_driver_hash_operation_t *operation,
- uint8_t *hash,
- size_t hash_size,
- size_t *hash_length );
-
-psa_status_t mbedtls_transparent_test_driver_hash_abort(
- mbedtls_transparent_test_driver_hash_operation_t *operation );
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_HASH_H */
diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
index 7e0a832..dcf065a 100644
--- a/library/psa_crypto_mac.c
+++ b/library/psa_crypto_mac.c
@@ -30,18 +30,7 @@
#include <mbedtls/error.h>
#include <string.h>
-/* Use builtin defines specific to this compilation unit, since the test driver
- * relies on the software driver. */
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_CMAC) ) )
-#define BUILTIN_ALG_CMAC 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_HMAC) ) )
-#define BUILTIN_ALG_HMAC 1
-#endif
-
-#if defined(BUILTIN_ALG_HMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
static psa_status_t psa_hmac_abort_internal(
mbedtls_psa_hmac_operation_t *hmac )
{
@@ -127,7 +116,7 @@
uint8_t *mac,
size_t mac_size )
{
- uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
+ uint8_t tmp[PSA_HASH_MAX_SIZE];
psa_algorithm_t hash_alg = hmac->alg;
size_t hash_size = 0;
size_t block_size = PSA_HASH_BLOCK_LENGTH( hash_alg );
@@ -160,9 +149,9 @@
mbedtls_platform_zeroize( tmp, hash_size );
return( status );
}
-#endif /* BUILTIN_ALG_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-#if defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer )
@@ -198,11 +187,10 @@
exit:
return( mbedtls_to_psa_error( ret ) );
}
-#endif /* BUILTIN_ALG_CMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
-/* Implement the PSA driver MAC interface on top of mbed TLS if either the
- * software driver or the test driver requires it. */
-#if defined(BUILTIN_ALG_HMAC) || defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
/* Initialize this driver's MAC operation structure. Once this function has been
* called, mbedtls_psa_mac_abort can run and will do the right thing. */
@@ -214,15 +202,15 @@
operation->alg = alg;
-#if defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{
mbedtls_cipher_init( &operation->ctx.cmac );
status = PSA_SUCCESS;
}
else
-#endif /* BUILTIN_ALG_CMAC */
-#if defined(BUILTIN_ALG_HMAC)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) )
{
/* We'll set up the hash operation later in psa_hmac_setup_internal. */
@@ -230,8 +218,9 @@
status = PSA_SUCCESS;
}
else
-#endif /* BUILTIN_ALG_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{
+ (void) operation;
status = PSA_ERROR_NOT_SUPPORTED;
}
@@ -240,7 +229,7 @@
return( status );
}
-static psa_status_t mac_abort( mbedtls_psa_mac_operation_t *operation )
+psa_status_t mbedtls_psa_mac_abort( mbedtls_psa_mac_operation_t *operation )
{
if( operation->alg == 0 )
{
@@ -250,20 +239,20 @@
return( PSA_SUCCESS );
}
else
-#if defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{
mbedtls_cipher_free( &operation->ctx.cmac );
}
else
-#endif /* BUILTIN_ALG_CMAC */
-#if defined(BUILTIN_ALG_HMAC)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) )
{
psa_hmac_abort_internal( &operation->ctx.hmac );
}
else
-#endif /* BUILTIN_ALG_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{
/* Sanity check (shouldn't happen: operation->alg should
* always have been initialized to a valid value). */
@@ -283,11 +272,11 @@
return( PSA_ERROR_BAD_STATE );
}
-static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
+static psa_status_t psa_mac_setup( mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
@@ -299,7 +288,7 @@
if( status != PSA_SUCCESS )
return( status );
-#if defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC )
{
/* Key buffer size for CMAC is dictated by the key bits set on the
@@ -308,8 +297,8 @@
status = cmac_setup( operation, attributes, key_buffer );
}
else
-#endif /* BUILTIN_ALG_CMAC */
-#if defined(BUILTIN_ALG_HMAC)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( alg ) )
{
status = psa_hmac_setup_internal( &operation->ctx.hmac,
@@ -318,7 +307,7 @@
PSA_ALG_HMAC_GET_HASH( alg ) );
}
else
-#endif /* BUILTIN_ALG_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{
(void) attributes;
(void) key_buffer;
@@ -327,12 +316,34 @@
}
if( status != PSA_SUCCESS )
- mac_abort( operation );
+ mbedtls_psa_mac_abort( operation );
return( status );
}
-static psa_status_t mac_update(
+psa_status_t mbedtls_psa_mac_sign_setup(
+ mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( psa_mac_setup( operation, attributes,
+ key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_mac_verify_setup(
+ mbedtls_psa_mac_operation_t *operation,
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg )
+{
+ return( psa_mac_setup( operation, attributes,
+ key_buffer, key_buffer_size, alg ) );
+}
+
+psa_status_t mbedtls_psa_mac_update(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *input,
size_t input_length )
@@ -340,7 +351,7 @@
if( operation->alg == 0 )
return( PSA_ERROR_BAD_STATE );
-#if defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{
return( mbedtls_to_psa_error(
@@ -348,15 +359,15 @@
input, input_length ) ) );
}
else
-#endif /* BUILTIN_ALG_CMAC */
-#if defined(BUILTIN_ALG_HMAC)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) )
{
return( psa_hmac_update_internal( &operation->ctx.hmac,
input, input_length ) );
}
else
-#endif /* BUILTIN_ALG_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{
/* This shouldn't happen if `operation` was initialized by
* a setup function. */
@@ -366,11 +377,11 @@
}
}
-static psa_status_t mac_finish_internal( mbedtls_psa_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size )
+static psa_status_t psa_mac_finish_internal(
+ mbedtls_psa_mac_operation_t *operation,
+ uint8_t *mac, size_t mac_size )
{
-#if defined(BUILTIN_ALG_CMAC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( operation->alg ) == PSA_ALG_CMAC )
{
uint8_t tmp[PSA_BLOCK_CIPHER_BLOCK_MAX_SIZE];
@@ -381,15 +392,15 @@
return( mbedtls_to_psa_error( ret ) );
}
else
-#endif /* BUILTIN_ALG_CMAC */
-#if defined(BUILTIN_ALG_HMAC)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CMAC */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HMAC)
if( PSA_ALG_IS_HMAC( operation->alg ) )
{
return( psa_hmac_finish_internal( &operation->ctx.hmac,
mac, mac_size ) );
}
else
-#endif /* BUILTIN_ALG_HMAC */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
{
/* This shouldn't happen if `operation` was initialized by
* a setup function. */
@@ -400,7 +411,7 @@
}
}
-static psa_status_t mac_sign_finish(
+psa_status_t mbedtls_psa_mac_sign_finish(
mbedtls_psa_mac_operation_t *operation,
uint8_t *mac,
size_t mac_size,
@@ -411,15 +422,14 @@
if( operation->alg == 0 )
return( PSA_ERROR_BAD_STATE );
- status = mac_finish_internal( operation, mac, mac_size );
-
+ status = psa_mac_finish_internal( operation, mac, mac_size );
if( status == PSA_SUCCESS )
*mac_length = mac_size;
return( status );
}
-static psa_status_t mac_verify_finish(
+psa_status_t mbedtls_psa_mac_verify_finish(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *mac,
size_t mac_length )
@@ -434,7 +444,7 @@
if( mac_length > sizeof( actual_mac ) )
return( PSA_ERROR_INVALID_ARGUMENT );
- status = mac_finish_internal( operation, actual_mac, mac_length );
+ status = psa_mac_finish_internal( operation, actual_mac, mac_length );
if( status != PSA_SUCCESS )
goto cleanup;
@@ -447,7 +457,7 @@
return( status );
}
-static psa_status_t mac_compute(
+psa_status_t mbedtls_psa_mac_compute(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
@@ -461,314 +471,29 @@
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT;
- status = mac_setup( &operation,
- attributes, key_buffer, key_buffer_size,
- alg );
+ status = psa_mac_setup( &operation,
+ attributes, key_buffer, key_buffer_size,
+ alg );
if( status != PSA_SUCCESS )
goto exit;
if( input_length > 0 )
{
- status = mac_update( &operation, input, input_length );
+ status = mbedtls_psa_mac_update( &operation, input, input_length );
if( status != PSA_SUCCESS )
goto exit;
}
- status = mac_finish_internal( &operation, mac, mac_size );
+ status = psa_mac_finish_internal( &operation, mac, mac_size );
if( status == PSA_SUCCESS )
*mac_length = mac_size;
exit:
- mac_abort( &operation );
+ mbedtls_psa_mac_abort( &operation );
return( status );
}
-#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */
-
-#if defined(MBEDTLS_PSA_BUILTIN_MAC)
-psa_status_t mbedtls_psa_mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
- input, input_length,
- mac, mac_size, mac_length ) );
-}
-
-psa_status_t mbedtls_psa_mac_sign_setup(
- mbedtls_psa_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- return( mac_setup( operation, attributes,
- key_buffer, key_buffer_size, alg ) );
-}
-
-psa_status_t mbedtls_psa_mac_verify_setup(
- mbedtls_psa_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- return( mac_setup( operation, attributes,
- key_buffer, key_buffer_size, alg ) );
-}
-
-psa_status_t mbedtls_psa_mac_update(
- mbedtls_psa_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length )
-{
- return( mac_update( operation, input, input_length ) );
-}
-
-psa_status_t mbedtls_psa_mac_sign_finish(
- mbedtls_psa_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
-}
-
-psa_status_t mbedtls_psa_mac_verify_finish(
- mbedtls_psa_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length )
-{
- return( mac_verify_finish( operation, mac, mac_length ) );
-}
-
-psa_status_t mbedtls_psa_mac_abort(
- mbedtls_psa_mac_operation_t *operation )
-{
- return( mac_abort( operation ) );
-}
-#endif /* MBEDTLS_PSA_BUILTIN_MAC */
-
- /*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-static int is_mac_accelerated( psa_algorithm_t alg )
-{
-#if defined(MBEDTLS_PSA_ACCEL_ALG_HMAC)
- if( PSA_ALG_IS_HMAC( alg ) )
- return( 1 );
-#endif
-
- switch( PSA_ALG_FULL_LENGTH_MAC( alg ) )
- {
-#if defined(MBEDTLS_PSA_ACCEL_ALG_CMAC)
- case PSA_ALG_CMAC:
- return( 1 );
-#endif
- default:
- return( 0 );
- }
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- if( is_mac_accelerated( alg ) )
- return( mac_compute( attributes, key_buffer, key_buffer_size, alg,
- input, input_length,
- mac, mac_size, mac_length ) );
- else
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_sign_setup(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- if( is_mac_accelerated( alg ) )
- return( mac_setup( operation, attributes,
- key_buffer, key_buffer_size, alg ) );
- else
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_verify_setup(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- if( is_mac_accelerated( alg ) )
- return( mac_setup( operation, attributes,
- key_buffer, key_buffer_size, alg ) );
- else
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_update(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length )
-{
- if( is_mac_accelerated( operation->alg ) )
- return( mac_update( operation, input, input_length ) );
- else
- return( PSA_ERROR_BAD_STATE );
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_sign_finish(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- if( is_mac_accelerated( operation->alg ) )
- return( mac_sign_finish( operation, mac, mac_size, mac_length ) );
- else
- return( PSA_ERROR_BAD_STATE );
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_verify_finish(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length )
-{
- if( is_mac_accelerated( operation->alg ) )
- return( mac_verify_finish( operation, mac, mac_length ) );
- else
- return( PSA_ERROR_BAD_STATE );
-}
-
-psa_status_t mbedtls_transparent_test_driver_mac_abort(
- mbedtls_transparent_test_driver_mac_operation_t *operation )
-{
- return( mac_abort( operation ) );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) attributes;
- (void) key_buffer;
- (void) key_buffer_size;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) mac;
- (void) mac_size;
- (void) mac_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_sign_setup(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) operation;
- (void) attributes;
- (void) key_buffer;
- (void) key_buffer_size;
- (void) alg;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_verify_setup(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) operation;
- (void) attributes;
- (void) key_buffer;
- (void) key_buffer_size;
- (void) alg;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_update(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) operation;
- (void) input;
- (void) input_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_sign_finish(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) operation;
- (void) mac;
- (void) mac_size;
- (void) mac_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_verify_finish(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) operation;
- (void) mac;
- (void) mac_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t mbedtls_opaque_test_driver_mac_abort(
- mbedtls_opaque_test_driver_mac_operation_t *operation )
-{
- /* Opaque driver testing is not implemented yet through this mechanism. */
- (void) operation;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || MBEDTLS_PSA_BUILTIN_ALG_CMAC */
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h
index 9b81e73..a821e74 100644
--- a/library/psa_crypto_mac.h
+++ b/library/psa_crypto_mac.h
@@ -273,100 +273,4 @@
psa_status_t mbedtls_psa_mac_abort(
mbedtls_psa_mac_operation_t *operation );
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-psa_status_t mbedtls_transparent_test_driver_mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length );
-
-psa_status_t mbedtls_transparent_test_driver_mac_sign_setup(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_transparent_test_driver_mac_verify_setup(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_transparent_test_driver_mac_update(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length );
-
-psa_status_t mbedtls_transparent_test_driver_mac_sign_finish(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length );
-
-psa_status_t mbedtls_transparent_test_driver_mac_verify_finish(
- mbedtls_transparent_test_driver_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length );
-
-psa_status_t mbedtls_transparent_test_driver_mac_abort(
- mbedtls_transparent_test_driver_mac_operation_t *operation );
-
-psa_status_t mbedtls_opaque_test_driver_mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length );
-
-psa_status_t mbedtls_opaque_test_driver_mac_sign_setup(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_opaque_test_driver_mac_verify_setup(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg );
-
-psa_status_t mbedtls_opaque_test_driver_mac_update(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const uint8_t *input,
- size_t input_length );
-
-psa_status_t mbedtls_opaque_test_driver_mac_sign_finish(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length );
-
-psa_status_t mbedtls_opaque_test_driver_mac_verify_finish(
- mbedtls_opaque_test_driver_mac_operation_t *operation,
- const uint8_t *mac,
- size_t mac_length );
-
-psa_status_t mbedtls_opaque_test_driver_mac_abort(
- mbedtls_opaque_test_driver_mac_operation_t *operation );
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_MAC_H */
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index 8318ef4..df524e1 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -41,38 +41,12 @@
#include <mbedtls/pk.h>
#include "pk_wrap.h"
-#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ) )
-#define BUILTIN_KEY_TYPE_RSA_KEY_PAIR 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) ) )
-#define BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V15) ) )
-#define BUILTIN_ALG_RSA_PKCS1V15_SIGN 1
-#endif
-
-#if ( defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && \
- defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) && \
- defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) ) )
-#define BUILTIN_ALG_RSA_PSS 1
-#endif
-
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) || \
- defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(BUILTIN_ALG_RSA_PSS) || \
- defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
/* Mbed TLS doesn't support non-byte-aligned key sizes (i.e. key sizes
* that are not a multiple of 8) well. For example, there is only
@@ -148,15 +122,15 @@
}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP) ||
- * defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(BUILTIN_ALG_RSA_PSS) ||
- * defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
- * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
+ * defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-static psa_status_t rsa_import_key(
+psa_status_t mbedtls_psa_rsa_import_key(
const psa_key_attributes_t *attributes,
const uint8_t *data, size_t data_length,
uint8_t *key_buffer, size_t key_buffer_size,
@@ -248,7 +222,7 @@
#endif /* MBEDTLS_PK_WRITE_C */
}
-static psa_status_t rsa_export_public_key(
+psa_status_t mbedtls_psa_rsa_export_public_key(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
uint8_t *data, size_t data_size, size_t *data_length )
@@ -272,10 +246,10 @@
return( status );
}
-#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
- * defined(BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
+ * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-#if defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
+#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
defined(MBEDTLS_GENPRIME)
static psa_status_t psa_rsa_read_exponent( const uint8_t *domain_parameters,
size_t domain_parameters_size,
@@ -303,7 +277,7 @@
return( PSA_SUCCESS );
}
-static psa_status_t rsa_generate_key(
+psa_status_t mbedtls_psa_rsa_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
{
@@ -334,14 +308,15 @@
return( status );
}
-#endif /* defined(BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
* defined(MBEDTLS_GENPRIME) */
/****************************************************************/
/* Sign/verify hashes */
/****************************************************************/
-#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) || defined(BUILTIN_ALG_RSA_PSS)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
/* Decode the hash algorithm from alg and store the mbedtls encoding in
* md_alg. Verify that the hash length is acceptable. */
@@ -373,7 +348,7 @@
return( PSA_SUCCESS );
}
-static psa_status_t rsa_sign_hash(
+psa_status_t mbedtls_psa_rsa_sign_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@@ -401,7 +376,7 @@
goto exit;
}
-#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
{
ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
@@ -418,8 +393,8 @@
}
}
else
-#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-#if defined(BUILTIN_ALG_RSA_PSS)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
if( PSA_ALG_IS_RSA_PSS( alg ) )
{
ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
@@ -436,7 +411,7 @@
}
}
else
-#endif /* BUILTIN_ALG_RSA_PSS */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
@@ -453,7 +428,7 @@
return( status );
}
-#if defined(BUILTIN_ALG_RSA_PSS)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
static int rsa_pss_expected_salt_len( psa_algorithm_t alg,
const mbedtls_rsa_context *rsa,
size_t hash_length )
@@ -472,9 +447,9 @@
else
return( room );
}
-#endif
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
-static psa_status_t rsa_verify_hash(
+psa_status_t mbedtls_psa_rsa_verify_hash(
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
@@ -502,7 +477,7 @@
goto exit;
}
-#if defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN)
if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) )
{
ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V15,
@@ -517,8 +492,8 @@
}
}
else
-#endif /* BUILTIN_ALG_RSA_PKCS1V15_SIGN */
-#if defined(BUILTIN_ALG_RSA_PSS)
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
if( PSA_ALG_IS_RSA_PSS( alg ) )
{
ret = mbedtls_rsa_set_padding( rsa, MBEDTLS_RSA_PKCS_V21, md_alg );
@@ -535,7 +510,7 @@
}
}
else
-#endif /* BUILTIN_ALG_RSA_PSS */
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS */
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
@@ -555,176 +530,7 @@
return( status );
}
-#endif /* defined(BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(BUILTIN_ALG_RSA_PSS) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
-
-psa_status_t mbedtls_psa_rsa_import_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length,
- uint8_t *key_buffer, size_t key_buffer_size,
- size_t *key_buffer_length, size_t *bits )
-{
- return( rsa_import_key( attributes, data, data_length,
- key_buffer, key_buffer_size,
- key_buffer_length, bits ) );
-}
-
-psa_status_t mbedtls_psa_rsa_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
- data, data_size, data_length ) );
-}
-
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) ||
- * defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) && \
- defined(MBEDTLS_GENPRIME)
-psa_status_t mbedtls_psa_rsa_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
-{
- return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
- key_buffer_length ) );
-}
-#endif /* defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
- * defined(MBEDTLS_GENPRIME) */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
-psa_status_t mbedtls_psa_rsa_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
- return( rsa_sign_hash(
- attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_size, signature_length ) );
-}
-
-psa_status_t mbedtls_psa_rsa_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length )
-{
- return( rsa_verify_hash(
- attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_length ) );
-}
#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) ||
* defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) */
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
-
-psa_status_t mbedtls_test_driver_rsa_import_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length,
- uint8_t *key_buffer, size_t key_buffer_size,
- size_t *key_buffer_length, size_t *bits )
-{
- return( rsa_import_key( attributes, data, data_length,
- key_buffer, key_buffer_size,
- key_buffer_length, bits ) );
-}
-
-psa_status_t mbedtls_test_driver_rsa_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- uint8_t *data, size_t data_size, size_t *data_length )
-{
- return( rsa_export_public_key( attributes, key_buffer, key_buffer_size,
- data, data_size, data_length ) );
-}
-
-#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) ||
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) */
-
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
-psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length )
-{
- return( rsa_generate_key( attributes, key_buffer, key_buffer_size,
- key_buffer_length ) );
-}
-#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
-
-#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
-psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length )
-{
-#if defined(MBEDTLS_RSA_C) && \
- (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
- return( rsa_sign_hash(
- attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_size, signature_length ) );
-#else
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_size;
- (void)signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-}
-
-psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length )
-{
-#if defined(MBEDTLS_RSA_C) && \
- (defined(MBEDTLS_PKCS1_V15) || defined(MBEDTLS_PKCS1_V21))
- return( rsa_verify_hash(
- attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_length ) );
-#else
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-#endif
-}
-#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* MBEDTLS_PSA_CRYPTO_C */
diff --git a/library/psa_crypto_rsa.h b/library/psa_crypto_rsa.h
index 5540684..bea762c 100644
--- a/library/psa_crypto_rsa.h
+++ b/library/psa_crypto_rsa.h
@@ -211,40 +211,4 @@
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
const uint8_t *signature, size_t signature_length );
-
-/*
- * BEYOND THIS POINT, TEST DRIVER ENTRY POINTS ONLY.
- */
-
-#if defined(PSA_CRYPTO_DRIVER_TEST)
-
-psa_status_t mbedtls_test_driver_rsa_import_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length,
- uint8_t *key_buffer, size_t key_buffer_size,
- size_t *key_buffer_length, size_t *bits );
-
-psa_status_t mbedtls_test_driver_rsa_export_public_key(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- uint8_t *data, size_t data_size, size_t *data_length );
-
-psa_status_t mbedtls_transparent_test_driver_rsa_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key, size_t key_size, size_t *key_length );
-
-psa_status_t mbedtls_transparent_test_driver_rsa_sign_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size, size_t *signature_length );
-
-psa_status_t mbedtls_transparent_test_driver_rsa_verify_hash(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length );
-
-#endif /* PSA_CRYPTO_DRIVER_TEST */
-
#endif /* PSA_CRYPTO_RSA_H */
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 68d3033..32d4969 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -37,6 +37,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "mbedtls/psa_util.h"
+#include "psa/crypto.h"
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include <string.h>
@@ -3082,7 +3083,11 @@
if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
{
size_t sig_len, hashlen;
- unsigned char hash[64];
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+#else
+ unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+#endif
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
unsigned char *params = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index a94c79f..296b628 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -525,6 +525,59 @@
*/
struct mbedtls_ssl_handshake_params
{
+ /* Frequently-used boolean or byte fields (placed early to take
+ * advantage of smaller code size for indirect access on Arm Thumb) */
+ uint8_t max_major_ver; /*!< max. major version client*/
+ uint8_t max_minor_ver; /*!< max. minor version client*/
+ uint8_t resume; /*!< session resume indicator*/
+ uint8_t cli_exts; /*!< client extension presence*/
+
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ uint8_t sni_authmode; /*!< authmode from SNI callback */
+#endif
+
+#if defined(MBEDTLS_SSL_SESSION_TICKETS)
+ uint8_t new_session_ticket; /*!< use NewSessionTicket? */
+#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+
+#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
+ uint8_t extended_ms; /*!< use Extended Master Secret? */
+#endif
+
+#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
+ uint8_t async_in_progress; /*!< an asynchronous operation is in progress */
+#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ unsigned char retransmit_state; /*!< Retransmission state */
+#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+ unsigned char group_list_heap_allocated;
+#endif
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+ uint8_t ecrs_enabled; /*!< Handshake supports EC restart? */
+ enum { /* this complements ssl->state with info on intra-state operations */
+ ssl_ecrs_none = 0, /*!< nothing going on (yet) */
+ ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */
+ ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */
+ ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */
+ ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */
+ } ecrs_state; /*!< current (or last) operation */
+ mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */
+ size_t ecrs_n; /*!< place for saving a length */
+#endif
+
+ size_t pmslen; /*!< premaster length */
+
+ mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
+
+ void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
+ void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
+ void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
+ mbedtls_ssl_tls_prf_cb *tls_prf;
+
/*
* Handshake specific crypto variables
*/
@@ -532,18 +585,19 @@
int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-#if !defined(MBEDTLS_DEPRECATED_REMOVED)
- const uint16_t *group_list;
- unsigned char group_list_heap_allocated;
-#endif
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
mbedtls_ssl_sig_hash_set_t hash_algs; /*!< Set of suitable sig-hash pairs */
#endif
+
+#if !defined(MBEDTLS_DEPRECATED_REMOVED)
+ const uint16_t *group_list;
+#endif
+
#if defined(MBEDTLS_DHM_C)
mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */
#endif
+
/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
* to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
* in functionality that access to ecdh_ctx structure is needed for
@@ -568,10 +622,12 @@
size_t ecjpake_cache_len; /*!< Length of cached data */
#endif
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
const mbedtls_ecp_curve_info **curves; /*!< Supported elliptic curves */
#endif
+
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_key_id_t psk_opaque; /*!< Opaque PSK from the callback */
@@ -579,64 +635,24 @@
unsigned char *psk; /*!< PSK from the callback */
size_t psk_len; /*!< Length of PSK from callback */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+
+#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
+ mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */
+#endif
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_ssl_key_cert *key_cert; /*!< chosen key/cert pair (server) */
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
- int sni_authmode; /*!< authmode from SNI callback */
mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI */
mbedtls_x509_crt *sni_ca_chain; /*!< trusted CAs from SNI callback */
mbedtls_x509_crl *sni_ca_crl; /*!< trusted CAs CRLs from SNI */
#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
-#if defined(MBEDTLS_SSL_ECP_RESTARTABLE_ENABLED)
- int ecrs_enabled; /*!< Handshake supports EC restart? */
- mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */
- enum { /* this complements ssl->state with info on intra-state operations */
- ssl_ecrs_none = 0, /*!< nothing going on (yet) */
- ssl_ecrs_crt_verify, /*!< Certificate: crt_verify() */
- ssl_ecrs_ske_start_processing, /*!< ServerKeyExchange: pk_verify() */
- ssl_ecrs_cke_ecdh_calc_secret, /*!< ClientKeyExchange: ECDH step 2 */
- ssl_ecrs_crt_vrfy_sign, /*!< CertificateVerify: pk_sign() */
- } ecrs_state; /*!< current (or last) operation */
- mbedtls_x509_crt *ecrs_peer_cert; /*!< The peer's CRT chain. */
- size_t ecrs_n; /*!< place for saving a length */
-#endif
-#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
!defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_pk_context peer_pubkey; /*!< The public key from the peer. */
#endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-#if defined(MBEDTLS_SSL_PROTO_DTLS)
- unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */
- unsigned int in_msg_seq; /*!< Incoming handshake sequence number */
-
- unsigned char *verify_cookie; /*!< Cli: HelloVerifyRequest cookie
- Srv: unused */
- unsigned char verify_cookie_len; /*!< Cli: cookie length
- Srv: flag for sending a cookie */
-
- uint32_t retransmit_timeout; /*!< Current value of timeout */
- unsigned char retransmit_state; /*!< Retransmission state */
- mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */
- mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */
- unsigned char *cur_msg_p; /*!< Position in current message */
- unsigned int in_flight_start_seq; /*!< Minimum message sequence in the
- flight being received */
- mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for
- resending messages */
- unsigned char alt_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]; /*!< Alternative record epoch/counter
- for resending messages */
-
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
- /* The state of CID configuration in this handshake. */
-
- uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
- * has been negotiated. Possible values are
- * #MBEDTLS_SSL_CID_ENABLED and
- * #MBEDTLS_SSL_CID_DISABLED. */
- unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
- uint8_t peer_cid_len; /*!< The length of
- * \c peer_cid. */
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
struct
{
@@ -664,6 +680,38 @@
} buffering;
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+ unsigned int out_msg_seq; /*!< Outgoing handshake sequence number */
+ unsigned int in_msg_seq; /*!< Incoming handshake sequence number */
+
+ unsigned char *verify_cookie; /*!< Cli: HelloVerifyRequest cookie
+ Srv: unused */
+ unsigned char verify_cookie_len; /*!< Cli: cookie length
+ Srv: flag for sending a cookie */
+
+ uint32_t retransmit_timeout; /*!< Current value of timeout */
+ mbedtls_ssl_flight_item *flight; /*!< Current outgoing flight */
+ mbedtls_ssl_flight_item *cur_msg; /*!< Current message in flight */
+ unsigned char *cur_msg_p; /*!< Position in current message */
+ unsigned int in_flight_start_seq; /*!< Minimum message sequence in the
+ flight being received */
+ mbedtls_ssl_transform *alt_transform_out; /*!< Alternative transform for
+ resending messages */
+ unsigned char alt_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN]; /*!< Alternative record epoch/counter
+ for resending messages */
+
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+ /* The state of CID configuration in this handshake. */
+
+ uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
+ * has been negotiated. Possible values are
+ * #MBEDTLS_SSL_CID_ENABLED and
+ * #MBEDTLS_SSL_CID_DISABLED. */
+ unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
+ uint8_t peer_cid_len; /*!< The length of
+ * \c peer_cid. */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
uint16_t mtu; /*!< Handshake mtu, used to fragment outgoing messages */
#endif /* MBEDTLS_SSL_PROTO_DTLS */
@@ -694,11 +742,6 @@
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
- void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
- void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
- void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
- mbedtls_ssl_tls_prf_cb *tls_prf;
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
uint16_t offered_group_id; /* The NamedGroup value for the group
* that is being used for ephemeral
@@ -741,20 +784,12 @@
/* End of state-local variables. */
- mbedtls_ssl_ciphersuite_t const *ciphersuite_info;
-
- size_t pmslen; /*!< premaster length */
-
unsigned char randbytes[MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
MBEDTLS_SERVER_HELLO_RANDOM_LEN];
/*!< random bytes */
unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
/*!< premaster secret */
- int resume; /*!< session resume indicator*/
- int max_major_ver; /*!< max. major version client*/
- int max_minor_ver; /*!< max. minor version client*/
- int cli_exts; /*!< client extension presence*/
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
int extensions_present; /*!< extension presence; Each bitfield
represents an extension and defined
@@ -770,17 +805,6 @@
mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
-#if defined(MBEDTLS_SSL_SESSION_TICKETS)
- int new_session_ticket; /*!< use NewSessionTicket? */
-#endif /* MBEDTLS_SSL_SESSION_TICKETS */
-#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
- int extended_ms; /*!< use Extended Master Secret? */
-#endif
-
-#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
- unsigned int async_in_progress : 1; /*!< an asynchronous operation is in progress */
-#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
-
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
/** Asynchronous operation context. This field is meant for use by the
* asynchronous operation callbacks (mbedtls_ssl_config::f_async_sign_start,
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 5e2d152..f34f2de 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -3098,7 +3098,11 @@
{
size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
size_t hashlen = 0;
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ unsigned char hash[PSA_HASH_MAX_SIZE];
+#else
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
+#endif
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
/*
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4bc23a6..046caec 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -184,6 +184,10 @@
mbedtls_ssl_session_free( dst );
memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+ dst->ticket = NULL;
+#endif
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
@@ -6967,7 +6971,7 @@
goto exit;
}
- if( ( status = psa_hash_finish( &hash_operation, hash, MBEDTLS_MD_MAX_SIZE,
+ if( ( status = psa_hash_finish( &hash_operation, hash, PSA_HASH_MAX_SIZE,
hashlen ) ) != PSA_SUCCESS )
{
MBEDTLS_SSL_DEBUG_RET( 1, "psa_hash_finish", status );
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index b77fc7b..45fb5ed 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -296,7 +296,7 @@
int ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR;
size_t hlen, ilen;
unsigned char tmp_secret[ MBEDTLS_MD_MAX_SIZE ] = { 0 };
- unsigned char tmp_input [ MBEDTLS_MD_MAX_SIZE ] = { 0 };
+ unsigned char tmp_input [ MBEDTLS_ECP_MAX_BYTES ] = { 0 };
const mbedtls_md_info_t *md_info;
md_info = mbedtls_md_info_from_type( hash_alg );
diff --git a/programs/fuzz/common.c b/programs/fuzz/common.c
index ac39ee2..e12ee3b 100644
--- a/programs/fuzz/common.c
+++ b/programs/fuzz/common.c
@@ -1,4 +1,5 @@
#include "common.h"
+#include <limits.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index 5ad9120..62c3cc5 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -20,6 +20,7 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/build_info.h"
+#include "mbedtls/debug.h"
#include <stdio.h>
#include <stdlib.h>
@@ -161,6 +162,7 @@
}
}
+MBEDTLS_PRINTF_ATTRIBUTE( 1, 2 )
void printf_err( const char *str, ... )
{
va_list args;
@@ -219,7 +221,13 @@
error_exit();
}
- if( ( b64_file = fopen( argv[i], "r" ) ) == NULL )
+ if( NULL != b64_file )
+ {
+ printf_err( "Cannot specify more than one file with -f\n" );
+ error_exit( );
+ }
+
+ if( ( b64_file = fopen( argv[i], "r" )) == NULL )
{
printf_err( "Cannot find file \"%s\"\n", argv[i] );
error_exit();
@@ -461,7 +469,8 @@
}
else if( len > *max_len )
{
- printf_err( "The code found is too large by %u bytes.\n", len - *max_len );
+ printf_err( "The code found is too large by %" MBEDTLS_PRINTF_SIZET " bytes.\n",
+ len - *max_len );
len = pad = 0;
}
else if( len % 4 != 0 )
diff --git a/tests/.gitignore b/tests/.gitignore
index fa901cb..15fce68 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -18,3 +18,5 @@
src/*.o
src/drivers/*.o
src/libmbed*
+
+libtestdriver1/*
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 41dceed..8bb6250 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -255,4 +255,5 @@
link_to_source(data_files)
link_to_source(scripts)
link_to_source(ssl-opt.sh)
+ link_to_source(opt-testcases)
endif()
diff --git a/tests/Makefile b/tests/Makefile
index 77a3172..94a834e 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -176,6 +176,7 @@
rm -rf $(BINARIES) *.c *.datax
rm -f src/*.o src/drivers/*.o src/libmbed*
rm -f include/test/instrument_record_status.h
+ rm -rf libtestdriver1
else
if exist *.c del /Q /F *.c
if exist *.exe del /Q /F *.exe
@@ -199,6 +200,51 @@
test: check
+# Generate test library
+
+# Perl code that is executed to transform each original line from a library
+# source file into the corresponding line in the test driver copy of the
+# library. Add a LIBTESTDRIVER1_/libtestdriver1_ to mbedtls_xxx and psa_xxx
+# symbols.
+define libtestdriver1_rewrite :=
+ s!^(\s*#\s*include\s*[\"<])(mbedtls|psa)/!$${1}libtestdriver1/include/$${2}/!; \
+ next if /^\s*#\s*include/; \
+ s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \
+ s/\b(?=mbedtls_|psa_)/libtestdriver1_/g;
+endef
+
+libtestdriver1.a:
+ # Copy the library and fake a 3rdparty Makefile include.
+ rm -Rf ./libtestdriver1
+ mkdir ./libtestdriver1
+ cp -Rf ../library ./libtestdriver1
+ cp -Rf ../include ./libtestdriver1
+ cp -Rf ../scripts ./libtestdriver1
+ mkdir ./libtestdriver1/3rdparty
+ touch ./libtestdriver1/3rdparty/Makefile.inc
+
+ # Set the test driver base (minimal) configuration.
+ cp ./include/test/drivers/config_test_driver.h ./libtestdriver1/include/mbedtls/mbedtls_config.h
+
+ # Set the PSA cryptography configuration for the test library.
+ # It is set from the copied include/psa/crypto_config.h of the Mbed TLS
+ # library the test library is intended to be linked with extended by
+ # ./include/test/drivers/crypto_config_test_driver_extension.h to
+ # mirror the PSA_ACCEL_* macros.
+ mv ./libtestdriver1/include/psa/crypto_config.h ./libtestdriver1/include/psa/crypto_config.h.bak
+ head -n -1 ./libtestdriver1/include/psa/crypto_config.h.bak > ./libtestdriver1/include/psa/crypto_config.h
+ cat ./include/test/drivers/crypto_config_test_driver_extension.h >> ./libtestdriver1/include/psa/crypto_config.h
+ echo "#endif /* PSA_CRYPTO_CONFIG_H */" >> ./libtestdriver1/include/psa/crypto_config.h
+
+ # Prefix MBEDTLS_* PSA_* symbols with LIBTESTDRIVER1_ as well as
+ # mbedtls_* psa_* symbols with libtestdriver1_ to avoid symbol clash
+ # when this test driver library is linked with the Mbed TLS library.
+ perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/library/*.[ch]
+ perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/include/*/*.h
+
+ $(MAKE) -C ./libtestdriver1/library CFLAGS="-I../../ $(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a
+ cp ./libtestdriver1/library/libmbedcrypto.a ../library/libtestdriver1.a
+
ifdef RECORD_PSA_STATUS_COVERAGE_LOG
include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile
echo " Gen $@"
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index e86706c..0af27fe 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -1087,6 +1087,44 @@
$(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD5 version=3 output_file=$@
all_final += cert_md5.crt
+# TLSv1.3 test certificates
+ecdsa_secp256r1.key: ec_256_prv.pem
+ ln -s $< $@
+
+ecdsa_secp256r1.csr: ecdsa_secp256r1.key
+ $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+ -key $< -out $@
+all_intermediate += ecdsa_secp256r1.csr
+ecdsa_secp256r1.crt: ecdsa_secp256r1.csr
+ $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
+ -set_serial 77 -days 3653 -sha384 -in $< -out $@
+all_final += ecdsa_secp256r1.crt ecdsa_secp256r1.key
+tls13_certs: ecdsa_secp256r1.crt ecdsa_secp256r1.key
+
+ecdsa_secp384r1.key: ec_384_prv.pem
+ ln -s $< $@
+ecdsa_secp384r1.csr: ecdsa_secp384r1.key
+ $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+ -key $< -out $@
+all_intermediate += ecdsa_secp384r1.csr
+ecdsa_secp384r1.crt: ecdsa_secp384r1.csr
+ $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
+ -set_serial 77 -days 3653 -sha384 -in $< -out $@
+all_final += ecdsa_secp384r1.crt ecdsa_secp384r1.key
+tls13_certs: ecdsa_secp384r1.crt ecdsa_secp384r1.key
+
+ecdsa_secp521r1.key: ec_521_prv.pem
+ ln -s $< $@
+ecdsa_secp521r1.csr: ecdsa_secp521r1.key
+ $(OPENSSL) req -new -subj "/C=NL/O=PolarSSL/CN=localhost" \
+ -key $< -out $@
+all_intermediate += ecdsa_secp521r1.csr
+ecdsa_secp521r1.crt: ecdsa_secp521r1.csr
+ $(OPENSSL) x509 -req -CA $(test_ca_crt_file_ec) -CAkey $(test_ca_key_file_ec) \
+ -set_serial 77 -days 3653 -sha384 -in $< -out $@
+all_final += ecdsa_secp521r1.crt ecdsa_secp521r1.key
+tls13_certs: ecdsa_secp521r1.crt ecdsa_secp521r1.key
+
################################################################
#### Diffie-Hellman parameters
################################################################
diff --git a/tests/data_files/ecdsa_secp256r1.crt b/tests/data_files/ecdsa_secp256r1.crt
new file mode 100644
index 0000000..634d24c
--- /dev/null
+++ b/tests/data_files/ecdsa_secp256r1.crt
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBejCCAQACAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
+CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEz
+MDAzMDgwMVoXDTMxMTIwMTAzMDgwMVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
+CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwWTATBgcqhkjOPQIBBggqhkjO
+PQMBBwNCAAR3cmVvgUs5knnV4fF4H6xvCZo8XKGw41NRg0sItl4LVyWQza+PdpNh
+vPNKz8EeXgdOhCa93gS+bmU5RUSWF95FMAoGCCqGSM49BAMDA2gAMGUCMA06tTwD
+M1t8Chka41h1JKu4d0RsGk0MoinT9MxTAE/61ScZh5lKspOKrcavJ0maUQIxAIuj
+rarmd8+OyftTRp6Wpwwfpskdb7nm44YX6eZu/Odjfq/RAdhIcn4P9QXtOgVrbw==
+-----END CERTIFICATE-----
diff --git a/tests/data_files/ecdsa_secp256r1.key b/tests/data_files/ecdsa_secp256r1.key
new file mode 120000
index 0000000..fc01ea3
--- /dev/null
+++ b/tests/data_files/ecdsa_secp256r1.key
@@ -0,0 +1 @@
+ec_256_prv.pem
\ No newline at end of file
diff --git a/tests/data_files/ecdsa_secp384r1.crt b/tests/data_files/ecdsa_secp384r1.crt
new file mode 100644
index 0000000..ff986a7
--- /dev/null
+++ b/tests/data_files/ecdsa_secp384r1.crt
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBlzCCAR0CAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
+CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEz
+MDAzMDgwMVoXDTMxMTIwMTAzMDgwMVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
+CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAATZxmK1C6KcpHmQRQ4EOur08MabFWdtES9iKnHJMFmvmZaRxWgNK0TREVed
+sS9KQTou1cRfz7Z7W2PgC5Hr5Z0JprGsLAxCgqoSMX7VkU+Zm8SIuxMug0LMNvLK
+XjN5x0cwCgYIKoZIzj0EAwMDaAAwZQIwNypsq0ahwMM7aFSS+RSTloH1D1+gIztz
+Yq54Reth6gdh1IO5R5aNZi/YP3uVcI1mAjEAisjjz7vCeKwor+HCq9cBc2rzIlkY
+5O6q4SCSgkqiCTnyFIqCassED9NPqho3KYM1
+-----END CERTIFICATE-----
diff --git a/tests/data_files/ecdsa_secp384r1.key b/tests/data_files/ecdsa_secp384r1.key
new file mode 120000
index 0000000..ff72d53
--- /dev/null
+++ b/tests/data_files/ecdsa_secp384r1.key
@@ -0,0 +1 @@
+ec_384_prv.pem
\ No newline at end of file
diff --git a/tests/data_files/ecdsa_secp521r1.crt b/tests/data_files/ecdsa_secp521r1.crt
new file mode 100644
index 0000000..a08850c
--- /dev/null
+++ b/tests/data_files/ecdsa_secp521r1.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBvjCCAUMCAU0wCgYIKoZIzj0EAwMwPjELMAkGA1UEBhMCTkwxETAPBgNVBAoM
+CFBvbGFyU1NMMRwwGgYDVQQDDBNQb2xhcnNzbCBUZXN0IEVDIENBMB4XDTIxMTEz
+MDAzMDgwMVoXDTMxMTIwMTAzMDgwMVowNDELMAkGA1UEBhMCTkwxETAPBgNVBAoM
+CFBvbGFyU1NMMRIwEAYDVQQDDAlsb2NhbGhvc3QwgZswEAYHKoZIzj0CAQYFK4EE
+ACMDgYYABAAd4ULVT2nrA47kt6+dPKB3Nv2c9xnrNU1ph57n88E2+w+/nwj4a+X6
+Eo7BoFHT5sZD6Fraj/rPNmPCYL0shEtvVgDO6OSKnmXQnK3YnyNd7gXzuKZGvnFf
+H2fVtDTg/yOh/Afvd0AZPkDu/287zf12WqkVUDNST+TyBfVETiksTC9qwTAKBggq
+hkjOPQQDAwNpADBmAjEAlC7039gDSgm9Ba8cCnZLWucXbtCbhRGSvVcoElYke/pu
+iwHkD1rVlnUmW3UKG587AjEAkIngapC9Hyc6MePmyafLYoLmbhDJMdR2DM4o+x8e
+2ZXUu7uLPTdWBDxmu6plRNis
+-----END CERTIFICATE-----
diff --git a/tests/data_files/ecdsa_secp521r1.key b/tests/data_files/ecdsa_secp521r1.key
new file mode 120000
index 0000000..b047f03
--- /dev/null
+++ b/tests/data_files/ecdsa_secp521r1.key
@@ -0,0 +1 @@
+ec_521_prv.pem
\ No newline at end of file
diff --git a/tests/include/test/drivers/aead.h b/tests/include/test/drivers/aead.h
index 2421560..33e1f50 100644
--- a/tests/include/test/drivers/aead.h
+++ b/tests/include/test/drivers/aead.h
@@ -75,34 +75,34 @@
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
psa_status_t mbedtls_test_transparent_aead_encrypt_setup(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg );
psa_status_t mbedtls_test_transparent_aead_decrypt_setup(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg );
psa_status_t mbedtls_test_transparent_aead_set_nonce(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
const uint8_t *nonce,
size_t nonce_length );
psa_status_t mbedtls_test_transparent_aead_set_lengths(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
size_t ad_length,
size_t plaintext_length );
psa_status_t mbedtls_test_transparent_aead_update_ad(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
const uint8_t *input,
size_t input_length );
psa_status_t mbedtls_test_transparent_aead_update(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@@ -110,7 +110,7 @@
size_t *output_length );
psa_status_t mbedtls_test_transparent_aead_finish(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
uint8_t *ciphertext,
size_t ciphertext_size,
size_t *ciphertext_length,
@@ -119,7 +119,7 @@
size_t *tag_length );
psa_status_t mbedtls_test_transparent_aead_verify(
- mbedtls_psa_aead_operation_t *operation,
+ mbedtls_transparent_test_driver_aead_operation_t *operation,
uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length,
@@ -127,7 +127,7 @@
size_t tag_length );
psa_status_t mbedtls_test_transparent_aead_abort(
- mbedtls_psa_aead_operation_t *operation );
+ mbedtls_transparent_test_driver_aead_operation_t *operation );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_AEAD_H */
diff --git a/tests/include/test/drivers/config_test_driver.h b/tests/include/test/drivers/config_test_driver.h
new file mode 100644
index 0000000..b9ba5fb
--- /dev/null
+++ b/tests/include/test/drivers/config_test_driver.h
@@ -0,0 +1,57 @@
+/*
+ * Mbed TLS configuration for PSA test driver libraries. It includes:
+ * . the minimum set of modules needed by the PSA core.
+ * . the Mbed TLS configuration options that may need to be additionally
+ * enabled for the purpose of a specific test.
+ * . the PSA configuration file for the Mbed TLS library and its test drivers.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+#define MBEDTLS_PSA_CRYPTO_C
+#define MBEDTLS_PSA_CRYPTO_CONFIG
+
+/* PSA core mandatory configuration options */
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_AES_C
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ENTROPY_C
+
+/*
+ * Configuration options that may need to be additionally enabled for the
+ * purpose of a specific set of tests.
+ */
+//#define MBEDTLS_SHA1_C
+//#define MBEDTLS_SHA384_C
+//#define MBEDTLS_SHA512_C
+//#define MBEDTLS_PEM_PARSE_C
+//#define MBEDTLS_BASE64_C
+
+#include "mbedtls/config_psa.h"
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h
new file mode 100644
index 0000000..927009a
--- /dev/null
+++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h
@@ -0,0 +1,222 @@
+/**
+ * This file is intended to be used to build PSA test driver libraries. It is
+ * intended to be appended by the test build system to the crypto_config.h file
+ * of the Mbed TLS library the test library will be linked to. It mirrors the
+ * PSA_ACCEL_* macros defining the cryptographic operations the test library
+ * supports.
+ */
+
+#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_NO_PADDING 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CBC_PKCS7)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7)
+#undef MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_PKCS7 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CFB)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CFB)
+#undef MBEDTLS_PSA_ACCEL_ALG_CFB
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CFB 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_CTR)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CTR)
+#undef MBEDTLS_PSA_ACCEL_ALG_CTR
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CTR 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+#undef MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_ECDSA)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#undef MBEDTLS_PSA_ACCEL_ALG_ECDSA
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_ECDSA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_MD5)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
+#undef MBEDTLS_PSA_ACCEL_ALG_MD5
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_MD5 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_OFB)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_OFB)
+#undef MBEDTLS_PSA_ACCEL_ALG_OFB
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_OFB 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RIPEMD160)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RIPEMD160)
+#undef MBEDTLS_PSA_ACCEL_ALG_RIPEMD160
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RIPEMD160 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PKCS1V15_SIGN)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_RSA_PSS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
+#undef MBEDTLS_PSA_ACCEL_ALG_RSA_PSS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PSS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_1)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_1)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_1
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_1 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_224)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_224)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_224
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_224 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_256)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_256)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_256
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_256 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_384)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_384)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_384
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_384 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_SHA_512)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_SHA_512)
+#undef MBEDTLS_PSA_ACCEL_ALG_SHA_512
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_SHA_512 1
+#endif
+#endif
+
+#if defined(PSA_WANT_ALG_XTS)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_XTS)
+#undef MBEDTLS_PSA_ACCEL_ALG_XTS
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_XTS 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_AES)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_AES 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ARIA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ARIA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR 1
+#endif
+#endif
+
+#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR 1
+#endif
+#endif
+
+#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
+#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
+#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
+#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
+#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1
+#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1
+#define MBEDTLS_PSA_ACCEL_ALG_GCM 1
+#define MBEDTLS_PSA_ACCEL_ALG_HKDF 1
+#define MBEDTLS_PSA_ACCEL_ALG_HMAC 1
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_OAEP 1
+#define MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_CRYPT 1
+#define MBEDTLS_PSA_ACCEL_ALG_STREAM_CIPHER 1
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PRF 1
+#define MBEDTLS_PSA_ACCEL_ALG_TLS12_PSK_TO_MS 1
+
+#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256 1
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384 1
+#define MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512 1
+#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255 1
+#define MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384 1
+#define MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521 1
+#endif
+
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY 1
diff --git a/tests/include/test/drivers/hash.h b/tests/include/test/drivers/hash.h
index d202c8b..b05fcd7 100644
--- a/tests/include/test/drivers/hash.h
+++ b/tests/include/test/drivers/hash.h
@@ -70,7 +70,7 @@
size_t *hash_length );
psa_status_t mbedtls_test_transparent_hash_abort(
- mbedtls_psa_hash_operation_t *operation );
+ mbedtls_transparent_test_driver_hash_operation_t *operation );
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_HASH_H */
diff --git a/tests/include/test/drivers/key_management.h b/tests/include/test/drivers/key_management.h
index d147568..ba1e04a 100644
--- a/tests/include/test/drivers/key_management.h
+++ b/tests/include/test/drivers/key_management.h
@@ -66,6 +66,11 @@
extern mbedtls_test_driver_key_management_hooks_t
mbedtls_test_driver_key_management_hooks;
+psa_status_t mbedtls_test_transparent_init( void );
+void mbedtls_test_transparent_free( void );
+psa_status_t mbedtls_test_opaque_init( void );
+void mbedtls_test_opaque_free( void );
+
psa_status_t mbedtls_test_transparent_generate_key(
const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length );
@@ -120,6 +125,5 @@
size_t target_key_buffer_size,
size_t *target_key_buffer_length);
-
#endif /* PSA_CRYPTO_DRIVER_TEST */
#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */
diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h
index aa0aeb5..18333a9 100644
--- a/tests/include/test/psa_exercise_key.h
+++ b/tests/include/test/psa_exercise_key.h
@@ -52,6 +52,30 @@
#undef KNOWN_SUPPORTED_HASH_ALG
#endif
+/** \def KNOWN_MBEDTLS_SUPPORTED_HASH_ALG
+ *
+ * A hash algorithm that is known to be supported by Mbed TLS APIs.
+ *
+ * This is used in some smoke tests where the hash algorithm is used as
+ * part of another algorithm like a signature algorithm and the hashing is
+ * completed through an Mbed TLS hash API, not the PSA one.
+ */
+#if defined(MBEDTLS_MD5_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_MD5
+/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
+ * exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
+ * in RSA PKCS#1v1.5 signatures. A RIPEMD160-only configuration would be
+ * implausible anyway. */
+#elif defined(MBEDTLS_SHA1_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_1
+#elif defined(MBEDTLS_SHA256_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_256
+#elif defined(MBEDTLS_SHA512_C)
+#define KNOWN_MBEDTLS_SUPPORTED_HASH_ALG PSA_ALG_SHA_512
+#else
+#undef KNOWN_MBEDLTS_SUPPORTED_HASH_ALG
+#endif
+
/** \def KNOWN_SUPPORTED_BLOCK_CIPHER
*
* A block cipher that is known to be supported.
diff --git a/tests/opt-testcases/tls13-compat.sh b/tests/opt-testcases/tls13-compat.sh
new file mode 100755
index 0000000..7b75808
--- /dev/null
+++ b/tests/opt-testcases/tls13-compat.sh
@@ -0,0 +1,3276 @@
+#!/bin/sh
+
+# tls13-compat.sh
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Purpose
+#
+# List TLS1.3 compat test cases. They are generated by
+# `generate_tls13_compat_tests.py -a`.
+#
+# PLEASE DO NOT EDIT THIS FILE. IF NEEDED, PLEASE MODIFY `generate_tls13_compat_tests.py`
+# AND REGENERATE THIS FILE.
+#
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_GCM_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-GCM:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp256r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP256R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp384r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP384R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,secp521r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-SECP521R1:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x25519,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X25519:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_256_GCM_SHA384,x448,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-256-GCM:+GROUP-X448:+SHA384:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-256-GCM-SHA384 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1302 ) - TLS1-3-AES-256-GCM-SHA384" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_CHACHA20_POLY1305_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_CHACHA20_POLY1305_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+CHACHA20-POLY1305:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-CHACHA20-POLY1305-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1304 ) - TLS1-3-AES-128-CCM-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp384r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=secp521r1,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x25519,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp256r1.crt -key data_files/ecdsa_secp256r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp256r1_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp256r1.crt --x509keyfile data_files/ecdsa_secp256r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp256r1_sha256 curves=x448,secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0403 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp256r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=secp521r1,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x25519,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp384r1.crt -key data_files/ecdsa_secp384r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp384r1_sha384 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp384r1_sha384" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp384r1.crt --x509keyfile data_files/ecdsa_secp384r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP384R1-SHA384:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp384r1_sha384 curves=x448,secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0503 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp256r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp384r1,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x25519,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/ecdsa_secp521r1.crt -key data_files/ecdsa_secp521r1.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs ecdsa_secp521r1_sha512 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,ecdsa_secp521r1_sha512" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/ecdsa_secp521r1.crt --x509keyfile data_files/ecdsa_secp521r1.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-ECDSA-SECP521R1-SHA512:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca2.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=ecdsa_secp521r1_sha512 curves=x448,secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0603 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp256r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP256R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp256r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp256r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-384 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp384r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP384R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp384r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp384r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups P-521 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,secp521r1,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-SECP521R1:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=secp521r1" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: secp521r1" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X25519 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x25519,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X25519:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x25519" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x25519" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->O: TLS_AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key -accept $SRV_PORT -ciphersuites TLS_AES_128_CCM_8_SHA256 -sigalgs rsa_pss_rsae_sha256 -groups X448 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 ok" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_DEBUG_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
+run_test "TLS 1.3 m->G: TLS_AES_128_CCM_8_SHA256,x448,rsa_pss_rsae_sha256" \
+ "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --priority=NONE:+AEAD:+AES-128-CCM-8:+GROUP-X448:+SHA256:+SIGN-RSA-PSS-RSAE-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI server_addr=127.0.0.1 server_port=$SRV_PORT debug_level=4 force_version=tls13 ca_file=data_files/test-ca_cat12.crt force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256 sig_algs=rsa_pss_rsae_sha256 curves=x448" \
+ 0 \
+ -c "HTTP/1.0 200 OK" \
+ -c "ECDH curve: x448" \
+ -c "server hello, chosen ciphersuite: ( 1305 ) - TLS1-3-AES-128-CCM-8-SHA256" \
+ -c "Certificate Verify: Signature algorithm ( 0804 )" \
+ -c "Verifying peer X.509 certificate... ok"
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 4f3c7f9..9235be7 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1553,15 +1553,176 @@
env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
}
-component_test_psa_crypto_config_basic() {
- # Test the library excluding all Mbed TLS cryptographic support for which
- # we have an accelerator support. Acceleration is faked with the
- # transparent test driver.
- msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG + as much acceleration as supported"
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+component_test_psa_crypto_config_accel_ecdsa () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA"
+
+ # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+ # partial support for cipher operations in the driver test library.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ # SHA384 needed for some ECDSA signature tests.
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA384_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C
+
+ loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
+ loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+ # Restore test driver base configuration
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA384_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C
+
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py unset MBEDTLS_ECDSA_C
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+
+ loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+ unset loc_accel_flags
+ unset loc_accel_list
+
+ if_build_succeeded not grep mbedtls_ecdsa_ library/ecdsa.o
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA"
+ make test
+}
+
+component_test_psa_crypto_config_accel_rsa_signature () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
+
+ # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+ # partial support for cipher operations in the driver test library.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ # It seems it is not possible to remove only the support for RSA signature
+ # in the library. Thus we have to remove all RSA support (signature and
+ # encryption/decryption). AS there is no driver support for asymmetric
+ # encryption/decryption so far remove RSA encryption/decryption from the
+ # application algorithm list.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_OAEP
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
+
+ # Make sure both the library and the test library support the SHA hash
+ # algorithms and only those ones (SHA256 is included by default). That way:
+ # - the test library can compute the RSA signatures even in the case of a
+ # composite RSA signature algorithm based on a SHA hash (no other hash
+ # used in the unit tests).
+ # - the dependency of RSA signature tests on PSA_WANT_ALG_SHA_xyz is
+ # fulfilled as the hash SHA algorithm is supported by the library, and
+ # thus the tests are run, not skipped.
+ # - when testing a signature key with an algorithm wildcard built from
+ # PSA_ALG_ANY_HASH as algorithm to test with the key, the chosen hash
+ # algorithm based on the hashes supported by the library is also
+ # supported by the test library.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160_C
+
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA1_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_SHA512_C
+ # We need PEM parsing in the test library as well to support the import
+ # of PEM encoded RSA keys.
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_PEM_PARSE_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h set MBEDTLS_BASE64_C
+
+ loc_accel_list="ALG_RSA_PKCS1V15_SIGN ALG_RSA_PSS KEY_TYPE_RSA_KEY_PAIR KEY_TYPE_RSA_PUBLIC_KEY"
+ loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+ # Restore test driver base configuration
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA1_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_SHA512_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_PEM_PARSE_C
+ scripts/config.py -f tests/include/test/drivers/config_test_driver.h unset MBEDTLS_BASE64_C
+
+
+ # Mbed TLS library build
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+
+ # Remove RSA support and its dependencies
+ scripts/config.py unset MBEDTLS_PKCS1_V15
+ scripts/config.py unset MBEDTLS_PKCS1_V21
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ scripts/config.py unset MBEDTLS_RSA_C
+ scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
+
+ scripts/config.py unset MBEDTLS_MD5_C
+ scripts/config.py unset MBEDTLS_RIPEMD160_C
+ scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1
+ scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1
+ scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
+
+ loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+ unset loc_accel_flags
+ unset loc_accel_list
+
+ if_build_succeeded not grep mbedtls_rsa_rsassa_pkcs1_v15_sign library/rsa.o
+ if_build_succeeded not grep mbedtls_rsa_rsassa_pss_sign_ext library/rsa.o
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
+ make test
+}
+
+component_test_psa_crypto_config_accel_hash () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash"
+
+ # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+ # partial support for cipher operations in the driver test library.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ loc_accel_list="ALG_MD5 ALG_RIPEMD160 ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512"
+ loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ scripts/config.py unset MBEDTLS_MD5_C
+ scripts/config.py unset MBEDTLS_RIPEMD160_C
+ scripts/config.py unset MBEDTLS_SHA1_C
+ # Don't unset MBEDTLS_SHA256_C as it is needed by PSA crypto core.
+ scripts/config.py unset MBEDTLS_SHA384_C
+ scripts/config.py unset MBEDTLS_SHA512_C
+ # Unset MBEDTLS_SSL_PROTO_SSL3, MBEDTLS_SSL_PROTO_TLS1 and MBEDTLS_SSL_PROTO_TLS1_1 as they depend on MBEDTLS_SHA1_C
+ scripts/config.py unset MBEDTLS_SSL_PROTO_SSL3
+ scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1
+ scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_1
+ # Unset MBEDTLS_SSL_CBC_RECORD_SPLITTING as it depends on MBEDTLS_SSL_PROTO_TLS1 in the default configuration.
+ scripts/config.py unset MBEDTLS_SSL_CBC_RECORD_SPLITTING
+ loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+ unset loc_accel_flags
+ unset loc_accel_list
+
+ if_build_succeeded not grep mbedtls_sha512_init library/sha512.o
+ if_build_succeeded not grep mbedtls_sha1_init library/sha1.o
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash"
+ make test
+}
+
+component_test_psa_crypto_config_accel_cipher () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated cipher"
+
+ loc_accel_list="ALG_CBC_NO_PADDING ALG_CBC_PKCS7 ALG_CTR ALG_CFB ALG_OFB ALG_XTS KEY_TYPE_DES"
+ loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
# There is no intended accelerator support for ALG STREAM_CIPHER and
# ALG_ECB_NO_PADDING. Therefore, asking for them in the build implies the
@@ -1570,26 +1731,25 @@
# PSA configuration options.
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_CMAC
- # Don't test DES encryption as:
- # 1) It is not an issue if we don't test all cipher types here.
- # 2) That way we don't have to modify in psa_crypto.c the compilation
- # guards MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES for the code they guard to be
- # available to the test driver. Modifications that we would need to
- # revert when we move to compile the test driver separately.
- # We also disable MBEDTLS_DES_C as the dependencies on DES in PSA test
- # suites are still based on MBEDTLS_DES_C and not PSA_WANT_KEY_TYPE_DES.
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_DES
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
+ scripts/config.py unset MBEDTLS_CIPHER_PADDING_PKCS7
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_CTR
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_CFB
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_OFB
+ scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS
scripts/config.py unset MBEDTLS_DES_C
- loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL"
- loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
- loc_cflags="${loc_cflags} -I../tests/include -O2"
+ loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
- make CC=gcc CFLAGS="$loc_cflags" LDFLAGS="$ASAN_CFLAGS"
- unset loc_cflags
+ unset loc_accel_flags
+ unset loc_accel_list
- msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG"
+ if_build_succeeded not grep mbedtls_des* library/des.o
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated hash"
make test
}
diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py
index ac2490f..8bb4923 100755
--- a/tests/scripts/check_names.py
+++ b/tests/scripts/check_names.py
@@ -457,6 +457,139 @@
return enum_consts
+ IGNORED_CHUNK_REGEX = re.compile('|'.join([
+ r'/\*.*?\*/', # block comment entirely on one line
+ r'//.*', # line comment
+ r'(?P<string>")(?:[^\\\"]|\\.)*"', # string literal
+ ]))
+
+ def strip_comments_and_literals(self, line, in_block_comment):
+ """Strip comments and string literals from line.
+
+ Continuation lines are not supported.
+
+ If in_block_comment is true, assume that the line starts inside a
+ block comment.
+
+ Return updated values of (line, in_block_comment) where:
+ * Comments in line have been replaced by a space (or nothing at the
+ start or end of the line).
+ * String contents have been removed.
+ * in_block_comment indicates whether the line ends inside a block
+ comment that continues on the next line.
+ """
+
+ # Terminate current multiline comment?
+ if in_block_comment:
+ m = re.search(r"\*/", line)
+ if m:
+ in_block_comment = False
+ line = line[m.end(0):]
+ else:
+ return '', True
+
+ # Remove full comments and string literals.
+ # Do it all together to handle cases like "/*" correctly.
+ # Note that continuation lines are not supported.
+ line = re.sub(self.IGNORED_CHUNK_REGEX,
+ lambda s: '""' if s.group('string') else ' ',
+ line)
+
+ # Start an unfinished comment?
+ # (If `/*` was part of a complete comment, it's already been removed.)
+ m = re.search(r"/\*", line)
+ if m:
+ in_block_comment = True
+ line = line[:m.start(0)]
+
+ return line, in_block_comment
+
+ IDENTIFIER_REGEX = re.compile('|'.join([
+ # Match " something(a" or " *something(a". Functions.
+ # Assumptions:
+ # - function definition from return type to one of its arguments is
+ # all on one line
+ # - function definition line only contains alphanumeric, asterisk,
+ # underscore, and open bracket
+ r".* \**(\w+) *\( *\w",
+ # Match "(*something)(".
+ r".*\( *\* *(\w+) *\) *\(",
+ # Match names of named data structures.
+ r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$",
+ # Match names of typedef instances, after closing bracket.
+ r"}? *(\w+)[;[].*",
+ ]))
+ # The regex below is indented for clarity.
+ EXCLUSION_LINES = re.compile("|".join([
+ r"extern +\"C\"",
+ r"(typedef +)?(struct|union|enum)( *{)?$",
+ r"} *;?$",
+ r"$",
+ r"//",
+ r"#",
+ ]))
+
+ def parse_identifiers_in_file(self, header_file, identifiers):
+ """
+ Parse all lines of a header where a function/enum/struct/union/typedef
+ identifier is declared, based on some regex and heuristics. Highly
+ dependent on formatting style.
+
+ Append found matches to the list ``identifiers``.
+ """
+
+ with open(header_file, "r", encoding="utf-8") as header:
+ in_block_comment = False
+ # The previous line variable is used for concatenating lines
+ # when identifiers are formatted and spread across multiple
+ # lines.
+ previous_line = ""
+
+ for line_no, line in enumerate(header):
+ line, in_block_comment = \
+ self.strip_comments_and_literals(line, in_block_comment)
+
+ if self.EXCLUSION_LINES.match(line):
+ previous_line = ""
+ continue
+
+ # If the line contains only space-separated alphanumeric
+ # characters (or underscore, asterisk, or open parenthesis),
+ # and nothing else, high chance it's a declaration that
+ # continues on the next line
+ if re.search(r"^([\w\*\(]+\s+)+$", line):
+ previous_line += line
+ continue
+
+ # If previous line seemed to start an unfinished declaration
+ # (as above), concat and treat them as one.
+ if previous_line:
+ line = previous_line.strip() + " " + line.strip() + "\n"
+ previous_line = ""
+
+ # Skip parsing if line has a space in front = heuristic to
+ # skip function argument lines (highly subject to formatting
+ # changes)
+ if line[0] == " ":
+ continue
+
+ identifier = self.IDENTIFIER_REGEX.search(line)
+
+ if not identifier:
+ continue
+
+ # Find the group that matched, and append it
+ for group in identifier.groups():
+ if not group:
+ continue
+
+ identifiers.append(Match(
+ header_file,
+ line,
+ line_no,
+ identifier.span(),
+ group))
+
def parse_identifiers(self, include, exclude=None):
"""
Parse all lines of a header where a function/enum/struct/union/typedef
@@ -469,99 +602,13 @@
Returns a List of Match objects with identifiers.
"""
- identifier_regex = re.compile(
- # Match " something(a" or " *something(a". Functions.
- # Assumptions:
- # - function definition from return type to one of its arguments is
- # all on one line
- # - function definition line only contains alphanumeric, asterisk,
- # underscore, and open bracket
- r".* \**(\w+) *\( *\w|"
- # Match "(*something)(".
- r".*\( *\* *(\w+) *\) *\(|"
- # Match names of named data structures.
- r"(?:typedef +)?(?:struct|union|enum) +(\w+)(?: *{)?$|"
- # Match names of typedef instances, after closing bracket.
- r"}? *(\w+)[;[].*"
- )
- # The regex below is indented for clarity.
- exclusion_lines = re.compile(
- r"^("
- r"extern +\"C\"|" # pylint: disable=bad-continuation
- r"(typedef +)?(struct|union|enum)( *{)?$|"
- r"} *;?$|"
- r"$|"
- r"//|"
- r"#"
- r")"
- )
files = self.get_files(include, exclude)
self.log.debug("Looking for identifiers in {} files".format(len(files)))
identifiers = []
for header_file in files:
- with open(header_file, "r", encoding="utf-8") as header:
- in_block_comment = False
- # The previous line variable is used for concatenating lines
- # when identifiers are formatted and spread across multiple
- # lines.
- previous_line = ""
-
- for line_no, line in enumerate(header):
- # Skip parsing this line if a block comment ends on it,
- # but don't skip if it has just started -- there is a chance
- # it ends on the same line.
- if re.search(r"/\*", line):
- in_block_comment = not in_block_comment
- if re.search(r"\*/", line):
- in_block_comment = not in_block_comment
- continue
-
- if in_block_comment:
- previous_line = ""
- continue
-
- if exclusion_lines.search(line):
- previous_line = ""
- continue
-
- # If the line contains only space-separated alphanumeric
- # characters (or underscore, asterisk, or, open bracket),
- # and nothing else, high chance it's a declaration that
- # continues on the next line
- if re.search(r"^([\w\*\(]+\s+)+$", line):
- previous_line += line
- continue
-
- # If previous line seemed to start an unfinished declaration
- # (as above), concat and treat them as one.
- if previous_line:
- line = previous_line.strip() + " " + line.strip() + "\n"
- previous_line = ""
-
- # Skip parsing if line has a space in front = heuristic to
- # skip function argument lines (highly subject to formatting
- # changes)
- if line[0] == " ":
- continue
-
- identifier = identifier_regex.search(line)
-
- if not identifier:
- continue
-
- # Find the group that matched, and append it
- for group in identifier.groups():
- if not group:
- continue
-
- identifiers.append(Match(
- header_file,
- line,
- line_no,
- identifier.span(),
- group))
+ self.parse_identifiers_in_file(header_file, identifiers)
return identifiers
@@ -779,7 +826,8 @@
match.name
for match
in self.parse_result["macros"] + self.parse_result["enum_consts"]}
- typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$")
+ typo_exclusion = re.compile(r"XXX|__|_$|^MBEDTLS_.*CONFIG_FILE$|"
+ r"MBEDTLS_TEST_LIBTESTDRIVER*")
for name_match in self.parse_result["mbed_words"]:
found = name_match.name in all_caps_names
diff --git a/tests/scripts/check_test_cases.py b/tests/scripts/check_test_cases.py
index fe11f20..f9ae36c 100755
--- a/tests/scripts/check_test_cases.py
+++ b/tests/scripts/check_test_cases.py
@@ -133,6 +133,9 @@
ssl_opt_sh = os.path.join(directory, 'ssl-opt.sh')
if os.path.exists(ssl_opt_sh):
self.walk_ssl_opt_sh(ssl_opt_sh)
+ for ssl_opt_file_name in glob.glob(os.path.join(directory, 'opt-testcases',
+ '*.sh')):
+ self.walk_ssl_opt_sh(ssl_opt_file_name)
class DescriptionChecker(TestDescriptionExplorer):
"""Check all test case descriptions.
diff --git a/tests/scripts/generate_tls13_compat_tests.py b/tests/scripts/generate_tls13_compat_tests.py
new file mode 100755
index 0000000..07013ae
--- /dev/null
+++ b/tests/scripts/generate_tls13_compat_tests.py
@@ -0,0 +1,428 @@
+#!/usr/bin/env python3
+
+# generate_tls13_compat_tests.py
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Generate TLSv1.3 Compat test cases
+
+"""
+
+import sys
+import os
+import abc
+import argparse
+import itertools
+from collections import namedtuple
+# pylint: disable=useless-super-delegation
+
+# define certificates configuration entry
+Certificate = namedtuple("Certificate", ['cafile', 'certfile', 'keyfile'])
+# define the certificate parameters for signature algorithms
+CERTIFICATES = {
+ 'ecdsa_secp256r1_sha256': Certificate('data_files/test-ca2.crt',
+ 'data_files/ecdsa_secp256r1.crt',
+ 'data_files/ecdsa_secp256r1.key'),
+ 'ecdsa_secp384r1_sha384': Certificate('data_files/test-ca2.crt',
+ 'data_files/ecdsa_secp384r1.crt',
+ 'data_files/ecdsa_secp384r1.key'),
+ 'ecdsa_secp521r1_sha512': Certificate('data_files/test-ca2.crt',
+ 'data_files/ecdsa_secp521r1.crt',
+ 'data_files/ecdsa_secp521r1.key'),
+ 'rsa_pss_rsae_sha256': Certificate('data_files/test-ca_cat12.crt',
+ 'data_files/server2-sha256.crt', 'data_files/server2.key'
+ )
+}
+
+CIPHER_SUITE_IANA_VALUE = {
+ "TLS_AES_128_GCM_SHA256": 0x1301,
+ "TLS_AES_256_GCM_SHA384": 0x1302,
+ "TLS_CHACHA20_POLY1305_SHA256": 0x1303,
+ "TLS_AES_128_CCM_SHA256": 0x1304,
+ "TLS_AES_128_CCM_8_SHA256": 0x1305
+}
+
+SIG_ALG_IANA_VALUE = {
+ "ecdsa_secp256r1_sha256": 0x0403,
+ "ecdsa_secp384r1_sha384": 0x0503,
+ "ecdsa_secp521r1_sha512": 0x0603,
+ 'rsa_pss_rsae_sha256': 0x0804,
+}
+
+NAMED_GROUP_IANA_VALUE = {
+ 'secp256r1': 0x17,
+ 'secp384r1': 0x18,
+ 'secp521r1': 0x19,
+ 'x25519': 0x1d,
+ 'x448': 0x1e,
+}
+
+class TLSProgram(metaclass=abc.ABCMeta):
+ """
+ Base class for generate server/client command.
+ """
+
+ def __init__(self, ciphersuite, signature_algorithm, named_group):
+ self._ciphers = []
+ self._sig_algs = []
+ self._named_groups = []
+ self.add_ciphersuites(ciphersuite)
+ self.add_named_groups(named_group)
+ self.add_signature_algorithms(signature_algorithm)
+
+ # add_ciphersuites should not override by sub class
+ def add_ciphersuites(self, *ciphersuites):
+ self._ciphers.extend(
+ [cipher for cipher in ciphersuites if cipher not in self._ciphers])
+
+ # add_signature_algorithms should not override by sub class
+ def add_signature_algorithms(self, *signature_algorithms):
+ self._sig_algs.extend(
+ [sig_alg for sig_alg in signature_algorithms if sig_alg not in self._sig_algs])
+
+ # add_signature_algorithms should not override by sub class
+ def add_named_groups(self, *named_groups):
+ self._named_groups.extend(
+ [named_group for named_group in named_groups if named_group not in self._named_groups])
+
+ @abc.abstractmethod
+ def pre_checks(self):
+ return []
+
+ @abc.abstractmethod
+ def cmd(self):
+ pass
+
+ @abc.abstractmethod
+ def post_checks(self):
+ return []
+
+
+class OpenSSLServ(TLSProgram):
+ """
+ Generate test commands for OpenSSL server.
+ """
+
+ NAMED_GROUP = {
+ 'secp256r1': 'P-256',
+ 'secp384r1': 'P-384',
+ 'secp521r1': 'P-521',
+ 'x25519': 'X25519',
+ 'x448': 'X448',
+ }
+
+ def cmd(self):
+ ret = ['$O_NEXT_SRV_NO_CERT']
+ for _, cert, key in map(lambda sig_alg: CERTIFICATES[sig_alg], self._sig_algs):
+ ret += ['-cert {cert} -key {key}'.format(cert=cert, key=key)]
+ ret += ['-accept $SRV_PORT']
+ ciphersuites = ','.join(self._ciphers)
+ signature_algorithms = ','.join(self._sig_algs)
+ named_groups = ','.join(
+ map(lambda named_group: self.NAMED_GROUP[named_group], self._named_groups))
+ ret += ["-ciphersuites {ciphersuites}".format(ciphersuites=ciphersuites),
+ "-sigalgs {signature_algorithms}".format(
+ signature_algorithms=signature_algorithms),
+ "-groups {named_groups}".format(named_groups=named_groups)]
+ ret += ['-msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache']
+ return ' '.join(ret)
+
+ def pre_checks(self):
+ return ["requires_openssl_tls1_3"]
+
+ def post_checks(self):
+ return ['-c "HTTP/1.0 200 ok"']
+
+
+class GnuTLSServ(TLSProgram):
+ """
+ Generate test commands for GnuTLS server.
+ """
+
+ CIPHER_SUITE = {
+ 'TLS_AES_256_GCM_SHA384': [
+ 'AES-256-GCM',
+ 'SHA384',
+ 'AEAD'],
+ 'TLS_AES_128_GCM_SHA256': [
+ 'AES-128-GCM',
+ 'SHA256',
+ 'AEAD'],
+ 'TLS_CHACHA20_POLY1305_SHA256': [
+ 'CHACHA20-POLY1305',
+ 'SHA256',
+ 'AEAD'],
+ 'TLS_AES_128_CCM_SHA256': [
+ 'AES-128-CCM',
+ 'SHA256',
+ 'AEAD'],
+ 'TLS_AES_128_CCM_8_SHA256': [
+ 'AES-128-CCM-8',
+ 'SHA256',
+ 'AEAD']}
+
+ SIGNATURE_ALGORITHM = {
+ 'ecdsa_secp256r1_sha256': ['SIGN-ECDSA-SECP256R1-SHA256'],
+ 'ecdsa_secp521r1_sha512': ['SIGN-ECDSA-SECP521R1-SHA512'],
+ 'ecdsa_secp384r1_sha384': ['SIGN-ECDSA-SECP384R1-SHA384'],
+ 'rsa_pss_rsae_sha256': ['SIGN-RSA-PSS-RSAE-SHA256']}
+
+ NAMED_GROUP = {
+ 'secp256r1': ['GROUP-SECP256R1'],
+ 'secp384r1': ['GROUP-SECP384R1'],
+ 'secp521r1': ['GROUP-SECP521R1'],
+ 'x25519': ['GROUP-X25519'],
+ 'x448': ['GROUP-X448'],
+ }
+
+ def pre_checks(self):
+ return ["requires_gnutls_tls1_3",
+ "requires_gnutls_next_no_ticket",
+ "requires_gnutls_next_disable_tls13_compat", ]
+
+ def post_checks(self):
+ return ['-c "HTTP/1.0 200 OK"']
+
+ def cmd(self):
+ ret = ['$G_NEXT_SRV_NO_CERT', '--http',
+ '--disable-client-cert', '--debug=4']
+
+ for _, cert, key in map(lambda sig_alg: CERTIFICATES[sig_alg], self._sig_algs):
+ ret += ['--x509certfile {cert} --x509keyfile {key}'.format(
+ cert=cert, key=key)]
+
+ priority_string_list = []
+
+ def update_priority_string_list(items, map_table):
+ for item in items:
+ for i in map_table[item]:
+ if i not in priority_string_list:
+ yield i
+ priority_string_list.extend(update_priority_string_list(
+ self._sig_algs, self.SIGNATURE_ALGORITHM))
+ priority_string_list.extend(
+ update_priority_string_list(self._ciphers, self.CIPHER_SUITE))
+ priority_string_list.extend(update_priority_string_list(
+ self._named_groups, self.NAMED_GROUP))
+ priority_string_list = ['NONE'] + sorted(priority_string_list) + ['VERS-TLS1.3']
+
+ priority_string = ':+'.join(priority_string_list)
+ priority_string += ':%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE'
+ ret += ['--priority={priority_string}'.format(
+ priority_string=priority_string)]
+ ret = ' '.join(ret)
+ return ret
+
+
+class MbedTLSCli(TLSProgram):
+ """
+ Generate test commands for mbedTLS client.
+ """
+
+ CIPHER_SUITE = {
+ 'TLS_AES_256_GCM_SHA384': 'TLS1-3-AES-256-GCM-SHA384',
+ 'TLS_AES_128_GCM_SHA256': 'TLS1-3-AES-128-GCM-SHA256',
+ 'TLS_CHACHA20_POLY1305_SHA256': 'TLS1-3-CHACHA20-POLY1305-SHA256',
+ 'TLS_AES_128_CCM_SHA256': 'TLS1-3-AES-128-CCM-SHA256',
+ 'TLS_AES_128_CCM_8_SHA256': 'TLS1-3-AES-128-CCM-8-SHA256'}
+
+ def cmd(self):
+ ret = ['$P_CLI']
+ ret += ['server_addr=127.0.0.1', 'server_port=$SRV_PORT',
+ 'debug_level=4', 'force_version=tls13']
+ ret += ['ca_file={cafile}'.format(
+ cafile=CERTIFICATES[self._sig_algs[0]].cafile)]
+
+ if self._ciphers:
+ ciphers = ','.join(
+ map(lambda cipher: self.CIPHER_SUITE[cipher], self._ciphers))
+ ret += ["force_ciphersuite={ciphers}".format(ciphers=ciphers)]
+
+ if self._sig_algs:
+ ret += ['sig_algs={sig_algs}'.format(
+ sig_algs=','.join(self._sig_algs))]
+ for sig_alg in self._sig_algs:
+ if sig_alg in ('ecdsa_secp256r1_sha256',
+ 'ecdsa_secp384r1_sha384',
+ 'ecdsa_secp521r1_sha512'):
+ self.add_named_groups(sig_alg.split('_')[1])
+
+ if self._named_groups:
+ named_groups = ','.join(self._named_groups)
+ ret += ["curves={named_groups}".format(named_groups=named_groups)]
+
+ ret = ' '.join(ret)
+ return ret
+
+ def pre_checks(self):
+ ret = ['requires_config_enabled MBEDTLS_DEBUG_C',
+ 'requires_config_enabled MBEDTLS_SSL_CLI_C',
+ 'requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL',
+ 'requires_config_disabled MBEDTLS_USE_PSA_CRYPTO']
+ if 'rsa_pss_rsae_sha256' in self._sig_algs:
+ ret.append(
+ 'requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT')
+ return ret
+
+ def post_checks(self):
+ check_strings = ["ECDH curve: {group}".format(group=self._named_groups[0]),
+ "server hello, chosen ciphersuite: ( {:04x} ) - {}".format(
+ CIPHER_SUITE_IANA_VALUE[self._ciphers[0]],
+ self.CIPHER_SUITE[self._ciphers[0]]),
+ "Certificate Verify: Signature algorithm ( {:04x} )".format(
+ SIG_ALG_IANA_VALUE[self._sig_algs[0]]),
+ "Verifying peer X.509 certificate... ok", ]
+ return ['-c "{}"'.format(i) for i in check_strings]
+
+
+SERVER_CLASSES = {'OpenSSL': OpenSSLServ, 'GnuTLS': GnuTLSServ}
+CLIENT_CLASSES = {'mbedTLS': MbedTLSCli}
+
+
+def generate_compat_test(server=None, client=None, cipher=None, sig_alg=None, named_group=None):
+ """
+ Generate test case with `ssl-opt.sh` format.
+ """
+ name = 'TLS 1.3 {client[0]}->{server[0]}: {cipher},{named_group},{sig_alg}'.format(
+ client=client, server=server, cipher=cipher, sig_alg=sig_alg, named_group=named_group)
+ server_object = SERVER_CLASSES[server](cipher, sig_alg, named_group)
+ client_object = CLIENT_CLASSES[client](cipher, sig_alg, named_group)
+
+ cmd = ['run_test "{}"'.format(name), '"{}"'.format(
+ server_object.cmd()), '"{}"'.format(client_object.cmd()), '0']
+ cmd += server_object.post_checks()
+ cmd += client_object.post_checks()
+ prefix = ' \\\n' + (' '*9)
+ cmd = prefix.join(cmd)
+ return '\n'.join(server_object.pre_checks() + client_object.pre_checks() + [cmd])
+
+
+SSL_OUTPUT_HEADER = '''#!/bin/sh
+
+# {filename}
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Purpose
+#
+# List TLS1.3 compat test cases. They are generated by
+# `generate_tls13_compat_tests.py -a`.
+#
+# PLEASE DO NOT EDIT THIS FILE. IF NEEDED, PLEASE MODIFY `generate_tls13_compat_tests.py`
+# AND REGENERATE THIS FILE.
+#
+'''
+
+
+def main():
+ """
+ Main function of this program
+ """
+ parser = argparse.ArgumentParser()
+
+ parser.add_argument('-o', '--output', nargs='?',
+ default=None, help='Output file path if `-a` was set')
+
+ parser.add_argument('-a', '--generate-all-tls13-compat-tests', action='store_true',
+ default=False, help='Generate all available tls13 compat tests')
+
+ parser.add_argument('--list-ciphers', action='store_true',
+ default=False, help='List supported ciphersuites')
+
+ parser.add_argument('--list-sig-algs', action='store_true',
+ default=False, help='List supported signature algorithms')
+
+ parser.add_argument('--list-named-groups', action='store_true',
+ default=False, help='List supported named groups')
+
+ parser.add_argument('--list-servers', action='store_true',
+ default=False, help='List supported TLS servers')
+
+ parser.add_argument('--list-clients', action='store_true',
+ default=False, help='List supported TLS Clients')
+
+ parser.add_argument('server', choices=SERVER_CLASSES.keys(), nargs='?',
+ default=list(SERVER_CLASSES.keys())[0],
+ help='Choose TLS server program for test')
+ parser.add_argument('client', choices=CLIENT_CLASSES.keys(), nargs='?',
+ default=list(CLIENT_CLASSES.keys())[0],
+ help='Choose TLS client program for test')
+ parser.add_argument('cipher', choices=CIPHER_SUITE_IANA_VALUE.keys(), nargs='?',
+ default=list(CIPHER_SUITE_IANA_VALUE.keys())[0],
+ help='Choose cipher suite for test')
+ parser.add_argument('sig_alg', choices=SIG_ALG_IANA_VALUE.keys(), nargs='?',
+ default=list(SIG_ALG_IANA_VALUE.keys())[0],
+ help='Choose cipher suite for test')
+ parser.add_argument('named_group', choices=NAMED_GROUP_IANA_VALUE.keys(), nargs='?',
+ default=list(NAMED_GROUP_IANA_VALUE.keys())[0],
+ help='Choose cipher suite for test')
+
+ args = parser.parse_args()
+
+ def get_all_test_cases():
+ for cipher, sig_alg, named_group, server, client in \
+ itertools.product(CIPHER_SUITE_IANA_VALUE.keys(), SIG_ALG_IANA_VALUE.keys(),
+ NAMED_GROUP_IANA_VALUE.keys(), SERVER_CLASSES.keys(),
+ CLIENT_CLASSES.keys()):
+ yield generate_compat_test(cipher=cipher, sig_alg=sig_alg, named_group=named_group,
+ server=server, client=client)
+
+ if args.generate_all_tls13_compat_tests:
+ if args.output:
+ with open(args.output, 'w', encoding="utf-8") as f:
+ f.write(SSL_OUTPUT_HEADER.format(
+ filename=os.path.basename(args.output)))
+ f.write('\n\n'.join(get_all_test_cases()))
+ f.write('\n')
+ else:
+ print('\n'.join(get_all_test_cases()))
+ return 0
+
+ if args.list_ciphers or args.list_sig_algs or args.list_named_groups \
+ or args.list_servers or args.list_clients:
+ if args.list_ciphers:
+ print(*CIPHER_SUITE_IANA_VALUE.keys())
+ if args.list_sig_algs:
+ print(*SIG_ALG_IANA_VALUE.keys())
+ if args.list_named_groups:
+ print(*NAMED_GROUP_IANA_VALUE.keys())
+ if args.list_servers:
+ print(*SERVER_CLASSES.keys())
+ if args.list_clients:
+ print(*CLIENT_CLASSES.keys())
+ return 0
+
+ print(generate_compat_test(server=args.server, client=args.client, sig_alg=args.sig_alg,
+ cipher=args.cipher, named_group=args.named_group))
+ return 0
+
+
+if __name__ == "__main__":
+ sys.exit(main())
diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c
index b1880f7..44e0e80 100644
--- a/tests/src/drivers/hash.c
+++ b/tests/src/drivers/hash.c
@@ -24,6 +24,10 @@
#include "test/drivers/hash.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_hash.h"
+#endif
+
mbedtls_test_driver_hash_hooks_t
mbedtls_test_driver_hash_hooks = MBEDTLS_TEST_DRIVER_HASH_INIT;
@@ -41,10 +45,26 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_test_driver_hash_hooks.driver_status =
- mbedtls_transparent_test_driver_hash_compute(
+ libtestdriver1_mbedtls_psa_hash_compute(
alg, input, input_length,
hash, hash_size, hash_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_compute(
+ alg, input, input_length,
+ hash, hash_size, hash_length );
+#else
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) hash;
+ (void) hash_size;
+ (void) hash_length;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_hash_hooks.driver_status );
@@ -63,8 +83,18 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_test_driver_hash_hooks.driver_status =
- mbedtls_transparent_test_driver_hash_setup( operation, alg );
+ libtestdriver1_mbedtls_psa_hash_setup( operation, alg );
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_setup( operation, alg );
+#else
+ (void) operation;
+ (void) alg;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_hash_hooks.driver_status );
@@ -83,9 +113,19 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_test_driver_hash_hooks.driver_status =
- mbedtls_transparent_test_driver_hash_clone( source_operation,
- target_operation );
+ libtestdriver1_mbedtls_psa_hash_clone( source_operation,
+ target_operation );
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_clone( source_operation, target_operation );
+#else
+ (void) source_operation;
+ (void) target_operation;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_hash_hooks.driver_status );
@@ -105,9 +145,20 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_test_driver_hash_hooks.driver_status =
- mbedtls_transparent_test_driver_hash_update(
+ libtestdriver1_mbedtls_psa_hash_update(
operation, input, input_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_update( operation, input, input_length );
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_hash_hooks.driver_status );
@@ -128,9 +179,21 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_test_driver_hash_hooks.driver_status =
- mbedtls_transparent_test_driver_hash_finish(
+ libtestdriver1_mbedtls_psa_hash_finish(
operation, hash, hash_size, hash_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_finish( operation, hash, hash_size, hash_length );
+#else
+ (void) operation;
+ (void) hash;
+ (void) hash_size;
+ (void) hash_length;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_hash_hooks.driver_status );
@@ -148,8 +211,17 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
mbedtls_test_driver_hash_hooks.driver_status =
- mbedtls_transparent_test_driver_hash_abort( operation );
+ libtestdriver1_mbedtls_psa_hash_abort( operation );
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ mbedtls_test_driver_hash_hooks.driver_status =
+ mbedtls_psa_hash_abort( operation );
+#else
+ (void) operation;
+ mbedtls_test_driver_hash_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_hash_hooks.driver_status );
diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c
index 6befe7c..b561960 100644
--- a/tests/src/drivers/test_driver_aead.c
+++ b/tests/src/drivers/test_driver_aead.c
@@ -46,6 +46,7 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_encrypt(
attributes, key_buffer, key_buffer_size,
@@ -54,6 +55,22 @@
additional_data, additional_data_length,
plaintext, plaintext_length,
ciphertext, ciphertext_size, ciphertext_length );
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) nonce;
+ (void) nonce_length;
+ (void) additional_data;
+ (void) additional_data_length;
+ (void) plaintext;
+ (void) plaintext_length;
+ (void) ciphertext;
+ (void) ciphertext_size;
+ (void) ciphertext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -77,6 +94,7 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_decrypt(
attributes, key_buffer, key_buffer_size,
@@ -85,6 +103,22 @@
additional_data, additional_data_length,
ciphertext, ciphertext_length,
plaintext, plaintext_size, plaintext_length );
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) nonce;
+ (void) nonce_length;
+ (void) additional_data;
+ (void) additional_data_length;
+ (void) ciphertext;
+ (void) ciphertext_length;
+ (void) plaintext;
+ (void) plaintext_size;
+ (void) plaintext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -105,9 +139,18 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_encrypt_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -128,9 +171,18 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_decrypt_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -150,8 +202,15 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_set_nonce( operation, nonce, nonce_length );
+#else
+ (void) operation;
+ (void) nonce;
+ (void) nonce_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -171,9 +230,16 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_set_lengths( operation, ad_length,
plaintext_length );
+#else
+ (void) operation;
+ (void) ad_length;
+ (void) plaintext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -193,8 +259,15 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_update_ad( operation, input, input_length );
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -217,9 +290,19 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_update( operation, input, input_length, output,
output_size, output_length );
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ (void) output;
+ (void) output_size;
+ (void) output_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -243,10 +326,21 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_finish( operation, ciphertext, ciphertext_size,
ciphertext_length, tag, tag_size,
tag_length );
+#else
+ (void) operation;
+ (void) ciphertext;
+ (void) ciphertext_size;
+ (void) ciphertext_length;
+ (void) tag;
+ (void) tag_size;
+ (void) tag_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
@@ -272,6 +366,7 @@
uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
size_t check_tag_length;
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_finish( operation,
plaintext,
@@ -280,6 +375,13 @@
check_tag,
sizeof( check_tag ),
&check_tag_length );
+#else
+ (void) operation;
+ (void) plaintext;
+ (void) plaintext_size;
+ (void) plaintext_length;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
if( mbedtls_test_driver_aead_hooks.driver_status == PSA_SUCCESS )
{
@@ -308,8 +410,13 @@
}
else
{
+#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_abort( operation );
+#else
+ (void) operation;
+ mbedtls_test_driver_aead_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_aead_hooks.driver_status );
diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c
index 89a7b59..3d1efb8 100644
--- a/tests/src/drivers/test_driver_cipher.c
+++ b/tests/src/drivers/test_driver_cipher.c
@@ -30,6 +30,10 @@
#include "test/random.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_cipher.h"
+#endif
+
#include <string.h>
mbedtls_test_driver_cipher_hooks_t mbedtls_test_driver_cipher_hooks =
@@ -66,10 +70,21 @@
psa_generate_random( output, PSA_CIPHER_IV_LENGTH( attributes->core.type, alg ) );
- return( mbedtls_transparent_test_driver_cipher_encrypt(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_encrypt(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_encrypt(
attributes, key_buffer, key_buffer_size,
alg, input, input_length,
output, output_size, output_length ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_cipher_decrypt(
@@ -101,10 +116,21 @@
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
- return( mbedtls_transparent_test_driver_cipher_decrypt(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_decrypt(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size,
+ alg, input, input_length,
+ output, output_size, output_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_decrypt(
attributes, key_buffer, key_buffer_size,
alg, input, input_length,
output, output_size, output_length ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_cipher_encrypt_setup(
@@ -124,8 +150,18 @@
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
- return ( mbedtls_transparent_test_driver_cipher_encrypt_setup(
- operation, attributes, key, key_length, alg ) );
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_encrypt_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key, key_length, alg ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_encrypt_setup(
+ operation, attributes, key, key_length, alg ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_cipher_decrypt_setup(
@@ -139,8 +175,18 @@
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
- return ( mbedtls_transparent_test_driver_cipher_decrypt_setup(
- operation, attributes, key, key_length, alg ) );
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_decrypt_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key, key_length, alg ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_decrypt_setup(
+ operation, attributes, key, key_length, alg ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_cipher_abort(
@@ -148,10 +194,12 @@
{
mbedtls_test_driver_cipher_hooks.hits++;
- if( operation->alg == 0 )
- return( PSA_SUCCESS );
-
- mbedtls_transparent_test_driver_cipher_abort( operation );
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ libtestdriver1_mbedtls_psa_cipher_abort( operation );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ mbedtls_psa_cipher_abort( operation );
+#endif
/* Wiping the entire struct here, instead of member-by-member. This is
* useful for the test suite, since it gives a chance of catching memory
@@ -172,8 +220,15 @@
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
- return( mbedtls_transparent_test_driver_cipher_set_iv(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_set_iv(
operation, iv, iv_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_set_iv( operation, iv, iv_length ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_cipher_update(
@@ -202,9 +257,18 @@
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
- return( mbedtls_transparent_test_driver_cipher_update(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_update(
operation, input, input_length,
output, output_size, output_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_update(
+ operation, input, input_length,
+ output, output_size, output_length ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_cipher_finish(
@@ -231,8 +295,16 @@
if( mbedtls_test_driver_cipher_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_cipher_hooks.forced_status );
- return( mbedtls_transparent_test_driver_cipher_finish(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( libtestdriver1_mbedtls_psa_cipher_finish(
operation, output, output_size, output_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_CIPHER)
+ return( mbedtls_psa_cipher_finish(
+ operation, output, output_size, output_length ) );
+#endif
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
/*
diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c
index 61ebc8a..5028073 100644
--- a/tests/src/drivers/test_driver_key_management.c
+++ b/tests/src/drivers/test_driver_key_management.c
@@ -29,9 +29,13 @@
#include "mbedtls/error.h"
#include "test/drivers/key_management.h"
-
#include "test/random.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#endif
+
#include <string.h>
mbedtls_test_driver_key_management_hooks_t
@@ -56,6 +60,38 @@
0xbc, 0x25, 0x16, 0xc3, 0xd2, 0x70, 0x2d, 0x79,
0x2f, 0x13, 0x1a, 0x92, 0x20, 0x95, 0xfd, 0x6c };
+psa_status_t mbedtls_test_transparent_init( void )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+ status = libtestdriver1_psa_crypto_init( );
+ if( status != PSA_SUCCESS )
+ return( status );
+#endif
+
+ (void)status;
+ return( PSA_SUCCESS );
+}
+
+void mbedtls_test_transparent_free( void )
+{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+ libtestdriver1_mbedtls_psa_crypto_free( );
+#endif
+
+ return;
+}
+
+psa_status_t mbedtls_test_opaque_init( void )
+{
+ return( PSA_SUCCESS );
+}
+
+void mbedtls_test_opaque_free( void )
+{
+ return;
+}
/*
* This macro returns the base size for the key context when SE does not
@@ -173,27 +209,34 @@
return( PSA_SUCCESS );
}
- /* Copied from psa_crypto.c */
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR)
- if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
- && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
+ if( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
+ && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
{
- return( mbedtls_transparent_test_driver_ecp_generate_key(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+ return( libtestdriver1_mbedtls_psa_ecp_generate_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key, key_size, key_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR)
+ return( mbedtls_psa_ecp_generate_key(
attributes, key, key_size, key_length ) );
+#endif
}
- else
-#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) */
+ else if( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
+ {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+ return( libtestdriver1_mbedtls_psa_rsa_generate_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key, key_size, key_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR)
+ return( mbedtls_psa_rsa_generate_key(
+ attributes, key, key_size, key_length ) );
+#endif
+ }
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR)
- if ( psa_get_key_type( attributes ) == PSA_KEY_TYPE_RSA_KEY_PAIR )
- return( mbedtls_transparent_test_driver_rsa_generate_key(
- attributes, key, key_size, key_length ) );
- else
-#endif /* defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) */
- {
- (void)attributes;
- return( PSA_ERROR_NOT_SUPPORTED );
- }
+ (void)attributes;
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_generate_key(
@@ -221,45 +264,56 @@
if( mbedtls_test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_key_management_hooks.forced_status );
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_type_t type = psa_get_key_type( attributes );
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
if( PSA_KEY_TYPE_IS_ECC( type ) )
{
- status = mbedtls_test_driver_ecp_import_key(
- attributes,
- data, data_length,
- key_buffer, key_buffer_size,
- key_buffer_length, bits );
- }
- else
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
+ return( libtestdriver1_mbedtls_psa_ecp_import_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ return( mbedtls_psa_ecp_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
#endif
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_RSA( type ) )
- {
- status = mbedtls_test_driver_rsa_import_key(
- attributes,
- data, data_length,
- key_buffer, key_buffer_size,
- key_buffer_length, bits );
}
- else
-#endif
+ else if( PSA_KEY_TYPE_IS_RSA( type ) )
{
- status = PSA_ERROR_NOT_SUPPORTED;
- (void)data;
- (void)data_length;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)key_buffer_length;
- (void)bits;
- (void)type;
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
+ return( libtestdriver1_mbedtls_psa_rsa_import_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ return( mbedtls_psa_rsa_import_key(
+ attributes,
+ data, data_length,
+ key_buffer, key_buffer_size,
+ key_buffer_length, bits ) );
+#endif
}
- return( status );
+ (void)data;
+ (void)data_length;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)key_buffer_length;
+ (void)bits;
+ (void)type;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
@@ -298,40 +352,58 @@
memcpy( key_buffer_temp, data, data_length );
*key_buffer_length = data_length;
}
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
else if( PSA_KEY_TYPE_IS_ECC( type ) )
{
- status = mbedtls_test_driver_ecp_import_key(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) )
+ status = libtestdriver1_mbedtls_psa_ecp_import_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ data, data_length,
+ key_buffer_temp, key_buffer_size,
+ key_buffer_length, bits );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ status = mbedtls_psa_ecp_import_key(
attributes,
data, data_length,
- key_buffer_temp,
- key_buffer_size,
+ key_buffer_temp, key_buffer_size,
key_buffer_length, bits );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
if( status != PSA_SUCCESS )
goto exit;
}
- else
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_RSA( type ) )
+ else if( PSA_KEY_TYPE_IS_RSA( type ) )
{
- status = mbedtls_test_driver_rsa_import_key(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) )
+ status = libtestdriver1_mbedtls_psa_rsa_import_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ data, data_length,
+ key_buffer_temp, key_buffer_size,
+ key_buffer_length, bits );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ status = mbedtls_psa_rsa_import_key(
attributes,
data, data_length,
- key_buffer_temp,
- key_buffer_size,
+ key_buffer_temp, key_buffer_size,
key_buffer_length, bits );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
if( status != PSA_SUCCESS )
goto exit;
}
else
-#endif
{
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
+
status = mbedtls_test_opaque_wrap_key( key_buffer_temp, *key_buffer_length,
key_buffer, key_buffer_size, key_buffer_length );
exit:
@@ -439,39 +511,48 @@
return( PSA_SUCCESS );
}
- psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_key_type_t key_type = psa_get_key_type( attributes );
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
if( PSA_KEY_TYPE_IS_ECC( key_type ) )
{
- status = mbedtls_test_driver_ecp_export_public_key(
- attributes,
- key_buffer, key_buffer_size,
- data, data_size, data_length );
- }
- else
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY) )
+ return( libtestdriver1_mbedtls_psa_ecp_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ return( mbedtls_psa_ecp_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
#endif
-#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_RSA( key_type ) )
- {
- status = mbedtls_test_driver_rsa_export_public_key(
- attributes,
- key_buffer, key_buffer_size,
- data, data_size, data_length );
}
- else
-#endif
+ else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
{
- status = PSA_ERROR_NOT_SUPPORTED;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)key_type;
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY) )
+ return( libtestdriver1_mbedtls_psa_rsa_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ return( mbedtls_psa_rsa_export_public_key(
+ attributes,
+ key_buffer, key_buffer_size,
+ data, data_size, data_length ) );
+#endif
}
- return( status );
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)key_type;
+
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_opaque_export_public_key(
@@ -489,34 +570,55 @@
if( key_buffer_temp == NULL )
return( PSA_ERROR_INSUFFICIENT_MEMORY );
- #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY)
if( PSA_KEY_TYPE_IS_ECC( key_type ) )
{
status = mbedtls_test_opaque_unwrap_key( key, key_length,
key_buffer_temp, key_length, data_length );
if( status == PSA_SUCCESS )
- status = mbedtls_test_driver_ecp_export_public_key(
- attributes,
- key_buffer_temp, *data_length,
- data, data_size, data_length );
+ {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) )
+ status = libtestdriver1_mbedtls_psa_ecp_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY)
+ status = mbedtls_psa_ecp_export_public_key(
+ attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
}
- else
- #endif
- #if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
- defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY)
- if( PSA_KEY_TYPE_IS_RSA( key_type ) )
+ else if( PSA_KEY_TYPE_IS_RSA( key_type ) )
{
status = mbedtls_test_opaque_unwrap_key( key, key_length,
key_buffer_temp, key_length, data_length );
if( status == PSA_SUCCESS )
- status = mbedtls_test_driver_rsa_export_public_key(
- attributes,
- key_buffer_temp, *data_length,
- data, data_size, data_length );
+ {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_RSA_PUBLIC_KEY) )
+ status = libtestdriver1_mbedtls_psa_rsa_export_public_key(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR) || \
+ defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_PUBLIC_KEY)
+ status = mbedtls_psa_rsa_export_public_key(
+ attributes,
+ key_buffer_temp, *data_length,
+ data, data_size, data_length );
+#else
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
+ }
}
else
- #endif
{
status = PSA_ERROR_NOT_SUPPORTED;
(void)key;
diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c
index 3b766dc..f909785 100644
--- a/tests/src/drivers/test_driver_mac.c
+++ b/tests/src/drivers/test_driver_mac.c
@@ -24,6 +24,10 @@
#include "test/drivers/mac.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_mac.h"
+#endif
+
mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks =
MBEDTLS_TEST_DRIVER_MAC_INIT;
@@ -47,11 +51,32 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_compute(
+ libtestdriver1_mbedtls_psa_mac_compute(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size, alg,
+ input, input_length,
+ mac, mac_size, mac_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_compute(
attributes, key_buffer, key_buffer_size, alg,
input, input_length,
mac, mac_size, mac_length );
+#else
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -73,9 +98,25 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_sign_setup(
+ libtestdriver1_mbedtls_psa_mac_sign_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size, alg );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_sign_setup(
operation, attributes, key_buffer, key_buffer_size, alg );
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -97,9 +138,25 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_verify_setup(
+ libtestdriver1_mbedtls_psa_mac_verify_setup(
+ operation,
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size, alg );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_verify_setup(
operation, attributes, key_buffer, key_buffer_size, alg );
+#else
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -119,9 +176,21 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_update(
+ libtestdriver1_mbedtls_psa_mac_update(
operation, input, input_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_update(
+ operation, input, input_length );
+#else
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -142,9 +211,22 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_sign_finish(
+ libtestdriver1_mbedtls_psa_mac_sign_finish(
operation, mac, mac_size, mac_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_sign_finish(
+ operation, mac, mac_size, mac_length );
+#else
+ (void) operation;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -164,9 +246,21 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_verify_finish(
+ libtestdriver1_mbedtls_psa_mac_verify_finish(
operation, mac, mac_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_verify_finish(
+ operation, mac, mac_length );
+#else
+ (void) operation;
+ (void) mac;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -184,8 +278,17 @@
}
else
{
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_MAC)
mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_transparent_test_driver_mac_abort( operation );
+ libtestdriver1_mbedtls_psa_mac_abort( operation );
+#elif defined(MBEDTLS_PSA_BUILTIN_MAC)
+ mbedtls_test_driver_mac_hooks.driver_status =
+ mbedtls_psa_mac_abort( operation );
+#else
+ (void) operation;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
+#endif
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -211,11 +314,16 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_compute(
- attributes, key_buffer, key_buffer_size, alg,
- input, input_length,
- mac, mac_size, mac_length );
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ (void) input;
+ (void) input_length;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -237,9 +345,12 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_sign_setup(
- operation, attributes, key_buffer, key_buffer_size, alg );
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -261,9 +372,12 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_verify_setup(
- operation, attributes, key_buffer, key_buffer_size, alg );
+ (void) operation;
+ (void) attributes;
+ (void) key_buffer;
+ (void) key_buffer_size;
+ (void) alg;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -283,9 +397,10 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_update(
- operation, input, input_length );
+ (void) operation;
+ (void) input;
+ (void) input_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -306,9 +421,11 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_sign_finish(
- operation, mac, mac_size, mac_length );
+ (void) operation;
+ (void) mac;
+ (void) mac_size;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -328,9 +445,10 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_verify_finish(
- operation, mac, mac_length );
+ (void) operation;
+ (void) mac;
+ (void) mac_length;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
@@ -348,8 +466,8 @@
}
else
{
- mbedtls_test_driver_mac_hooks.driver_status =
- mbedtls_opaque_test_driver_mac_abort( operation );
+ (void) operation;
+ mbedtls_test_driver_mac_hooks.driver_status = PSA_ERROR_NOT_SUPPORTED;
}
return( mbedtls_test_driver_mac_hooks.driver_status );
diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c
index 2d58756..ef6d135 100644
--- a/tests/src/drivers/test_driver_signature.c
+++ b/tests/src/drivers/test_driver_signature.c
@@ -29,13 +29,21 @@
#include "psa_crypto_rsa.h"
#include "mbedtls/ecp.h"
+#include "test/drivers/hash.h"
#include "test/drivers/signature.h"
+#include "test/drivers/hash.h"
#include "mbedtls/md.h"
#include "mbedtls/ecdsa.h"
#include "test/random.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_ecp.h"
+#include "libtestdriver1/library/psa_crypto_hash.h"
+#include "libtestdriver1/library/psa_crypto_rsa.h"
+#endif
+
#include <string.h>
mbedtls_test_driver_signature_hooks_t
@@ -54,58 +62,70 @@
size_t signature_size,
size_t *signature_length )
{
-#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
if( attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
- return( mbedtls_transparent_test_driver_rsa_sign_hash(
- attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_size, signature_length ) );
- }
- else
-#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
-
-#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
- if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
- {
- if(
-#if defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
- PSA_ALG_IS_ECDSA( alg )
-#else
- PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
-#endif
- )
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
+ PSA_ALG_IS_RSA_PSS( alg) )
{
- return( mbedtls_transparent_test_driver_ecdsa_sign_hash(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) )
+ return( libtestdriver1_mbedtls_psa_rsa_sign_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+ return( mbedtls_psa_rsa_sign_hash(
attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_size, signature_length ) );
+#endif
}
else
{
return( PSA_ERROR_INVALID_ARGUMENT );
}
}
- else
-#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
+ else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
{
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_size;
- (void)signature_length;
- return( PSA_ERROR_NOT_SUPPORTED );
+ if( PSA_ALG_IS_ECDSA( alg ) )
+ {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) )
+ return( libtestdriver1_mbedtls_psa_ecdsa_sign_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ return( mbedtls_psa_ecdsa_sign_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
+#endif
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
}
+
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_size;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t verify_hash(
@@ -118,52 +138,69 @@
const uint8_t *signature,
size_t signature_length )
{
-#if defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) || \
- defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS)
if( PSA_KEY_TYPE_IS_RSA( attributes->core.type ) )
{
- return( mbedtls_transparent_test_driver_rsa_verify_hash(
- attributes,
- key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_length ) );
- }
- else
-#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PKCS1V15_SIGN) ||
- * defined(MBEDTLS_PSA_ACCEL_ALG_RSA_PSS) */
-
-#if defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
- if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
- {
- if( PSA_ALG_IS_ECDSA( alg ) )
+ if( PSA_ALG_IS_RSA_PKCS1V15_SIGN( alg ) ||
+ PSA_ALG_IS_RSA_PSS( alg) )
{
- return( mbedtls_transparent_test_driver_ecdsa_verify_hash(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS) )
+ return( libtestdriver1_mbedtls_psa_rsa_verify_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PSS)
+ return( mbedtls_psa_rsa_verify_hash(
attributes,
key_buffer, key_buffer_size,
alg, hash, hash_length,
signature, signature_length ) );
+#endif
}
else
{
return( PSA_ERROR_INVALID_ARGUMENT );
}
}
- else
-#endif /* defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) ||
- * defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA) */
+ else if( PSA_KEY_TYPE_IS_ECC( attributes->core.type ) )
{
- (void)attributes;
- (void)key_buffer;
- (void)key_buffer_size;
- (void)alg;
- (void)hash;
- (void)hash_length;
- (void)signature;
- (void)signature_length;
-
- return( PSA_ERROR_NOT_SUPPORTED );
+ if( PSA_ALG_IS_ECDSA( alg ) )
+ {
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ ( defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) )
+ return( libtestdriver1_mbedtls_psa_ecdsa_verify_hash(
+ (const libtestdriver1_psa_key_attributes_t *) attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#elif defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
+ return( mbedtls_psa_ecdsa_verify_hash(
+ attributes,
+ key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
+#endif
+ }
+ else
+ {
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
}
+
+ (void)attributes;
+ (void)key_buffer;
+ (void)key_buffer_size;
+ (void)alg;
+ (void)hash;
+ (void)hash_length;
+ (void)signature;
+ (void)signature_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
}
psa_status_t mbedtls_test_transparent_signature_sign_message(
@@ -198,16 +235,26 @@
return( PSA_SUCCESS );
}
- status = mbedtls_transparent_test_driver_hash_compute(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ status = libtestdriver1_mbedtls_psa_hash_compute(
PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
hash, sizeof( hash ), &hash_length );
-
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ status = mbedtls_psa_hash_compute(
+ PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
+ hash, sizeof( hash ), &hash_length );
+#else
+ (void) input;
+ (void) input_length;
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
if( status != PSA_SUCCESS )
return status;
- return sign_hash( attributes, key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_size, signature_length );
+ return( sign_hash( attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_size, signature_length ) );
}
psa_status_t mbedtls_test_opaque_signature_sign_message(
@@ -253,16 +300,26 @@
if( mbedtls_test_driver_signature_verify_hooks.forced_status != PSA_SUCCESS )
return( mbedtls_test_driver_signature_verify_hooks.forced_status );
- status = mbedtls_transparent_test_driver_hash_compute(
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_HASH)
+ status = libtestdriver1_mbedtls_psa_hash_compute(
PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
hash, sizeof( hash ), &hash_length );
-
+#elif defined(MBEDTLS_PSA_BUILTIN_HASH)
+ status = mbedtls_psa_hash_compute(
+ PSA_ALG_SIGN_GET_HASH( alg ), input, input_length,
+ hash, sizeof( hash ), &hash_length );
+#else
+ (void) input;
+ (void) input_length;
+ status = PSA_ERROR_NOT_SUPPORTED;
+#endif
if( status != PSA_SUCCESS )
return status;
- return verify_hash( attributes, key_buffer, key_buffer_size,
- alg, hash, hash_length,
- signature, signature_length );
+ return( verify_hash( attributes, key_buffer, key_buffer_size,
+ alg, hash, hash_length,
+ signature, signature_length ) );
}
psa_status_t mbedtls_test_opaque_signature_verify_message(
@@ -309,9 +366,9 @@
return( PSA_SUCCESS );
}
- return sign_hash( attributes, key_buffer, key_buffer_size,
+ return( sign_hash( attributes, key_buffer, key_buffer_size,
alg, hash, hash_length,
- signature, signature_size, signature_length );
+ signature, signature_size, signature_length ) );
}
psa_status_t mbedtls_test_opaque_signature_sign_hash(
diff --git a/tests/src/psa_exercise_key.c b/tests/src/psa_exercise_key.c
index fc58fbd..c1e76c8 100644
--- a/tests/src/psa_exercise_key.c
+++ b/tests/src/psa_exercise_key.c
@@ -309,8 +309,8 @@
/* If the policy allows signing with any hash, just pick one. */
if( PSA_ALG_IS_SIGN_HASH( alg ) && hash_alg == PSA_ALG_ANY_HASH )
{
- #if defined(KNOWN_SUPPORTED_HASH_ALG)
- hash_alg = KNOWN_SUPPORTED_HASH_ALG;
+ #if defined(KNOWN_MBEDTLS_SUPPORTED_HASH_ALG)
+ hash_alg = KNOWN_MBEDTLS_SUPPORTED_HASH_ALG;
alg ^= PSA_ALG_ANY_HASH ^ hash_alg;
#else
TEST_ASSERT( ! "No hash algorithm for hash-and-sign testing" );
@@ -643,7 +643,7 @@
TEST_EQUAL( exported_length, PSA_BITS_TO_BYTES( bits ) );
else
-#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_PARSE_C)
+#if defined(MBEDTLS_ASN1_PARSE_C)
if( type == PSA_KEY_TYPE_RSA_KEY_PAIR )
{
uint8_t *p = (uint8_t*) exported;
@@ -690,7 +690,7 @@
TEST_ASSERT( exported_length <= PSA_EXPORT_KEY_PAIR_MAX_SIZE );
}
else
-#endif /* MBEDTLS_RSA_C */
+#endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(MBEDTLS_ECP_C)
if( PSA_KEY_TYPE_IS_ECC_KEY_PAIR( type ) )
@@ -703,7 +703,7 @@
else
#endif /* MBEDTLS_ECP_C */
-#if defined(MBEDTLS_RSA_C)
+#if defined(MBEDTLS_ASN1_PARSE_C)
if( type == PSA_KEY_TYPE_RSA_PUBLIC_KEY )
{
uint8_t *p = (uint8_t*) exported;
@@ -731,7 +731,7 @@
PSA_EXPORT_PUBLIC_KEY_MAX_SIZE );
}
else
-#endif /* MBEDTLS_RSA_C */
+#endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(MBEDTLS_ECP_C)
if( PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY( type ) )
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 33e2777..d5e9e01 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -79,20 +79,20 @@
if [ -n "${OPENSSL_NEXT:-}" ]; then
O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
- O_NEXT_SRV_RSA="$OPENSSL_NEXT s_server -www -cert data_files/server2-sha256.crt -key data_files/server2.key"
+ O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www "
O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client"
else
O_NEXT_SRV=false
- O_NEXT_SRV_RSA=false
+ O_NEXT_SRV_NO_CERT=false
O_NEXT_CLI=false
fi
if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
- G_NEXT_SRV_RSA="$GNUTLS_NEXT_SERV --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key"
+ G_NEXT_SRV_NO_CERT="$GNUTLS_NEXT_SERV"
else
G_NEXT_SRV=false
- G_NEXT_SRV_RSA=false
+ G_NEXT_SRV_NO_CERT=false
fi
if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
@@ -1420,13 +1420,13 @@
if [ -n "${OPENSSL_NEXT:-}" ]; then
O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
- O_NEXT_SRV_RSA="$O_NEXT_SRV_RSA -accept $SRV_PORT"
+ O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT"
O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
fi
if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
- G_NEXT_SRV_RSA="$G_NEXT_SRV_RSA -p $SRV_PORT"
+ G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT"
fi
if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
@@ -8770,7 +8770,7 @@
# openssl feature tests: check if tls1.3 exists.
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-run_test "TLS1.3: Test openssl tls1_3 feature" \
+run_test "TLS 1.3: Test openssl tls1_3 feature" \
"$O_NEXT_SRV -tls1_3 -msg" \
"$O_NEXT_CLI -tls1_3 -msg" \
0 \
@@ -8782,7 +8782,7 @@
requires_gnutls_next_no_ticket
requires_gnutls_next_disable_tls13_compat
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-run_test "TLS1.3: Test gnutls tls1_3 feature" \
+run_test "TLS 1.3: Test gnutls tls1_3 feature" \
"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert " \
"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
0 \
@@ -8794,7 +8794,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
skip_handshake_stage_check
-run_test "TLS1.3: Not supported version check: tls12 and tls13" \
+run_test "TLS 1.3: Not supported version check: tls12 and tls13" \
"$P_SRV debug_level=1 min_version=tls12 max_version=tls13" \
"$P_CLI debug_level=1 min_version=tls12 max_version=tls13" \
1 \
@@ -8805,7 +8805,7 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-run_test "TLS1.3: handshake dispatch test: tls13 only" \
+run_test "TLS 1.3: handshake dispatch test: tls13 only" \
"$P_SRV debug_level=2 min_version=tls13 max_version=tls13" \
"$P_CLI debug_level=2 min_version=tls13 max_version=tls13" \
1 \
@@ -8815,7 +8815,7 @@
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
-run_test "TLS1.3: minimal feature sets - openssl" \
+run_test "TLS 1.3: minimal feature sets - openssl" \
"$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
"$P_CLI debug_level=3 min_version=tls13 max_version=tls13" \
0 \
@@ -8841,28 +8841,12 @@
-c "<= parse finished message" \
-c "HTTP/1.0 200 ok"
-requires_openssl_tls1_3
-requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-requires_config_enabled MBEDTLS_DEBUG_C
-requires_config_enabled MBEDTLS_SSL_CLI_C
-requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
-requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
-run_test "TLS 1.3 m->O AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \
- "$O_NEXT_SRV_RSA -ciphersuites TLS_AES_128_GCM_SHA256 -tls1_3 -msg -no_middlebox -num_tickets 0" \
- "$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
- 0 \
- -c "ECDH curve: x25519" \
- -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
- -c "Certificate Verify: Signature algorithm ( 0804 )" \
- -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
- -c "HTTP/1.0 200 ok"
-
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_gnutls_next_disable_tls13_compat
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
-run_test "TLS1.3: minimal feature sets - gnutls" \
+run_test "TLS 1.3: minimal feature sets - gnutls" \
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \
"$P_CLI debug_level=3 min_version=tls13 max_version=tls13" \
0 \
@@ -8889,23 +8873,126 @@
-c "<= parse finished message" \
-c "HTTP/1.0 200 OK"
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+requires_gnutls_tls1_3
+run_test "TLS 1.3:Not supported version check:gnutls: srv max TLS 1.0" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0 -d 4" \
+ "$P_CLI min_version=tls13 max_version=tls13 debug_level=4" \
+ 1 \
+ -s "Client's version: 3.3" \
+ -c "is a fatal alert message (msg 40)" \
+ -S "Version: TLS1.0" \
+ -C "Protocol is TLSv1.0"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+requires_gnutls_tls1_3
+run_test "TLS 1.3:Not supported version check:gnutls: srv max TLS 1.1" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1 -d 4" \
+ "$P_CLI min_version=tls13 max_version=tls13 debug_level=4" \
+ 1 \
+ -s "Client's version: 3.3" \
+ -c "is a fatal alert message (msg 40)" \
+ -S "Version: TLS1.1" \
+ -C "Protocol is TLSv1.1"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+requires_gnutls_tls1_3
+run_test "TLS 1.3:Not supported version check:gnutls: srv max TLS 1.2" \
+ "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 -d 4" \
+ "$P_CLI min_version=tls13 max_version=tls13 debug_level=4" \
+ 1 \
+ -s "Client's version: 3.3" \
+ -c "is a fatal alert message (msg 40)" \
+ -S "Version: TLS1.2" \
+ -C "Protocol is TLSv1.2"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+requires_openssl_next
+run_test "TLS 1.3:Not supported version check:openssl: srv max TLS 1.0" \
+ "$O_NEXT_SRV -msg -tls1" \
+ "$P_CLI min_version=tls13 max_version=tls13 debug_level=4" \
+ 1 \
+ -s "fatal protocol_version" \
+ -c "is a fatal alert message (msg 70)" \
+ -S "Version: TLS1.0" \
+ -C "Protocol : TLSv1.0"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+requires_openssl_next
+run_test "TLS 1.3:Not supported version check:openssl: srv max TLS 1.1" \
+ "$O_NEXT_SRV -msg -tls1_1" \
+ "$P_CLI min_version=tls13 max_version=tls13 debug_level=4" \
+ 1 \
+ -s "fatal protocol_version" \
+ -c "is a fatal alert message (msg 70)" \
+ -S "Version: TLS1.1" \
+ -C "Protocol : TLSv1.1"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+skip_handshake_stage_check
+requires_openssl_next
+run_test "TLS 1.3:Not supported version check:openssl: srv max TLS 1.2" \
+ "$O_NEXT_SRV -msg -tls1_2" \
+ "$P_CLI min_version=tls13 max_version=tls13 debug_level=4" \
+ 1 \
+ -s "fatal protocol_version" \
+ -c "is a fatal alert message (msg 70)" \
+ -S "Version: TLS1.2" \
+ -C "Protocol : TLSv1.2"
+
+requires_openssl_tls1_3
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3: CertificateRequest check - openssl" \
+ "$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
+ "$P_CLI debug_level=4 force_version=tls13 " \
+ 1 \
+ -c "CertificateRequest not supported"
+
+requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_gnutls_next_disable_tls13_compat
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
-requires_config_enabled MBEDTLS_DEBUG_C
-requires_config_enabled MBEDTLS_SSL_CLI_C
-requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
-requires_gnutls_next
-run_test "TLS 1.3 m->G AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \
- "$G_NEXT_SRV_RSA --disable-client-cert --priority=NORMAL:+CIPHER-ALL:+SHA256:+GROUP-SECP256R1:+ECDHE-ECDSA:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
- "$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
- 0 \
- -c "ECDH curve: x25519" \
- -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
- -c "Certificate Verify: Signature algorithm ( 0804 )" \
- -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
- -c "HTTP/1.0 200 OK"
+run_test "TLS 1.3: CertificateRequest check - gnutls" \
+ "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI debug_level=3 min_version=tls13 max_version=tls13" \
+ 1 \
+ -c "CertificateRequest not supported"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+requires_openssl_tls1_3
+run_test "TLS 1.3: HelloRetryRequest check - openssl" \
+ "$O_NEXT_SRV -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
+ "$P_CLI debug_level=4 force_version=tls13" \
+ 1 \
+ -c "received HelloRetryRequest message" \
+ -c "HRR not supported" \
+ -c "Last error was: -0x6E00 - SSL - The handshake negotiation failed"
+
+requires_gnutls_tls1_3
+requires_gnutls_next_no_ticket
+requires_gnutls_next_disable_tls13_compat
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
+requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
+run_test "TLS 1.3: HelloRetryRequest check - gnutls" \
+ "$G_NEXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
+ "$P_CLI debug_level=4 force_version=tls13" \
+ 1 \
+ -c "received HelloRetryRequest message" \
+ -c "HRR not supported" \
+ -c "Last error was: -0x6E00 - SSL - The handshake negotiation failed" \
+ -s "HELLO RETRY REQUEST was queued"
+for i in $(ls opt-testcases/*.sh)
+do
+ . $i
+done
# Test heap memory usage after handshake
requires_config_enabled MBEDTLS_MEMORY_DEBUG
diff --git a/tests/suites/test_suite_base64.function b/tests/suites/test_suite_base64.function
index 67fbb67..7baa3d5 100644
--- a/tests/suites/test_suite_base64.function
+++ b/tests/suites/test_suite_base64.function
@@ -1,6 +1,7 @@
/* BEGIN_HEADER */
#include "mbedtls/base64.h"
-#include "base64_invasive.h"
+#include "constant_time_internal.h"
+#include "constant_time_invasive.h"
#include <test/constant_flow.h>
#if defined(MBEDTLS_TEST_HOOKS)
@@ -24,7 +25,7 @@
{
mbedtls_test_set_step( c );
TEST_CF_SECRET( &c, sizeof( c ) );
- unsigned char m = mbedtls_base64_mask_of_range( low, high, c );
+ unsigned char m = mbedtls_ct_uchar_mask_of_range( low, high, c );
TEST_CF_PUBLIC( &c, sizeof( c ) );
TEST_CF_PUBLIC( &m, sizeof( m ) );
if( low <= c && c <= high )
@@ -42,7 +43,7 @@
{
mbedtls_test_set_step( value );
TEST_CF_SECRET( &value, sizeof( value ) );
- unsigned char digit = mbedtls_base64_enc_char( value );
+ unsigned char digit = mbedtls_ct_base64_enc_char( value );
TEST_CF_PUBLIC( &value, sizeof( value ) );
TEST_CF_PUBLIC( &digit, sizeof( digit ) );
TEST_EQUAL( digit, base64_digits[value] );
@@ -66,7 +67,7 @@
else
expected = p - base64_digits;
TEST_CF_SECRET( &c, sizeof( c ) );
- signed char actual = mbedtls_base64_dec_value( c );
+ signed char actual = mbedtls_ct_base64_dec_value( c );
TEST_CF_PUBLIC( &c, sizeof( c ) );
TEST_CF_PUBLIC( &actual, sizeof( actual ) );
TEST_EQUAL( actual, expected );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 2c5537f..c45f9f0 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1624,11 +1624,11 @@
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: algorithm known but not supported, long key
-depends_on:!MBEDTLS_MD5_C
+depends_on:!PSA_WANT_ALG_MD5
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: algorithm known but not supported, short key
-depends_on:!MBEDTLS_MD5_C
+depends_on:!PSA_WANT_ALG_MD5
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
PSA MAC: bad order function calls
@@ -2835,6 +2835,78 @@
depends_on:MBEDTLS_CHACHA20_C
aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED
+PSA Multipart AEAD encrypt: AES - CCM, 23 bytes (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":1:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 4 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 6 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,6):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 8 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 10 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,10):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 12 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,12):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 14 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
+
+PSA Multipart AEAD encrypt: AES - CCM, 24 bytes, T = 16 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
+
+PSA Multipart AEAD decrypt: AES - CCM, 39 bytes (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":1:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C"
+
+PSA Multipart AEAD decrypt, AES - CCM, 40 bytes (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 4 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 6 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,6):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 8 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 10 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,10):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 12 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,12):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 14 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,14):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
+PSA Multipart AEAD decrypt: AES - CCM, 24 bytes, T = 16 (lengths set)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,16):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef"
+
PSA Multipart AEAD encrypt, AES-GCM, 128 bytes #1
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"a0ec7b0052541d9e9c091fb7fc481409":PSA_ALG_GCM:"00e440846db73a490573deaf3728c94f":"a3cfcb832e935eb5bc3812583b3a1b2e82920c07fda3668a35d939d8f11379bb606d39e6416b2ef336fffb15aec3f47a71e191f4ff6c56ff15913562619765b26ae094713d60bab6ab82bfc36edaaf8c7ce2cf5906554dcc5933acdb9cb42c1d24718efdc4a09256020b024b224cfe602772bd688c6c8f1041a46f7ec7d51208":"5431d93278c35cfcd7ffa9ce2de5c6b922edffd5055a9eaa5b54cae088db007cf2d28efaf9edd1569341889073e87c0a88462d77016744be62132fd14a243ed6e30e12cd2f7d08a8daeec161691f3b27d4996df8745d74402ee208e4055615a8cb069d495cf5146226490ac615d7b17ab39fb4fdd098e4e7ee294d34c1312826":0:"3b6de52f6e582d317f904ee768895bd4d0790912efcf27b58651d0eb7eb0b2f07222c6ffe9f7e127d98ccb132025b098a67dc0ec0083235e9f83af1ae1297df4319547cbcb745cebed36abc1f32a059a05ede6c00e0da097521ead901ad6a73be20018bda4c323faa135169e21581e5106ac20853642e9d6b17f1dd925c872814365847fe0b7b7fbed325953df344a96"
@@ -3267,6 +3339,46 @@
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"a0784d7a4716f3feb4f64e7f4b39bf04":1:""
+PSA Multipart AEAD verify: AES - CCM, invalid signature
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":"7c0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_SIGNATURE
+
+PSA Multipart AEAD verify: AES - CCM, invalid signature, T = 4
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":"0748c8ef":1:PSA_ERROR_INVALID_SIGNATURE
+
+PSA Multipart AEAD verify: AES - CCM, T = 4, tag is truncated tag for T = 16
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,4):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d":"0748c8ef":1:PSA_ERROR_INVALID_SIGNATURE
+
+PSA Multipart AEAD verify: AES - CCM, invalid tag length 0
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,0):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart AEAD verify: AES - CCM, invalid tag length 2
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,2):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"c8ef":1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart AEAD verify: AES - CCM, invalid tag length 15
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,15):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart AEAD verify: AES - CCM, T = 16, but passing 15 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_SIGNATURE
+
+PSA Multipart AEAD verify: AES - CCM, T = 16, but passing 17 bytes
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"532b0a61c9f825a48671ea05910748c8ef":1:PSA_ERROR_INVALID_SIGNATURE
+
+PSA Multipart AEAD verify: AES - CCM, T = 16 but passing 0 bytes (valid buffer)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":1:PSA_ERROR_INVALID_SIGNATURE
+
+PSA Multipart AEAD verify: AES - CCM, T = 16 but passing 0 bytes (NULL buffer)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_verify:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":"":0:PSA_ERROR_INVALID_SIGNATURE
+
PSA Multipart AEAD verify, AES - GCM, invalid signature
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_verify:PSA_KEY_TYPE_AES:"fe96eab10ff48c7942025422583d0377":PSA_ALG_GCM:"97ce3f848276783599c6875de324361e":"127628b6dcbce6fc8a8ef60798eb67b2088415635119697d20bb878c24d9c6f9c29e148521cb5e0feff892c7855d4f1c0bfb32ad33420976714dce87a0bbc18e4378bd1ef35197d0ca73051148f1199010f63caf122df5f71ad8d9c71df3eb2fbe3b2529d0ba657570358d3776f687bdb9c96d5e0e9e00c4b42d5d7a268d6a08":"12195120056ca3cac70d583603a476821bac6c57c9733b81cfb83538dc9e850f8bdf46065069591c23ebcbc6d1e2523375fb7efc80c09507fa25477ed07cee54fc4eb90168b3ef988f651fc40652474a644b1b311decf899660aef2347bb081af48950f06ebf799911e37120de94c55c20e5f0a77119be06e2b6e557f872fa0f":"6bac793bdc2190a195122c98544ccf56":1:PSA_ERROR_INVALID_SIGNATURE
@@ -3299,6 +3411,22 @@
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_INVALID_SIGNATURE
+PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 13 / Expect 13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:13:13:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_SUCCESS
+
+PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 12 / Expect 0)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:12:0:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 0 / Expect 0)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:0:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA Multipart Nonce Generation: AES - CCM, NONCE = (Req 16 / Expect 13)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:16:13:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_SUCCESS
+
PSA Multipart Nonce Generation, AES - GCM, NONCE = (Req 12 / Expect 12)
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_generate_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:12:12:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS
@@ -3331,11 +3459,35 @@
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_generate_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:16:12:"":"":PSA_SUCCESS
-PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL)
+PSA Multipart Set Nonce: AES - CCM, NONCE = 0 (NULL)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart Set Nonce: AES - CCM, NONCE = 0 (NON-NULL)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:-1:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart Set Nonce: AES - CCM, NONCE = 6 (too small)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:6:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart Set Nonce: AES - CCM, NONCE = 14 (too long)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:14:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart Set Nonce: AES - CCM_8, NONCE = 6 (too small)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):6:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart Set Nonce: AES - CCM_8, NONCE = 14 (too long)
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,8):14:"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":PSA_ERROR_INVALID_ARGUMENT
+
+PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (NULL) (too small)
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:0:"":"":PSA_ERROR_INVALID_ARGUMENT
-PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL)
+PSA Multipart Set Nonce, AES - GCM, NONCE = 0 (Non-NULL) (too small)
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:-1:"":"":PSA_ERROR_INVALID_ARGUMENT
@@ -3347,11 +3499,11 @@
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_GCM:20:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS
-PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (NULL)
+PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (NULL) (too small)
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):0:"":"":PSA_ERROR_INVALID_ARGUMENT
-PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL)
+PSA Multipart Set Nonce, AES - GCM_12, NONCE = 0 (Non-NULL) (too small)
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):-1:"":"":PSA_ERROR_INVALID_ARGUMENT
@@ -3363,7 +3515,7 @@
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_set_nonce:PSA_KEY_TYPE_AES:"aa740abfadcda779220d3b406c5d7ec09a77fe9d94104539":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM,12):20:"290322092d57479e20f6281e331d95a9":"e7fb0631eebf9bdba87045b33650c4ce":PSA_SUCCESS
-PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11
+PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 11 (too small)
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:11:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_ARGUMENT
@@ -3371,18 +3523,26 @@
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:12:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS
-PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 13
+PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 13 (too big)
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:13:"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_ARGUMENT
-PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (NULL)
+PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (NULL) (too small)
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:0:"":"":PSA_ERROR_INVALID_ARGUMENT
-PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (Non-NULL)
+PSA Multipart Set Nonce: ChaCha20 - Poly1305, NONCE = 0 (Non-NULL) (too small)
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_set_nonce:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:-1:"":"":PSA_ERROR_INVALID_ARGUMENT
+PSA AEAD output buffer test: AES - CCM, IN = 40 BUF = 39
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:39:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA AEAD output buffer test: AES - CCM, IN = 40 BUF = 0
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL
+
PSA AEAD output buffer test: AES - GCM, IN = 16, BUF = 15
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_update_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:15:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_ERROR_BUFFER_TOO_SMALL
@@ -3399,6 +3559,18 @@
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_update_buffer_test:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:0:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":PSA_ERROR_BUFFER_TOO_SMALL
+PSA AEAD finish buffer test: AES - CCM, BUF = 0, TAG = 20
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:20:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_SUCCESS
+
+PSA AEAD finish buffer test: AES - CCM, BUF = 0, TAG = 15
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:15:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL
+
+PSA AEAD finish buffer test: AES - CCM, BUF = 0, TAG = 0
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:0:0:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":PSA_ERROR_BUFFER_TOO_SMALL
+
PSA AEAD finish buffer test: AES - GCM, BUF = 8, TAG = 16
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_finish_buffer_test:PSA_KEY_TYPE_AES:"fbc0b4c56a714c83217b2d1bcadd2ed2e9efb0dcac6cc19f":PSA_ALG_GCM:8:16:"5f4b43e811da9c470d6a9b01":"":"d2ae38c4375954835d75b8e4c2f9bbb4":PSA_SUCCESS
@@ -3439,6 +3611,10 @@
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,12):PSA_ERROR_NOT_SUPPORTED
+PSA AEAD setup: AES - CCM, invalid tag length 18
+depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
+aead_multipart_setup:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM,18):PSA_ERROR_INVALID_ARGUMENT
+
PSA Multipart State Checks, AES - GCM
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_state_test:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":"0C0D0E0F101112131415161718191A1B1C1D1E"
@@ -3528,7 +3704,7 @@
sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b":"6a3399f69421ffe1490377adf2ea1f117d81a63cf5bf22e918d51175eb259151ce95d7c26cc04e25503e2f7a1ec3573e3c2412534bb4a19b3a7811742f49f50f"
PSA sign hash: deterministic ECDSA SECP256R1 SHA-384
-depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384
sign_hash_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f":"cd40ba1b555ca5994d30ddffc4ad734b1f5c604675b0f249814aa5de3992ef3ddf4d5dc5d2aab1979ce210b560754df671363d99795475882894c048e3b986ca"
PSA sign hash: deterministic ECDSA SECP384R1 SHA-256
@@ -3624,11 +3800,11 @@
sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_256 ):"9ac4335b469bbd791439248504dd0d49c71349a295fee5a1c68507f45a9e1c7b"
PSA sign/verify hash: randomized ECDSA SECP256R1 SHA-384
-depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
PSA sign/verify hash: deterministic ECDSA SECP256R1 SHA-384
-depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
sign_verify_hash:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA( PSA_ALG_SHA_384 ):"59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f"
PSA sign/verify hash: randomized ECDSA SECP384R1 SHA-256
@@ -3648,7 +3824,7 @@
verify_hash:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311"
PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong hash length
-depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PKCS1V15_SIGN:PSA_WANT_ALG_SHA_1:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_1
verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_1):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"a73664d55b39c7ea6c1e5b5011724a11e1d7073d3a68f48c836fad153a1d91b6abdbc8f69da13b206cc96af6363b114458b026af14b24fab8929ed634c6a2acace0bcc62d9bb6a984afbcbfcd3a0608d32a2bae535b9cd1ecdf9dd281db1e0025c3bfb5512963ec3b98ddaa69e38bc3c84b1b61a04e5648640856aacc6fc7311":PSA_ERROR_INVALID_ARGUMENT
PSA verify hash: RSA PKCS#1 v1.5 SHA-256, wrong signature (same size)
@@ -3704,35 +3880,35 @@
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"44a09fa66f1b2e790474960e90517e418747cfcd18423dff957516a598569d74f26ef1eae4a200d12d801e16fc6fde375330c79c0d8430825e0a7f69c664faefccfa25e7fbfc68af02af0f67fe4c49f68f6abc68c8f66d3fd77fc838961f4415827340c66e39c79ed7dae0738c08ce8272aebe50c72e31994b9b6db640b51800"
PSA verify hash: RSA-1024 PSS SHA-512, slen=61 (bad)
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a":PSA_ERROR_INVALID_SIGNATURE
PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=61
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"23f5b30c8d612d8f31206c177ac2023c4f44754d03c7ff67daff99f24fa369b3e5f7c15b228a4417a1ff1c93fb8d645d619c2f4f559ac6c7f7bac20ba9df32353d19941265a4e74261adaf45d48682c0bc86cea6128f11ad172ff461fb1d97bded615861843996e2a98e7b8313b695519d001ae35305d6cbf3c0ee6c7ab06d1a"
PSA verify hash: RSA-1024 PSS SHA-512, slen=62
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4"
PSA verify hash: RSA-1024 PSS-any-salt SHA-512, slen=62
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"6b215d77cf88b2d08be53b4f3ac6e72ebfbf7e0dc6c1e77b238cfb661c247a011b8746709fbefe4bc05d37343391683e9489d720ecbb7df37f4e36967918958996939461703465c2014a4c12faf875f8def70070e55b765b165c7e9c6f2eb05c98351b1e82219c31a2fb3ddce05f8988f552ff92f0b3471f63c0e53824c550a4"
PSA verify hash: RSA-528 PSS SHA-512, slen=0
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955"
PSA verify hash: RSA-528 PSS-any-salt SHA-512, slen=0
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"304a024300e31c246d46485984261fd174cab3d4357344602ecd793c47dbe54252d37bb350bc634359b19515542080e4724a4b672291be57c7648f51629eaef234e847d99cc65f0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"a14ad0fef77d36c28658a66129ee632e40e1032003eefe7fcda8e52b06675a051c80b2ca1cb99ed0762e90c9a48c434cd1063638eed7895a9c770e5435af750a1955"
PSA verify hash: RSA-520 PSS SHA-512 (hash too large)
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT
PSA verify hash: RSA-520 PSS-any-salt SHA-512 (hash too large)
-depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_PSS:PSA_WANT_ALG_SHA_512:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_512
verify_hash_fail:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"3049024200d5a06f86e5b9d87428540165ca966fa8893a62e2a59d0bfd7617780bb039f9165a373a8e119d0766f8de556710f33f67019153bad8223775e797d451d48206f3bf0203010001":PSA_ALG_RSA_PSS_ANY_SALT(PSA_ALG_SHA_512):"ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f":"deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead42":PSA_ERROR_INVALID_ARGUMENT
PSA verify hash: RSA PSS SHA-256, wrong hash length (0 bytes)
@@ -3796,7 +3972,7 @@
sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256):"616263":"36e5b5a7da1c9c265dc447de3a5a704fcb8c03f7a3749dde48d84c9bf736fc1ed48d8b3660e7d3cbc6b1870730b7ce2a043f69e37ccb340b98d1e65184e03548"
PSA sign message: deterministic ECDSA SECP256R1 SHA-384
-depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384
sign_message_deterministic:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263":"7ea712a20e3a8cbe0c6e64195362ba7635bbe78af51ddedd7a5fd858395250c592654c35d3b0614ae0e3b329c25cf5b4a5fcb243af3e3ad15c8446fe401be066"
PSA sign message: deterministic ECDSA SECP384R1 SHA-256
@@ -3916,7 +4092,7 @@
sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_ECDSA(PSA_ALG_SHA_384):"616263"
PSA sign/verify message: deterministic ECDSA SECP256R1 SHA-384
-depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_DETERMINISTIC_ECDSA:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_MD_C:MBEDLTS_PSA_BUILTIN_ALG_SHA_384
sign_verify_message:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"ab45435712649cb30bbddac49197eebf2740ffc7f874d9244c3460f54f322d3a":PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_384):"616263"
PSA sign/verify message: randomized ECDSA SECP384R1 SHA-256
@@ -4052,11 +4228,11 @@
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-384, good
-depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"":128:PSA_SUCCESS
PSA encrypt: RSA OAEP-SHA-384, good, with label
-depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":"746869730069730061006c6162656c00":128:PSA_SUCCESS
PSA encrypt: RSA PKCS#1 v1.5, key pair
@@ -4076,7 +4252,7 @@
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_PKCS1V15_CRYPT:"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: RSA OAEP-SHA-384, input too large
-depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
asymmetric_encrypt:PSA_KEY_TYPE_RSA_PUBLIC_KEY:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"":0:PSA_ERROR_INVALID_ARGUMENT
PSA encrypt: invalid algorithm
@@ -4104,7 +4280,7 @@
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"746869730069730061006c6162656c00"
PSA encrypt-decrypt: RSA OAEP-SHA-384
-depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
asymmetric_encrypt_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e":""
PSA decrypt: RSA PKCS#1 v1.5: good #1
@@ -4140,7 +4316,7 @@
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"46edc9984a6d4b7c7fd88fda9ea91ddbd30b28a0793cc75a9fcdd94d867c69090a697d46a6f336a3e48a122dd3ee3b51566b445ff78adb613d09b7d8c59c25a27d8cf7f5e36455f2e71ff6c6ee98d5740e66b23794acc72906561951c2be5064f6a250646ab627ecbfa48c02f82c29fe9b8c8e6be8eb752432124974373b542c":"746869730069730061006c6162656c00":"74686973206973206e6f2073717565616d697368206f7373696672616765"
PSA decrypt: RSA OAEP-SHA-384, 30 bytes
-depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C
+depends_on:PSA_WANT_ALG_RSA_OAEP:PSA_WANT_ALG_SHA_384:PSA_WANT_KEY_TYPE_RSA_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_MD_C:MBEDTLS_PSA_BUILTIN_ALG_SHA_384
asymmetric_decrypt:PSA_KEY_TYPE_RSA_KEY_PAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_384):"0df6750b8fed749359c016887d2cf097cc512c065526a91a7ee9b345a1bfff833737e7326e54d03f6bb65971962885a7661a16858d53ea55821052f4c7798d395b5c5495332fd4174451a1a437f36c27f446b96f309ff1cb6837274aa8ae2b51a8a479d736d25b8d2ca8ab96fe589553a3e52818b7df75544eb5469977b29aa4":"":"74686973206973206e6f2073717565616d697368206f7373696672616765"
PSA decrypt: RSA OAEP-SHA-256, 30 bytes, wrong label (should be empty)
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index d28de0c..b6222b9 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -4073,12 +4073,13 @@
TEST_EQUAL( actual_nonce_length, PSA_AEAD_NONCE_LENGTH( key_type,
alg ) );
- TEST_ASSERT( actual_nonce_length < PSA_AEAD_NONCE_MAX_SIZE );
+ TEST_ASSERT( actual_nonce_length <= PSA_AEAD_NONCE_MAX_SIZE );
if( expected_status == PSA_SUCCESS )
{
-
/* Ensure we can still complete operation. */
+ PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len,
+ input_data->len ) );
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
@@ -4191,6 +4192,8 @@
if( expected_status == PSA_SUCCESS )
{
/* Ensure we can still complete operation. */
+ PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len,
+ input_data->len ) );
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
@@ -4269,6 +4272,9 @@
PSA_ASSERT( status );
+ PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len,
+ input_data->len ) );
+
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
@@ -4357,6 +4363,9 @@
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
+ PSA_ASSERT( psa_aead_set_lengths( &operation, additional_data->len,
+ input_data->len ) );
+
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
@@ -4442,6 +4451,20 @@
PSA_ASSERT( psa_aead_set_nonce( &operation, nonce->x, nonce->len ) );
+ status = psa_aead_set_lengths( &operation, additional_data->len,
+ input_data->len );
+
+ if( status != PSA_SUCCESS )
+ {
+ /* Invalid tag lengths are detected in CCM at this point, as they
+ * would be written into the first block. They should really be
+ * detected in psa_aead_encrypt/decrypt_setup, and will be fixed
+ * to do so in the future, until that point, this is a
+ * workaround.*/
+ TEST_EQUAL( status, expected_status );
+ goto exit;
+ }
+
PSA_ASSERT( psa_aead_update_ad( &operation, additional_data->x,
additional_data->len ) );
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index ead7a69..ea6c9b3 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -90,11 +90,11 @@
validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through transparent driver: fallback private key
-depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
validate key through transparent driver: fallback public key
-depends_on:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
validate key through transparent driver: error
@@ -110,7 +110,7 @@
export_key:PSA_SUCCESS:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
export_key private to public through driver: fallback
-depends_on:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:PSA_WANT_ECC_SECP_R1_256
+depends_on:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_ECC_PUBLIC_KEY:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
export_key:PSA_ERROR_NOT_SUPPORTED:"":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"047772656f814b399279d5e1f1781fac6f099a3c5ca1b0e35351834b08b65e0b572590cdaf8f769361bcf34acfc11e5e074e8426bdde04be6e653945449617de45":PSA_SUCCESS
export_key private to public through driver: error
@@ -126,11 +126,11 @@
cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
PSA symmetric encrypt validation: AES-CTR, 16 bytes, fallback
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES
cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e117393172a"
PSA symmetric encrypt validation: AES-CTR, 15 bytes, fallback
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES
cipher_encrypt_validation:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"6bc1bee22e409f96e93d7e11739317"
PSA symmetric encrypt multipart: AES-CTR, 16 bytes, good
@@ -162,7 +162,7 @@
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_SUCCESS:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fallback
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_BUILTIN_CIPHER
+depends_on:MBEDTLS_PSA_BUILTIN_ALG_CTR:MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES
cipher_decrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"396ee84fb75fdbb5c2b13c7fe5a654aa":"dd3b5e5319b7591daab1e1a92687feb2":0:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA symmetric decrypt: AES-CTR, 16 bytes, fake
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index bc6ff34..8b7f413 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -312,7 +312,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */
+/* BEGIN_CASE */
void validate_key( int force_status_arg,
int key_type_arg,
data_t *key_input,
@@ -348,7 +348,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ECC_SECP_R1_256 */
+/* BEGIN_CASE */
void export_key( int force_status_arg,
data_t *fake_output,
int key_in_type_arg,
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index 4ef54f5..10171eb 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -236,7 +236,7 @@
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:0
Handshake, PSK-WITH-AES-128-CBC-SHA
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA1_C
handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":0
DTLS Handshake, tls1_2
@@ -264,7 +264,7 @@
handshake_cipher:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_PK_ECDSA:1
DTLS Handshake, PSK-WITH-AES-128-CBC-SHA
-depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
+depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SHA1_C
handshake_psk_cipher:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_PK_RSA:"abc123":1
DTLS Handshake with serialization, tls1_2
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index c1bc17c..e035a48 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -4332,7 +4332,7 @@
corrupt_config == 1 };
mbedtls_ssl_session_init( &session );
- ssl_populate_session_tls12( &session, 0, NULL );
+ TEST_ASSERT( ssl_populate_session_tls12( &session, 0, NULL ) == 0 );
/* Infer length of serialized session. */
TEST_ASSERT( mbedtls_ssl_session_save( &session,
@@ -4904,7 +4904,7 @@
mbedtls_ssl_context ssl;
mbedtls_ssl_init( &ssl );
- mbedtls_ssl_setup( &ssl, &conf );
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
TEST_ASSERT( ssl.handshake != NULL && ssl.handshake->group_list != NULL );
TEST_ASSERT( ssl.conf != NULL && ssl.conf->group_list == NULL );
@@ -4937,7 +4937,7 @@
mbedtls_ssl_context ssl;
mbedtls_ssl_init( &ssl );
- mbedtls_ssl_setup( &ssl, &conf );
+ TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
TEST_ASSERT( ssl.conf != NULL && ssl.conf->group_list != NULL );
