Merge pull request #4707 from gilles-peskine-arm/require-matching-hashlen-rsa-implementation
Require matching hashlen in RSA functions: implementation
diff --git a/ChangeLog b/ChangeLog
index ddaf3fd..fcd8427 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,8 +32,6 @@
* Drop support for parsing SSLv2 ClientHello
(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO).
* Drop support for SSLv3 (MBEDTLS_SSL_PROTO_SSL3).
- * Drop support for compatibility with our own previous buggy
- implementation of truncated HMAC (MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT).
* Drop support for TLS record-level compression (MBEDTLS_ZLIB_SUPPORT).
* Drop support for RC4 TLS ciphersuites.
* Drop support for single-DES ciphersuites.
@@ -83,8 +81,12 @@
in line with version 1.0.0 of the specification. Fix #4162.
* Fix a bug in ECDSA that would cause it to fail when the hash is all-bits
zero. Fixes #1792
- * mbedtls_mpi_read_string on "-0" produced an MPI object that was not treated
- as equal to 0 in all cases. Fix it to produce the same object as "0".
+ * Fix some cases in the bignum module where the library constructed an
+ unintended representation of the value 0 which was not processed
+ correctly by some bignum operations. This could happen when
+ mbedtls_mpi_read_string() was called on "-0", or when
+ mbedtls_mpi_mul_mpi() and mbedtls_mpi_mul_int() was called with one of
+ the arguments being negative and the other being 0. Fixes #4643.
Changes
* Fix the setting of the read timeout in the DTLS sample programs.
diff --git a/ChangeLog.d/default-curves.txt b/ChangeLog.d/default-curves.txt
new file mode 100644
index 0000000..bfb0fd0
--- /dev/null
+++ b/ChangeLog.d/default-curves.txt
@@ -0,0 +1,9 @@
+Default behavior changes
+ * Some default policies for X.509 certificate verification and TLS have
+ changed: curves and hashes weaker than 255 bits are no longer accepted
+ by default. The default order in TLS now favors faster curves over larger
+ curves.
+
+Removals
+ * Remove the compile-time option
+ MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE.
diff --git a/ChangeLog.d/ecp-window-size.txt b/ChangeLog.d/ecp-window-size.txt
new file mode 100644
index 0000000..909d4e8
--- /dev/null
+++ b/ChangeLog.d/ecp-window-size.txt
@@ -0,0 +1,3 @@
+Changes
+ * Reduce the default value of MBEDTLS_ECP_WINDOW_SIZE. This reduces RAM usage
+ during ECC operations at a negligible performance cost.
diff --git a/ChangeLog.d/gcm-update.txt b/ChangeLog.d/gcm-update.txt
index 0fffd09..858bd0a 100644
--- a/ChangeLog.d/gcm-update.txt
+++ b/ChangeLog.d/gcm-update.txt
@@ -15,3 +15,5 @@
* The multi-part GCM interface (mbedtls_gcm_update() or
mbedtls_cipher_update()) no longer requires the size of partial inputs to
be a multiple of 16.
+ * The multi-part GCM interface now supports chunked associated data through
+ multiple calls to mbedtls_gcm_update_ad().
diff --git a/ChangeLog.d/issue4083.txt b/ChangeLog.d/issue4083.txt
new file mode 100644
index 0000000..8457337
--- /dev/null
+++ b/ChangeLog.d/issue4083.txt
@@ -0,0 +1,4 @@
+Removals
+ * Remove the following functions: mbedtls_timing_self_test(),
+ mbedtls_hardclock_poll(), mbedtls_timing_hardclock() and
+ mbedtls_set_alarm(). Fixes #4083.
diff --git a/ChangeLog.d/issue4084.txt b/ChangeLog.d/issue4084.txt
new file mode 100644
index 0000000..75273c1
--- /dev/null
+++ b/ChangeLog.d/issue4084.txt
@@ -0,0 +1,4 @@
+Removals
+ * Remove all support for MD2, MD4, RC4, Blowfish and XTEA. This removes the
+ corresponding modules and all their APIs and related configuration
+ options. Fixes #4084.
diff --git a/ChangeLog.d/issue4176.txt b/ChangeLog.d/issue4176.txt
new file mode 100644
index 0000000..ddca37f
--- /dev/null
+++ b/ChangeLog.d/issue4176.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix a resource leak in a test suite with an alternative AES
+ implementation. Fixes #4176.
diff --git a/ChangeLog.d/issue4212.txt b/ChangeLog.d/issue4212.txt
new file mode 100644
index 0000000..9e72ca9
--- /dev/null
+++ b/ChangeLog.d/issue4212.txt
@@ -0,0 +1,6 @@
+API changes
+ * In modules that implement cryptographic hash functions, many functions
+ mbedtls_xxx() now return int instead of void, and the corresponding
+ function mbedtls_xxx_ret() which was identical except for returning int
+ has been removed. This also concerns mbedtls_xxx_drbg_update(). See the
+ migration guide for more information. Fixes #4212.
diff --git a/ChangeLog.d/key-export.txt b/ChangeLog.d/key-export.txt
new file mode 100644
index 0000000..2fc01a4
--- /dev/null
+++ b/ChangeLog.d/key-export.txt
@@ -0,0 +1,10 @@
+API changes
+ * mbedtls_ssl_conf_export_keys_ext_cb() and
+ mbedtls_ssl_conf_export_keys_cb() have been removed and
+ replaced by a new API mbedtls_ssl_set_export_keys_cb().
+ Raw keys and IVs are no longer passed to the callback.
+ Further, callbacks now receive an additional parameter
+ indicating the type of secret that's being exported,
+ paving the way for the larger number of secrets
+ in TLS 1.3. Finally, the key export callback and
+ context are now connection-specific.
diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt
new file mode 100644
index 0000000..39ee335
--- /dev/null
+++ b/ChangeLog.d/mandatory-rng-param.txt
@@ -0,0 +1,14 @@
+API changes
+ * For all functions that take a random number generator (RNG) as a
+ parameter, this parameter is now mandatory (that is, NULL is not an
+ acceptable value). Functions which previously accepted NULL and now
+ reject it are: the X.509 CRT and CSR writing functions; the PK and RSA
+ sign and decrypt function; mbedtls_rsa_private(); the functions
+ in DHM and ECDH that compute the shared secret; the scalar multiplication
+ functions in ECP.
+ * The following functions now require an RNG parameter:
+ mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(),
+ mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile().
+Removals
+ * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as
+ it no longer had any effect.
diff --git a/ChangeLog.d/mbedtls_debug_print_mpi.txt b/ChangeLog.d/mbedtls_debug_print_mpi.txt
new file mode 100644
index 0000000..d1b4f5b
--- /dev/null
+++ b/ChangeLog.d/mbedtls_debug_print_mpi.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * Fix a crash in mbedtls_mpi_debug_mpi on a bignum having 0 limbs. This
+ could notably be triggered by setting the TLS debug level to 3 or above
+ and using a Montgomery curve for the key exchange. Reported by lhuang04
+ in #4578. Fixes #4608.
diff --git a/ChangeLog.d/mpi_exp_mod-zero.txt b/ChangeLog.d/mpi_exp_mod-zero.txt
new file mode 100644
index 0000000..9df9031
--- /dev/null
+++ b/ChangeLog.d/mpi_exp_mod-zero.txt
@@ -0,0 +1,7 @@
+Bugfix
+ * Fix a null pointer dereference when mbedtls_mpi_exp_mod() was called with
+ A=0 represented with 0 limbs. Up to and including Mbed TLS 2.26, this bug
+ could not be triggered by code that constructed A with one of the
+ mbedtls_mpi_read_xxx functions (including in particular TLS code) since
+ those always built an mpi object with at least one limb.
+ Credit to OSS-Fuzz. Fixes #4641.
diff --git a/ChangeLog.d/mpi_gcd-0.txt b/ChangeLog.d/mpi_gcd-0.txt
new file mode 100644
index 0000000..41e11e1
--- /dev/null
+++ b/ChangeLog.d/mpi_gcd-0.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Fix mbedtls_mpi_gcd(G,A,B) when the value of B is zero. This had no
+ effect on Mbed TLS's internal use of mbedtls_mpi_gcd(), but may affect
+ applications that call mbedtls_mpi_gcd() directly. Fixes #4642.
diff --git a/ChangeLog.d/mpi_read_zero.txt b/ChangeLog.d/mpi_read_zero.txt
new file mode 100644
index 0000000..0c25159
--- /dev/null
+++ b/ChangeLog.d/mpi_read_zero.txt
@@ -0,0 +1,9 @@
+Changes
+ * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and
+ mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
+ when their input has length 0. Note that this is an implementation detail
+ and can change at any time, so this change should be transparent, but it
+ may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string()
+ now writing an empty string where it previously wrote one or more
+ zero digits when operating from values constructed with an mpi_read
+ function and some mpi operations.
diff --git a/ChangeLog.d/one-shot-mac.txt b/ChangeLog.d/one-shot-mac.txt
new file mode 100644
index 0000000..112891d
--- /dev/null
+++ b/ChangeLog.d/one-shot-mac.txt
@@ -0,0 +1,3 @@
+Features
+ * Implement psa_mac_compute() and psa_mac_verify() as defined in the
+ PSA Cryptograpy API 1.0.0 specification.
diff --git a/ChangeLog.d/psa-read-only-keys.txt b/ChangeLog.d/psa-read-only-keys.txt
new file mode 100644
index 0000000..a4a2823
--- /dev/null
+++ b/ChangeLog.d/psa-read-only-keys.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * The PSA API no longer allows the creation or destruction of keys with a
+ read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY
+ can now only be used as intended, for keys that cannot be modified through
+ normal use of the API.
diff --git a/ChangeLog.d/psa_key_derivation-bad_workflow.txt b/ChangeLog.d/psa_key_derivation-bad_workflow.txt
new file mode 100644
index 0000000..7fd03e6
--- /dev/null
+++ b/ChangeLog.d/psa_key_derivation-bad_workflow.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
+ about missing inputs.
diff --git a/ChangeLog.d/remove-rsa-mode-parameter.txt b/ChangeLog.d/remove-rsa-mode-parameter.txt
index 854dda3..2590d3a 100644
--- a/ChangeLog.d/remove-rsa-mode-parameter.txt
+++ b/ChangeLog.d/remove-rsa-mode-parameter.txt
@@ -6,4 +6,3 @@
decryption functions now always use the private key and verification and
encryption use the public key. Verification functions also no longer have
RNG parameters.
- * The RNG is now mandatory for all private-key RSA operations.
diff --git a/ChangeLog.d/rm-truncated-hmac-ext.txt b/ChangeLog.d/rm-truncated-hmac-ext.txt
new file mode 100644
index 0000000..3739256
--- /dev/null
+++ b/ChangeLog.d/rm-truncated-hmac-ext.txt
@@ -0,0 +1,5 @@
+Removals
+ * Remove MBEDTLS_SSL_TRUNCATED_HMAC and also remove
+ MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT config option. Users are better served by
+ using a CCM-8 ciphersuite than a CBC ciphersuite with truncated HMAC.
+ See issue #4341 for more details.
diff --git a/ChangeLog.d/winsock.txt b/ChangeLog.d/winsock.txt
new file mode 100644
index 0000000..0b42e69
--- /dev/null
+++ b/ChangeLog.d/winsock.txt
@@ -0,0 +1,4 @@
+Bugfix
+ * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
+ MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
+
diff --git a/configs/config-symmetric-only.h b/configs/config-symmetric-only.h
index 29e77b5..5b10063 100644
--- a/configs/config-symmetric-only.h
+++ b/configs/config-symmetric-only.h
@@ -47,11 +47,9 @@
/* Mbed Crypto modules */
#define MBEDTLS_AES_C
-#define MBEDTLS_ARC4_C
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C
#define MBEDTLS_BASE64_C
-#define MBEDTLS_BLOWFISH_C
#define MBEDTLS_CAMELLIA_C
#define MBEDTLS_ARIA_C
#define MBEDTLS_CCM_C
@@ -68,8 +66,6 @@
#define MBEDTLS_HMAC_DRBG_C
#define MBEDTLS_NIST_KW_C
#define MBEDTLS_MD_C
-#define MBEDTLS_MD2_C
-#define MBEDTLS_MD4_C
#define MBEDTLS_MD5_C
#define MBEDTLS_OID_C
#define MBEDTLS_PEM_PARSE_C
@@ -94,7 +90,6 @@
//#define MBEDTLS_THREADING_C
#define MBEDTLS_TIMING_C
#define MBEDTLS_VERSION_C
-#define MBEDTLS_XTEA_C
#include "mbedtls/config_psa.h"
diff --git a/docs/3.0-migration-guide.d/default-curves.md b/docs/3.0-migration-guide.d/default-curves.md
new file mode 100644
index 0000000..928130d
--- /dev/null
+++ b/docs/3.0-migration-guide.d/default-curves.md
@@ -0,0 +1,25 @@
+Strengthen default algorithm selection for X.509 and TLS
+--------------------------------------------------------
+
+The default X.509 verification profile (`mbedtls_x509_crt_profile_default`) and the default curve and hash selection in TLS have changed. They are now aligned, except that the X.509 profile only lists curves that support signature verification.
+
+Hashes and curves weaker than 255 bits (security strength less than 128 bits) are no longer accepted by default. The following hashes have been removed: SHA-1 (formerly only accepted for key exchanges but not for certificate signatures), SHA-224 (weaker hashes were already not accepted). The following curves have been removed: secp192r1, secp224r1, secp192k1, secp224k1.
+
+The compile-time options `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` and `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE` are no longer available.
+
+The curve secp256k1 has also been removed from the default X.509 and TLS profiles. [RFC 8422](https://datatracker.ietf.org/doc/html/rfc8422#section-5.1.1) deprecates it in TLS, and it is very rarely used, although it is not known to be weak at the time of writing.
+
+If you still need to accept certificates signed with algorithms that have been removed from the default profile, call `mbedtls_x509_crt_verify_with_profile` instead of `mbedtls_x509_crt_verify` and pass a profile that allows the curves and hashes you want. For example, to allow SHA-224:
+```
+mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default;
+my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 );
+```
+
+If you still need to allow hashes and curves in TLS that have been removed from the default configuration, call `mbedtls_ssl_conf_sig_hashes()` and `mbedtls_ssl_conf_curves()` with the desired lists.
+
+TLS now favors faster curves over larger curves
+-----------------------------------------------
+
+The default preference order for curves in TLS now favors resource usage (performance and memory consumption) over size. The exact order is unspecified and may change, but generally you can expect 256-bit curves to be preferred over larger curves.
+
+If you prefer a different order, call `mbedtls_ssl_conf_curves()` when configuring a TLS connection.
diff --git a/docs/3.0-migration-guide.d/gcm-multipart.md b/docs/3.0-migration-guide.d/gcm-multipart.md
index 98e9fad..ebc6397 100644
--- a/docs/3.0-migration-guide.d/gcm-multipart.md
+++ b/docs/3.0-migration-guide.d/gcm-multipart.md
@@ -6,7 +6,6 @@
Applications using one-shot GCM or using GCM via the `mbedtls_cipher_xxx` or `psa_aead_xxx` interfaces do not require any changes.
* `mbedtls_gcm_starts()` now only sets the mode and the nonce (IV). Call the new function `mbedtls_gcm_update_ad()` to pass the associated data.
-* The current implementation has a limitation that `mbedtls_gcm_update_ad()` may only be called once. This limitation will be lifted shortly; watch https://github.com/ARMmbed/mbedtls/issues/4351 for updates.
* `mbedtls_gcm_update()` now takes an extra parameter to indicate the actual output length. In Mbed TLS 2.x, applications had to pass inputs consisting of whole 16-byte blocks except for the last block (this limitation has been lifted). In this case:
* As long as the input remains block-aligned, the output length is exactly the input length, as before.
* If the length of the last input is not a multiple of 16, alternative implementations may return the last partial block in the call to `mbedtls_gcm_finish()` instead of returning it in the last call to `mbedtls_gcm_update()`.
diff --git a/docs/3.0-migration-guide.d/key-export.md b/docs/3.0-migration-guide.d/key-export.md
new file mode 100644
index 0000000..f8b3505
--- /dev/null
+++ b/docs/3.0-migration-guide.d/key-export.md
@@ -0,0 +1,36 @@
+SSL key export interface change
+-------------------------------
+
+This affects users of the SSL key export APIs:
+```
+ mbedtls_ssl_conf_export_keys_cb()
+ mbedtls_ssl_conf_export_keys_ext_cb()
+```
+
+Those APIs have been removed and replaced by the new API
+`mbedtls_ssl_set_export_keys_cb()`. This API differs from
+the previous key export API in the following ways:
+
+- It is no longer bound to an SSL configuration, but to an
+ SSL context. This allows users to more easily identify the
+ connection an exported key belongs to.
+- It no longer exports raw keys and IV.
+- A secret type parameter has been added to identify which key
+ is being exported. For TLS 1.2, only the master secret is
+ exported, but upcoming TLS 1.3 support will add other kinds of keys.
+- The callback now specifies a void return type, rather than
+ returning an error code. It is the responsibility of the application
+ to handle failures in the key export callback, for example by
+ shutting down the TLS connection.
+
+For users which do not rely on raw keys and IV, adjusting to the new
+callback type should be straightforward - see the example programs
+programs/ssl/ssl_client2 and programs/ssl/ssl_server2 for callbacks
+for NSSKeylog, EAP-TLS and DTLS-SRTP.
+
+Users which require access to the raw keys used to secure application
+traffic may derive those by hand based on the master secret and the
+handshake transcript hashes which can be obtained from the raw data
+on the wire. Such users are also encouraged to reach out to the
+Mbed TLS team on the mailing list, to let the team know about their
+use case.
diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md
new file mode 100644
index 0000000..f6aba08
--- /dev/null
+++ b/docs/3.0-migration-guide.d/mandatory-rng-param.md
@@ -0,0 +1,40 @@
+The RNG parameter is now mandatory for all functions that accept one
+--------------------------------------------------------------------
+
+This change affects all users who called a function accepting a `f_rng`
+parameter with `NULL` as the value of this argument; this is no longer
+supported.
+
+The changed functions are: the X.509 CRT and CSR writing functions; the PK and
+RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM
+and ECDH that compute the shared secret; the scalar multiplication functions in
+ECP.
+
+You now need to pass a properly seeded, cryptographically secure RNG to all
+functions that accept a `f_rng` parameter. It is of course still possible to
+pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a
+context.
+
+Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT`
+configuration options) may have their own internal and are free to ignore the
+`f_rng` argument but must allow users to pass one anyway.
+
+Some functions gained an RNG parameter
+--------------------------------------
+
+This affects users of the following functions: `mbedtls_ecp_check_pub_priv()`,
+`mbedtls_pk_check_pair()`, `mbedtls_pk_parse_key()`, and
+`mbedtls_pk_parse_keyfile()`.
+
+You now need to pass a properly seeded, cryptographically secure RNG when
+calling these functions. It is used for blinding, a counter-measure against
+side-channel attacks.
+
+The configuration option `MBEDTLS_ECP_NO_INTERNAL_RNG` was removed
+------------------------------------------------------------------
+
+This doesn't affect users of the default configuration; it only affects people
+who were explicitly setting this option.
+
+This was a trade-off between code size and counter-measures; it is no longer
+relevant as the counter-measure is now always on at no cost in code size.
diff --git a/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md
new file mode 100644
index 0000000..fa61e27
--- /dev/null
+++ b/docs/3.0-migration-guide.d/move_part_of_timing_module_out_of_the_library.md
@@ -0,0 +1,9 @@
+Move part of timing module out of the library
+--
+
+The change affects users who use any of the following functions:
+`mbedtls_timing_self_test()`, `mbedtls_hardclock_poll()`,
+`mbedtls_timing_hardclock()` and `mbedtls_set_alarm()`.
+
+If you were relying on these functions, you'll now need to change to using your
+platform's corresponding functions directly.
diff --git a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
index e400650..d21d5ed 100644
--- a/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
+++ b/docs/3.0-migration-guide.d/remove-rsa-mode-parameter.md
@@ -19,11 +19,3 @@
was only needed when using a private key). This affects all applications using
the RSA verify functions.
-RNG is now mandatory in all RSA private key operations
-------------------------------------------------------
-
-The random generator is now mandatory for blinding in all RSA private-key
-operations (`mbedtls_rsa_private`, `mbedtls_rsa_xxx_sign`,
-`mbedtls_rsa_xxx_decrypt`) as well as for encryption
-(`mbedtls_rsa_xxx_encrypt`). This means that passing a null `f_rng` is no longer
-supported.
diff --git a/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md
new file mode 100644
index 0000000..a4a4895
--- /dev/null
+++ b/docs/3.0-migration-guide.d/remove-ssl-get-session_pointer.md
@@ -0,0 +1,23 @@
+Remove the SSL API mbedtls_ssl_get_session_pointer()
+-----------------------------------------------------------------
+
+This affects two classes of users:
+
+1. Users who manually inspect parts of the current session through
+ direct structure field access.
+
+2. Users of session resumption who query the current session
+ via `mbedtls_ssl_get_session_pointer()` prior to saving or exporting
+ it via `mbedtls_ssl_session_copy()` or `mbedtls_ssl_session_save()`,
+ respectively.
+
+Migration paths:
+
+1. Mbed TLS 3.0 does not offer a migration path for the usecase 1: Like many
+ other Mbed TLS structures, the structure of `mbedtls_ssl_session` is no
+ longer part of the public API in Mbed TLS 3.0, and direct structure field
+ access is no longer supported. Please see the corresponding migration guide.
+
+2. Users should replace calls to `mbedtls_ssl_get_session_pointer()` by
+ calls to `mbedtls_ssl_get_session()` as demonstrated in the example
+ program `programs/ssl/ssl_client2.c`.
diff --git a/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md
new file mode 100644
index 0000000..d199f2f
--- /dev/null
+++ b/docs/3.0-migration-guide.d/remove_MD2_MD4_RC4_Blowfish_XTEA.md
@@ -0,0 +1,8 @@
+Remove MD2, MD4, RC4, Blowfish and XTEA algorithms
+--
+
+This change affects users of the MD2, MD4, RC4, Blowfish and XTEA algorithms.
+
+They are already niche or obsolete and most of them are weak or broken. For
+those reasons possible users should consider switching to modern and safe
+alternatives to be found in literature.
diff --git a/docs/3.0-migration-guide.d/rename_the__ret_functions.md b/docs/3.0-migration-guide.d/rename_the__ret_functions.md
new file mode 100644
index 0000000..875164b
--- /dev/null
+++ b/docs/3.0-migration-guide.d/rename_the__ret_functions.md
@@ -0,0 +1,43 @@
+Rename mbedtls_*_ret() cryptography functions whose deprecated variants
+have been removed
+-----------------
+
+This change affects users who were using the `mbedtls_*_ret()` cryptography
+functions.
+
+Those functions were created based on now-deprecated functions according to a
+requirement that a function needs to return a value. This change brings back the
+original names of those functions. The renamed functions are:
+
+| name before this change | after the change |
+|------------------------------|--------------------------|
+| mbedtls_ctr_drbg_update_ret | mbedtls_ctr_drbg_update |
+| mbedtls_hmac_drbg_update_ret | mbedtls_hmac_drbg_update |
+| mbedtls_md5_starts_ret | mbedtls_md5_starts |
+| mbedtls_md5_update_ret | mbedtls_md5_update |
+| mbedtls_md5_finish_ret | mbedtls_md5_finish |
+| mbedtls_md5_ret | mbedtls_md5 |
+| mbedtls_ripemd160_starts_ret | mbedtls_ripemd160_starts |
+| mbedtls_ripemd160_update_ret | mbedtls_ripemd160_update |
+| mbedtls_ripemd160_finish_ret | mbedtls_ripemd160_finish |
+| mbedtls_ripemd160_ret | mbedtls_ripemd160 |
+| mbedtls_sha1_starts_ret | mbedtls_sha1_starts |
+| mbedtls_sha1_update_ret | mbedtls_sha1_update |
+| mbedtls_sha1_finish_ret | mbedtls_sha1_finish |
+| mbedtls_sha1_ret | mbedtls_sha1 |
+| mbedtls_sha256_starts_ret | mbedtls_sha256_starts |
+| mbedtls_sha256_update_ret | mbedtls_sha256_update |
+| mbedtls_sha256_finish_ret | mbedtls_sha256_finish |
+| mbedtls_sha256_ret | mbedtls_sha256 |
+| mbedtls_sha512_starts_ret | mbedtls_sha512_starts |
+| mbedtls_sha512_update_ret | mbedtls_sha512_update |
+| mbedtls_sha512_finish_ret | mbedtls_sha512_finish |
+| mbedtls_sha512_ret | mbedtls_sha512 |
+
+To migrate to the this change the user can keep the `*_ret` names in their code
+and include the `compat_2.x.h` header file which holds macros with proper
+renaming or to rename those function in their code according to the list from
+mentioned header file.
+
+
+
diff --git a/docs/3.0-migration-guide.d/ssl-ticket-api.md b/docs/3.0-migration-guide.d/ssl-ticket-api.md
new file mode 100644
index 0000000..23c53d6
--- /dev/null
+++ b/docs/3.0-migration-guide.d/ssl-ticket-api.md
@@ -0,0 +1,30 @@
+Modified semantics of mbedtls_ssl_{get,set}_session()
+-----------------------------------------------------------------
+
+This affects users who call `mbedtls_ssl_get_session()` or
+`mbedtls_ssl_set_session()` multiple times on the same SSL context
+representing an established TLS 1.2 connection.
+Those users will now observe the second call to fail with
+`MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE`.
+
+Migration path:
+- Exporting the same TLS 1.2 connection multiple times via
+ `mbedtls_ssl_get_session()` leads to multiple copies of
+ the same session. This use of `mbedtls_ssl_get_session()`
+ is discouraged, and the following should be considered:
+ * If the various session copies are later loaded into
+ fresh SSL contexts via `mbedtls_ssl_set_session()`,
+ export via `mbedtls_ssl_get_session()` only once and
+ load the same session into different contexts via
+ `mbedtls_ssl_set_session()`. Since `mbedtls_ssl_set_session()`
+ makes a copy of the session that's being loaded, this
+ is functionally equivalent.
+ * If the various session copies are later serialized
+ via `mbedtls_ssl_session_save()`, export and serialize
+ the session only once via `mbedtls_ssl_get_session()` and
+ `mbedtls_ssl_session_save()` and make copies of the raw
+ data instead.
+- Calling `mbedtls_ssl_set_session()` multiple times in Mbed TLS 2.x
+ is not useful since subsequent calls overwrite the effect of previous
+ calls. Applications achieve equivalent functional behaviour by
+ issuing only the very last call to `mbedtls_ssl_set_session()`.
diff --git a/docs/3.0-migration-guide.md b/docs/3.0-migration-guide.md
index a4a59b8..1541c7a 100644
--- a/docs/3.0-migration-guide.md
+++ b/docs/3.0-migration-guide.md
@@ -22,7 +22,7 @@
Deprecated functions were removed from hashing modules
------------------------------------------------------
-Modules: MD2, MD4, MD5, SHA1, SHA256, SHA512, MD.
+Modules: MD5, SHA1, SHA256, SHA512, MD.
- The functions `mbedtls_xxx_starts()`, `mbedtls_xxx_update()`,
`mbedtls_xxx_finish()` and `mbedtls_xxx()` were removed. Please use the
@@ -65,31 +65,6 @@
function that's now in a private header, please reach out on the mailing list
and explain your need; we'll consider adding a new API in a future version.
-Remove the option to allow SHA-1 by default in certificates
------------------------------------------------------------
-
-This does not affect users who use the default `config.h`, as this option was
-already off by default.
-
-If you used to enable `MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES` in your
-`config.h`, first please take a moment to consider whether you really still
-want to accept certificates signed with SHA-1 as those are considered insecure
-and no CA has issued them for a while. If you really need to allow SHA-1 in
-certificates, please set up a custom profile as follows:
-
-```
-const mbedtls_x509_crt_profile mbedtls_x509_crt_custom = {
- MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
- MBEDTLS_X509_ID_FLAG( /* other hash */ ) /* | etc */,
- 0xFFFFFFF, /* Or specific PK algs */
- 0xFFFFFFF, /* Or specific curves */
- 2048 /* Or another RSA min bitlen */
-};
-```
-Then pass it to `mbedtls_x509_crt_verify_with_profile()` if you're verifying
-a certificate chain directly, or to `mbedtls_ssl_conf_cert_profile()` if the
-verification happens during a TLS handshake.
-
Remove the certs module from the library
----------------------------------------
@@ -137,17 +112,16 @@
to date. If one of your peers is in that case, please try contacting them and
encouraging them to upgrade their software.
-Remove support for compatibility with old Mbed TLS's truncated HMAC
--------------------------------------------------------------------
+Remove support for truncated HMAC
+---------------------------------
-This doesn't affect people using the default configuration as it was already
-disabled by default.
+This affects users of truncated HMAC, that is, users who called
+`mbedtls_ssl_conf_truncated_hmac( ..., MBEDTLS_SSL_TRUNC_HMAC_ENABLED)`,
+regardless of whether the standard version was used or compatibility version
+(`MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT`).
-This only affects TLS users who enabled `MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT` and
-used the Truncated HMAC extension to communicate with peers using old version
-of Mbed TLS. Please consider using a CCM-8 ciphersuite instead of the
-Truncated HMAC extension, or convincing your peer to upgrade their version of
-Mbed TLS.
+The recommended migration path for people who want minimal overhead is to use a
+CCM-8 ciphersuite.
Remove support for TLS record-level compression
-----------------------------------------------
diff --git a/doxygen/input/doc_encdec.h b/doxygen/input/doc_encdec.h
index 46fb04f..96734bd 100644
--- a/doxygen/input/doc_encdec.h
+++ b/doxygen/input/doc_encdec.h
@@ -45,15 +45,11 @@
* - Symmetric:
* - AES (see \c mbedtls_aes_crypt_ecb(), \c mbedtls_aes_crypt_cbc(), \c mbedtls_aes_crypt_cfb128() and
* \c mbedtls_aes_crypt_ctr()).
- * - ARCFOUR (see \c mbedtls_arc4_crypt()).
- * - Blowfish / BF (see \c mbedtls_blowfish_crypt_ecb(), \c mbedtls_blowfish_crypt_cbc(),
- * \c mbedtls_blowfish_crypt_cfb64() and \c mbedtls_blowfish_crypt_ctr())
* - Camellia (see \c mbedtls_camellia_crypt_ecb(), \c mbedtls_camellia_crypt_cbc(),
* \c mbedtls_camellia_crypt_cfb128() and \c mbedtls_camellia_crypt_ctr()).
* - DES/3DES (see \c mbedtls_des_crypt_ecb(), \c mbedtls_des_crypt_cbc(), \c mbedtls_des3_crypt_ecb()
* and \c mbedtls_des3_crypt_cbc()).
* - GCM (AES-GCM and CAMELLIA-GCM) (see \c mbedtls_gcm_init())
- * - XTEA (see \c mbedtls_xtea_crypt_ecb()).
* - Asymmetric:
* - Diffie-Hellman-Merkle (see \c mbedtls_dhm_read_public(), \c mbedtls_dhm_make_public()
* and \c mbedtls_dhm_calc_secret()).
diff --git a/doxygen/input/doc_hashing.h b/doxygen/input/doc_hashing.h
index aaa0c78..931e6e9 100644
--- a/doxygen/input/doc_hashing.h
+++ b/doxygen/input/doc_hashing.h
@@ -34,7 +34,7 @@
* \c mbedtls_md_setup())
*
* The following hashing-algorithms are provided:
- * - MD2, MD4, MD5 128-bit one-way hash functions by Ron Rivest.
+ * - MD5 128-bit one-way hash function by Ron Rivest.
* - SHA-1, SHA-256, SHA-384/512 160-bit or more one-way hash functions by
* NIST and NSA.
*
diff --git a/include/mbedtls/arc4.h b/include/mbedtls/arc4.h
deleted file mode 100644
index 6313651..0000000
--- a/include/mbedtls/arc4.h
+++ /dev/null
@@ -1,142 +0,0 @@
-/**
- * \file arc4.h
- *
- * \brief The ARCFOUR stream cipher
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef MBEDTLS_ARC4_H
-#define MBEDTLS_ARC4_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_ARC4_ALT)
-// Regular implementation
-//
-
-/**
- * \brief ARC4 context structure
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers instead.
- *
- */
-typedef struct mbedtls_arc4_context
-{
- int MBEDTLS_PRIVATE(x); /*!< permutation index */
- int MBEDTLS_PRIVATE(y); /*!< permutation index */
- unsigned char MBEDTLS_PRIVATE(m)[256]; /*!< permutation table */
-}
-mbedtls_arc4_context;
-
-#else /* MBEDTLS_ARC4_ALT */
-#include "arc4_alt.h"
-#endif /* MBEDTLS_ARC4_ALT */
-
-/**
- * \brief Initialize ARC4 context
- *
- * \param ctx ARC4 context to be initialized
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
-
-/**
- * \brief Clear ARC4 context
- *
- * \param ctx ARC4 context to be cleared
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
-
-/**
- * \brief ARC4 key schedule
- *
- * \param ctx ARC4 context to be setup
- * \param key the secret key
- * \param keylen length of the key, in bytes
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
- unsigned int keylen );
-
-/**
- * \brief ARC4 cipher function
- *
- * \param ctx ARC4 context
- * \param length length of the input data
- * \param input buffer holding the input data
- * \param output buffer for the output data
- *
- * \return 0 if successful
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
- unsigned char *output );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. We recommend considering stronger ciphers
- * instead.
- *
- */
-int mbedtls_arc4_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* arc4.h */
diff --git a/include/mbedtls/blowfish.h b/include/mbedtls/blowfish.h
deleted file mode 100644
index e54d491..0000000
--- a/include/mbedtls/blowfish.h
+++ /dev/null
@@ -1,279 +0,0 @@
-/**
- * \file blowfish.h
- *
- * \brief Blowfish block cipher
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef MBEDTLS_BLOWFISH_H
-#define MBEDTLS_BLOWFISH_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#include "mbedtls/platform_util.h"
-
-#define MBEDTLS_BLOWFISH_ENCRYPT 1
-#define MBEDTLS_BLOWFISH_DECRYPT 0
-#define MBEDTLS_BLOWFISH_MAX_KEY_BITS 448
-#define MBEDTLS_BLOWFISH_MIN_KEY_BITS 32
-#define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
-#define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
-
-#define MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA -0x0016 /**< Bad input data. */
-
-#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_BLOWFISH_ALT)
-// Regular implementation
-//
-
-/**
- * \brief Blowfish context structure
- */
-typedef struct mbedtls_blowfish_context
-{
- uint32_t MBEDTLS_PRIVATE(P)[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
- uint32_t MBEDTLS_PRIVATE(S)[4][256]; /*!< key dependent S-boxes */
-}
-mbedtls_blowfish_context;
-
-#else /* MBEDTLS_BLOWFISH_ALT */
-#include "blowfish_alt.h"
-#endif /* MBEDTLS_BLOWFISH_ALT */
-
-/**
- * \brief Initialize a Blowfish context.
- *
- * \param ctx The Blowfish context to be initialized.
- * This must not be \c NULL.
- */
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
-
-/**
- * \brief Clear a Blowfish context.
- *
- * \param ctx The Blowfish context to be cleared.
- * This may be \c NULL, in which case this function
- * returns immediately. If it is not \c NULL, it must
- * point to an initialized Blowfish context.
- */
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
-
-/**
- * \brief Perform a Blowfish key schedule operation.
- *
- * \param ctx The Blowfish context to perform the key schedule on.
- * \param key The encryption key. This must be a readable buffer of
- * length \p keybits Bits.
- * \param keybits The length of \p key in Bits. This must be between
- * \c 32 and \c 448 and a multiple of \c 8.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
- unsigned int keybits );
-
-/**
- * \brief Perform a Blowfish-ECB block encryption/decryption operation.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param mode The mode of operation. Possible values are
- * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
- * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
- * \param input The input block. This must be a readable buffer
- * of size \c 8 Bytes.
- * \param output The output block. This must be a writable buffer
- * of size \c 8 Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
- int mode,
- const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief Perform a Blowfish-CBC buffer encryption/decryption operation.
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param mode The mode of operation. Possible values are
- * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
- * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
- * \param length The length of the input data in Bytes. This must be
- * multiple of \c 8.
- * \param iv The initialization vector. This must be a read/write buffer
- * of length \c 8 Bytes. It is updated by this function.
- * \param input The input data. This must be a readable buffer of length
- * \p length Bytes.
- * \param output The output data. This must be a writable buffer of length
- * \p length Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/**
- * \brief Perform a Blowfish CFB buffer encryption/decryption operation.
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param mode The mode of operation. Possible values are
- * #MBEDTLS_BLOWFISH_ENCRYPT for encryption, or
- * #MBEDTLS_BLOWFISH_DECRYPT for decryption.
- * \param length The length of the input data in Bytes.
- * \param iv_off The offset in the initialiation vector.
- * The value pointed to must be smaller than \c 8 Bytes.
- * It is updated by this function to support the aforementioned
- * streaming usage.
- * \param iv The initialization vector. This must be a read/write buffer
- * of size \c 8 Bytes. It is updated after use.
- * \param input The input data. This must be a readable buffer of length
- * \p length Bytes.
- * \param output The output data. This must be a writable buffer of length
- * \p length Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
-#endif /*MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/**
- * \brief Perform a Blowfish-CTR buffer encryption/decryption operation.
- *
- * \warning You must never reuse a nonce value with the same key. Doing so
- * would void the encryption for the two messages encrypted with
- * the same nonce and key.
- *
- * There are two common strategies for managing nonces with CTR:
- *
- * 1. You can handle everything as a single message processed over
- * successive calls to this function. In that case, you want to
- * set \p nonce_counter and \p nc_off to 0 for the first call, and
- * then preserve the values of \p nonce_counter, \p nc_off and \p
- * stream_block across calls to this function as they will be
- * updated by this function.
- *
- * With this strategy, you must not encrypt more than 2**64
- * blocks of data with the same key.
- *
- * 2. You can encrypt separate messages by dividing the \p
- * nonce_counter buffer in two areas: the first one used for a
- * per-message nonce, handled by yourself, and the second one
- * updated by this function internally.
- *
- * For example, you might reserve the first 4 bytes for the
- * per-message nonce, and the last 4 bytes for internal use. In that
- * case, before calling this function on a new message you need to
- * set the first 4 bytes of \p nonce_counter to your chosen nonce
- * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
- * stream_block to be ignored). That way, you can encrypt at most
- * 2**32 messages of up to 2**32 blocks each with the same key.
- *
- * The per-message nonce (or information sufficient to reconstruct
- * it) needs to be communicated with the ciphertext and must be unique.
- * The recommended way to ensure uniqueness is to use a message
- * counter.
- *
- * Note that for both stategies, sizes are measured in blocks and
- * that a Blowfish block is 8 bytes.
- *
- * \warning Upon return, \p stream_block contains sensitive data. Its
- * content must not be written to insecure storage and should be
- * securely discarded as soon as it's no longer needed.
- *
- * \param ctx The Blowfish context to use. This must be initialized
- * and bound to a key.
- * \param length The length of the input data in Bytes.
- * \param nc_off The offset in the current stream_block (for resuming
- * within current cipher stream). The offset pointer
- * should be \c 0 at the start of a stream and must be
- * smaller than \c 8. It is updated by this function.
- * \param nonce_counter The 64-bit nonce and counter. This must point to a
- * read/write buffer of length \c 8 Bytes.
- * \param stream_block The saved stream-block for resuming. This must point to
- * a read/write buffer of length \c 8 Bytes.
- * \param input The input data. This must be a readable buffer of
- * length \p length Bytes.
- * \param output The output data. This must be a writable buffer of
- * length \p length Bytes.
- *
- * \return \c 0 if successful.
- * \return A negative error code on failure.
- */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output );
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* blowfish.h */
diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h
index 98f5693..9529e2f 100644
--- a/include/mbedtls/ccm.h
+++ b/include/mbedtls/ccm.h
@@ -345,6 +345,9 @@
* \param plaintext_len The length in bytes of the plaintext to encrypt or
* result of the decryption (thus not encompassing the
* additional data that are not encrypted).
+ * \param tag_len The length of the tag to generate in Bytes:
+ * 4, 6, 8, 10, 12, 14 or 16.
+ * For CCM*, zero is also valid.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure:
@@ -353,7 +356,8 @@
*/
int mbedtls_ccm_set_lengths( mbedtls_ccm_context *ctx,
size_t total_ad_len,
- size_t plaintext_len );
+ size_t plaintext_len,
+ size_t tag_len );
/**
* \brief This function feeds an input buffer as associated data
@@ -473,9 +477,8 @@
* \param tag The buffer for holding the tag. If \p tag_len is greater
* than zero, this must be a writable buffer of at least \p
* tag_len Bytes.
- * \param tag_len The length of the tag to generate in Bytes:
- * 4, 6, 8, 10, 12, 14 or 16.
- * For CCM*, zero is also valid.
+ * \param tag_len The length of the tag. Must match the tag length passed to
+ * mbedtls_ccm_set_lengths() function.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CCM_BAD_INPUT on failure:
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 90dee6c..36959ed 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -150,14 +150,6 @@
#error "MBEDTLS_ECP_C defined, but not all prerequisites"
#endif
-#if defined(MBEDTLS_ECP_C) && !( \
- defined(MBEDTLS_ECP_ALT) || \
- defined(MBEDTLS_CTR_DRBG_C) || \
- defined(MBEDTLS_HMAC_DRBG_C) || \
- defined(MBEDTLS_ECP_NO_INTERNAL_RNG))
-#error "MBEDTLS_ECP_C requires a DRBG module unless MBEDTLS_ECP_NO_INTERNAL_RNG is defined or an alternative implementation is used"
-#endif
-
#if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_ASN1_PARSE_C)
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequesites"
#endif
@@ -837,6 +829,10 @@
#error "MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4335"
#endif
+#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) //no-check-names
+#error "MBEDTLS_SSL_TRUNCATED_HMAC was removed in Mbed TLS 3.0. See https://github.com/ARMmbed/mbedtls/issues/4341"
+#endif
+
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
diff --git a/include/mbedtls/cipher.h b/include/mbedtls/cipher.h
index 25e1d8d..99dc7c7 100644
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@@ -45,7 +45,7 @@
#define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif
-#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
+#if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
defined(MBEDTLS_CHACHA20_C)
#define MBEDTLS_CIPHER_MODE_STREAM
#endif
@@ -73,7 +73,7 @@
/**
* \brief Supported cipher types.
*
- * \warning RC4 and DES are considered weak ciphers and their use
+ * \warning DES is considered weak cipher and its use
* constitutes a security risk. Arm recommends considering stronger
* ciphers instead.
*/
@@ -84,8 +84,6 @@
MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */
MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */
MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */
- MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */
- MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */
MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */
MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */
} mbedtls_cipher_id_t;
@@ -93,7 +91,7 @@
/**
* \brief Supported {cipher type, cipher mode} pairs.
*
- * \warning RC4 and DES are considered weak ciphers and their use
+ * \warning DES is considered weak cipher and its use
* constitutes a security risk. Arm recommends considering stronger
* ciphers instead.
*/
@@ -136,11 +134,6 @@
MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */
MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */
MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */
- MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */
- MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */
- MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */
MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */
MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */
MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */
@@ -732,8 +725,6 @@
/**
* \brief This function adds additional data for AEAD ciphers.
* Currently supported with GCM and ChaCha20+Poly1305.
- * This must be called exactly once, after
- * mbedtls_cipher_reset().
*
* \param ctx The generic cipher context. This must be initialized.
* \param ad The additional data to use. This must be a readable
diff --git a/include/mbedtls/compat-2.x.h b/include/mbedtls/compat-2.x.h
new file mode 100644
index 0000000..cdf81dc
--- /dev/null
+++ b/include/mbedtls/compat-2.x.h
@@ -0,0 +1,58 @@
+/**
+ * \file compat-2.x.h
+ *
+ * \brief Compatibility definitions
+ *
+ * \deprecated Use the new names directly instead
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if defined(MBEDTLS_DEPRECATED_WARNING)
+#warning "Including compat-2.x.h is deprecated"
+#endif
+
+#ifndef MBEDTLS_COMPAT2X_H
+#define MBEDTLS_COMPAT2X_H
+
+/*
+ * Macros for renamed functions
+ */
+#define mbedtls_ctr_drbg_update_ret mbedtls_ctr_drbg_update
+#define mbedtls_hmac_drbg_update_ret mbedtls_hmac_drbg_update
+#define mbedtls_md5_starts_ret mbedtls_md5_starts
+#define mbedtls_md5_update_ret mbedtls_md5_update
+#define mbedtls_md5_finish_ret mbedtls_md5_finish
+#define mbedtls_md5_ret mbedtls_md5
+#define mbedtls_ripemd160_starts_ret mbedtls_ripemd160_starts
+#define mbedtls_ripemd160_update_ret mbedtls_ripemd160_update
+#define mbedtls_ripemd160_finish_ret mbedtls_ripemd160_finish
+#define mbedtls_ripemd160_ret mbedtls_ripemd160
+#define mbedtls_sha1_starts_ret mbedtls_sha1_starts
+#define mbedtls_sha1_update_ret mbedtls_sha1_update
+#define mbedtls_sha1_finish_ret mbedtls_sha1_finish
+#define mbedtls_sha1_ret mbedtls_sha1
+#define mbedtls_sha256_starts_ret mbedtls_sha256_starts
+#define mbedtls_sha256_update_ret mbedtls_sha256_update
+#define mbedtls_sha256_finish_ret mbedtls_sha256_finish
+#define mbedtls_sha256_ret mbedtls_sha256
+#define mbedtls_sha512_starts_ret mbedtls_sha512_starts
+#define mbedtls_sha512_update_ret mbedtls_sha512_update
+#define mbedtls_sha512_finish_ret mbedtls_sha512_finish
+#define mbedtls_sha512_ret mbedtls_sha512
+
+#endif /* MBEDTLS_COMPAT2X_H */
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 16f8f8b..47605f9 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -47,7 +47,6 @@
*
* Used in:
* library/aria.c
- * library/timing.c
* library/bn_mul.h
*
* Required by:
@@ -268,7 +267,7 @@
/**
* \def MBEDTLS_TIMING_ALT
*
- * Uncomment to provide your own alternate implementation for mbedtls_timing_hardclock(),
+ * Uncomment to provide your own alternate implementation for
* mbedtls_timing_get_timer(), mbedtls_set_alarm(), mbedtls_set/get_delay()
*
* Only works if you have MBEDTLS_TIMING_C enabled.
@@ -297,16 +296,14 @@
* Uncomment a macro to enable alternate implementation of the corresponding
* module.
*
- * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ * \warning MD5, DES and SHA-1 are considered weak and their
* use constitutes a security risk. If possible, we recommend
* avoiding dependencies on them, and considering stronger message
* digests and ciphers instead.
*
*/
//#define MBEDTLS_AES_ALT
-//#define MBEDTLS_ARC4_ALT
//#define MBEDTLS_ARIA_ALT
-//#define MBEDTLS_BLOWFISH_ALT
//#define MBEDTLS_CAMELLIA_ALT
//#define MBEDTLS_CCM_ALT
//#define MBEDTLS_CHACHA20_ALT
@@ -317,8 +314,6 @@
//#define MBEDTLS_ECJPAKE_ALT
//#define MBEDTLS_GCM_ALT
//#define MBEDTLS_NIST_KW_ALT
-//#define MBEDTLS_MD2_ALT
-//#define MBEDTLS_MD4_ALT
//#define MBEDTLS_MD5_ALT
//#define MBEDTLS_POLY1305_ALT
//#define MBEDTLS_RIPEMD160_ALT
@@ -326,7 +321,6 @@
//#define MBEDTLS_SHA1_ALT
//#define MBEDTLS_SHA256_ALT
//#define MBEDTLS_SHA512_ALT
-//#define MBEDTLS_XTEA_ALT
/*
* When replacing the elliptic curve module, pleace consider, that it is
@@ -340,7 +334,7 @@
//#define MBEDTLS_ECP_ALT
/**
- * \def MBEDTLS_MD2_PROCESS_ALT
+ * \def MBEDTLS_SHA256_PROCESS_ALT
*
* MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let mbed TLS use you
* alternate core implementation of symmetric crypto or hash function. Keep in
@@ -362,7 +356,7 @@
* Uncomment a macro to enable alternate implementation of the corresponding
* function.
*
- * \warning MD2, MD4, MD5, DES and SHA-1 are considered weak and their use
+ * \warning MD5, DES and SHA-1 are considered weak and their use
* constitutes a security risk. If possible, we recommend avoiding
* dependencies on them, and considering stronger message digests
* and ciphers instead.
@@ -376,8 +370,6 @@
* implementation should be provided for mbedtls_ecdsa_sign_det_ext().
*
*/
-//#define MBEDTLS_MD2_PROCESS_ALT
-//#define MBEDTLS_MD4_PROCESS_ALT
//#define MBEDTLS_MD5_PROCESS_ALT
//#define MBEDTLS_RIPEMD160_PROCESS_ALT
//#define MBEDTLS_SHA1_PROCESS_ALT
@@ -652,28 +644,6 @@
#define MBEDTLS_ECP_NIST_OPTIM
/**
- * \def MBEDTLS_ECP_NO_INTERNAL_RNG
- *
- * When this option is disabled, mbedtls_ecp_mul() will make use of an
- * internal RNG when called with a NULL \c f_rng argument, in order to protect
- * against some side-channel attacks.
- *
- * This protection introduces a dependency of the ECP module on one of the
- * DRBG modules. For very constrained implementations that don't require this
- * protection (for example, because you're only doing signature verification,
- * so not manipulating any secret, or because local/physical side-channel
- * attacks are outside your threat model), it might be desirable to get rid of
- * that dependency.
- *
- * \warning Enabling this option makes some uses of ECP vulnerable to some
- * side-channel attacks. Only enable it if you know that's not a problem for
- * your use case.
- *
- * Uncomment this macro to disable some counter-measures in ECP.
- */
-//#define MBEDTLS_ECP_NO_INTERNAL_RNG
-
-/**
* \def MBEDTLS_ECP_RESTARTABLE
*
* Enable "non-blocking" ECC operations that can return early and be resumed.
@@ -1014,8 +984,7 @@
/**
* \def MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
*
- * Do not add default entropy sources. These are the platform specific
- * or mbedtls_timing_hardclock poll function.
+ * Do not add default entropy sources in mbedtls_entropy_init().
*
* This is useful to have more control over the added entropy sources in an
* application.
@@ -1580,7 +1549,7 @@
* (see Section 5 of RFC 5764), are not handled by this feature.
* Instead, after successful completion of a handshake negotiating
* the use of DTLS-SRTP, the extended key exporter API
- * mbedtls_ssl_conf_export_keys_ext_cb() should be used to implement
+ * mbedtls_ssl_conf_export_keys_cb() should be used to implement
* the key exporter described in Section 4.2 of RFC 5764 and RFC 5705
* (this is implemented in the SSL example programs).
* The resulting key should then be passed to an SRTP stack.
@@ -1649,15 +1618,6 @@
#define MBEDTLS_SSL_SERVER_NAME_INDICATION
/**
- * \def MBEDTLS_SSL_TRUNCATED_HMAC
- *
- * Enable support for RFC 6066 truncated HMAC in SSL.
- *
- * Comment this macro to disable support for truncated HMAC in SSL
- */
-#define MBEDTLS_SSL_TRUNCATED_HMAC
-
-/**
* \def MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
*
* When this option is enabled, the SSL buffer will be resized automatically
@@ -1941,24 +1901,6 @@
#define MBEDTLS_AES_C
/**
- * \def MBEDTLS_ARC4_C
- *
- * Enable the ARCFOUR stream cipher.
- *
- * Module: library/arc4.c
- * Caller: library/cipher.c
- *
- * This module enables the following ciphersuites (if other requisites are
- * enabled as well):
- *
- * \warning ARC4 is considered a weak cipher and its use constitutes a
- * security risk. If possible, we recommend avoidng dependencies on
- * it, and considering stronger ciphers instead.
- *
- */
-#define MBEDTLS_ARC4_C
-
-/**
* \def MBEDTLS_ASN1_PARSE_C
*
* Enable the generic ASN1 parser.
@@ -2016,15 +1958,6 @@
#define MBEDTLS_BIGNUM_C
/**
- * \def MBEDTLS_BLOWFISH_C
- *
- * Enable the Blowfish block cipher.
- *
- * Module: library/blowfish.c
- */
-#define MBEDTLS_BLOWFISH_C
-
-/**
* \def MBEDTLS_CAMELLIA_C
*
* Enable the Camellia block cipher.
@@ -2427,40 +2360,6 @@
#define MBEDTLS_MD_C
/**
- * \def MBEDTLS_MD2_C
- *
- * Enable the MD2 hash algorithm.
- *
- * Module: library/md2.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD2-signed X.509 certs.
- *
- * \warning MD2 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD2_C
-
-/**
- * \def MBEDTLS_MD4_C
- *
- * Enable the MD4 hash algorithm.
- *
- * Module: library/md4.c
- * Caller:
- *
- * Uncomment to enable support for (rare) MD4-signed X.509 certs.
- *
- * \warning MD4 is considered a weak message digest and its use constitutes a
- * security risk. If possible, we recommend avoiding dependencies on
- * it, and considering stronger message digests instead.
- *
- */
-//#define MBEDTLS_MD4_C
-
-/**
* \def MBEDTLS_MD5_C
*
* Enable the MD5 hash algorithm.
@@ -2655,7 +2554,6 @@
* Caller: library/pkparse.c
*
* Requires: MBEDTLS_ASN1_PARSE_C, MBEDTLS_CIPHER_C, MBEDTLS_MD_C
- * Can use: MBEDTLS_ARC4_C
*
* This module enables PKCS#12 functions.
*/
@@ -3100,16 +2998,6 @@
*/
#define MBEDTLS_X509_CSR_WRITE_C
-/**
- * \def MBEDTLS_XTEA_C
- *
- * Enable the XTEA block cipher.
- *
- * Module: library/xtea.c
- * Caller:
- */
-#define MBEDTLS_XTEA_C
-
/* \} name SECTION: mbed TLS modules */
/**
@@ -3145,7 +3033,7 @@
//#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
/* ECP options */
-//#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
+//#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< Maximum window size used */
//#define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
/* Entropy options */
@@ -3327,23 +3215,6 @@
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
/**
- * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
- * signature and ciphersuite selection. Without this build-time option, SHA-1
- * support must be activated explicitly through mbedtls_ssl_conf_sig_hashes.
- * The use of SHA-1 in TLS <= 1.1 and in HMAC-SHA-1 is always allowed by
- * default. At the time of writing, there is no practical attack on the use
- * of SHA-1 in handshake signatures, hence this option is turned on by default
- * to preserve compatibility with existing peers, but the general
- * warning applies nonetheless:
- *
- * \warning SHA-1 is considered a weak message digest and its use constitutes
- * a security risk. If possible, we recommend avoiding dependencies
- * on it, and considering stronger message digests instead.
- *
- */
-#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE
-
-/**
* Uncomment the macro to let mbed TLS use your alternate implementation of
* mbedtls_platform_zeroize(). This replaces the default implementation in
* platform_util.c.
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
index f5db94e..a0f2637 100644
--- a/include/mbedtls/config_psa.h
+++ b/include/mbedtls/config_psa.h
@@ -103,16 +103,6 @@
#endif /* !MBEDTLS_PSA_ACCEL_ALG_HMAC */
#endif /* PSA_WANT_ALG_HMAC */
-#if defined(PSA_WANT_ALG_MD2) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
-#define MBEDTLS_MD2_C
-#endif
-
-#if defined(PSA_WANT_ALG_MD4) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
-#define MBEDTLS_MD4_C
-#endif
-
#if defined(PSA_WANT_ALG_MD5) && !defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define MBEDTLS_MD5_C
@@ -277,13 +267,6 @@
#endif /* PSA_HAVE_SOFT_KEY_TYPE_AES || PSA_HAVE_SOFT_BLOCK_MODE */
#endif /* PSA_WANT_KEY_TYPE_AES */
-#if defined(PSA_WANT_KEY_TYPE_ARC4)
-#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4)
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
-#define MBEDTLS_ARC4_C
-#endif /*!MBEDTLS_PSA_ACCEL_KEY_TYPE_ARC4 */
-#endif /* PSA_WANT_KEY_TYPE_ARC4 */
-
#if defined(PSA_WANT_KEY_TYPE_CAMELLIA)
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CAMELLIA)
#define PSA_HAVE_SOFT_KEY_TYPE_CAMELLIA 1
@@ -591,16 +574,6 @@
#define PSA_WANT_ALG_TLS12_PSK_TO_MS 1
#endif /* MBEDTLS_MD_C */
-#if defined(MBEDTLS_MD2_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD2 1
-#define PSA_WANT_ALG_MD2 1
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-#define MBEDTLS_PSA_BUILTIN_ALG_MD4 1
-#define PSA_WANT_ALG_MD4 1
-#endif
-
#if defined(MBEDTLS_MD5_C)
#define MBEDTLS_PSA_BUILTIN_ALG_MD5 1
#define PSA_WANT_ALG_MD5 1
@@ -661,13 +634,6 @@
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES 1
#endif
-#if defined(MBEDTLS_ARC4_C)
-#define PSA_WANT_KEY_TYPE_ARC4 1
-#define PSA_WANT_ALG_STREAM_CIPHER 1
-#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_ARC4 1
-#define MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER 1
-#endif
-
#if defined(MBEDTLS_CAMELLIA_C)
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
#define MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA 1
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 6a8d5c6..b8e2c71 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -463,9 +463,9 @@
* #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT.
* \return An error from the underlying AES cipher on failure.
*/
-int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
- const unsigned char *additional,
- size_t add_len );
+int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
+ const unsigned char *additional,
+ size_t add_len );
/**
* \brief This function updates a CTR_DRBG instance with additional
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index e8c8a82..850813e 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -279,10 +279,10 @@
* \param output_size The size of the destination buffer. This must be at
* least the size of \c ctx->len (the size of \c P).
* \param olen On exit, holds the actual number of Bytes written.
- * \param f_rng The RNG function, for blinding purposes. This may
- * b \c NULL if blinding isn't needed.
- * \param p_rng The RNG context. This may be \c NULL if \p f_rng
- * doesn't need a context argument.
+ * \param f_rng The RNG function. Must not be \c NULL. Used for
+ * blinding.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be
+ * \c NULL if \p f_rng doesn't need a context parameter.
*
* \return \c 0 on success.
* \return An \c MBEDTLS_ERR_DHM_XXX error code on failure.
diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h
index 2a0980b..587035a 100644
--- a/include/mbedtls/ecdh.h
+++ b/include/mbedtls/ecdh.h
@@ -222,10 +222,7 @@
* This must be initialized.
* \param d Our secret exponent (private key).
* This must be initialized.
- * \param f_rng The RNG function. This may be \c NULL if randomization
- * of intermediate results during the ECP computations is
- * not needed (discouraged). See the documentation of
- * mbedtls_ecp_mul() for more.
+ * \param f_rng The RNG function to use. This must not be \c NULL.
* \param p_rng The RNG context to be passed to \p f_rng. This may be
* \c NULL if \p f_rng is \c NULL or doesn't need a
* context argument.
@@ -428,8 +425,7 @@
* \param buf The buffer to write the generated shared key to. This
* must be a writable buffer of size \p blen Bytes.
* \param blen The length of the destination buffer \p buf in Bytes.
- * \param f_rng The RNG function, for blinding purposes. This may
- * b \c NULL if blinding isn't needed.
+ * \param f_rng The RNG function to use. This must not be \c NULL.
* \param p_rng The RNG context. This may be \c NULL if \p f_rng
* doesn't need a context argument.
*
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index 49e85d9..db84c10 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h
@@ -255,7 +255,8 @@
#if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
- * Default: 6.
+ * Default: a point where higher memory usage yields disminishing performance
+ * returns.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
@@ -272,7 +273,7 @@
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
-#define MBEDTLS_ECP_WINDOW_SIZE 6 /**< The maximum window size used. */
+#define MBEDTLS_ECP_WINDOW_SIZE 4 /**< The maximum window size used. */
#endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
@@ -505,8 +506,7 @@
/**
* \brief This function retrieves the information defined in
- * mbedtls_ecp_curve_info() for all supported curves in order
- * of preference.
+ * mbedtls_ecp_curve_info() for all supported curves.
*
* \note This function returns information about all curves
* supported by the library. Some curves may not be
@@ -911,15 +911,8 @@
* \note To prevent timing attacks, this function
* executes the exact same sequence of base-field
* operations for any valid \p m. It avoids any if-branch or
- * array index depending on the value of \p m.
- *
- * \note If \p f_rng is not NULL, it is used to randomize
- * intermediate results to prevent potential timing attacks
- * targeting these results. We recommend always providing
- * a non-NULL \p f_rng. The overhead is negligible.
- * Note: unless #MBEDTLS_ECP_NO_INTERNAL_RNG is defined, when
- * \p f_rng is NULL, an internal RNG (seeded from the value
- * of \p m) will be used instead.
+ * array index depending on the value of \p m. If also uses
+ * \p f_rng to randomize some intermediate results.
*
* \param grp The ECP group to use.
* This must be initialized and have group parameters
@@ -928,9 +921,9 @@
* This must be initialized.
* \param m The integer by which to multiply. This must be initialized.
* \param P The point to multiply. This must be initialized.
- * \param f_rng The RNG function. This may be \c NULL if randomization
- * of intermediate results isn't desired (discouraged).
- * \param p_rng The RNG context to be passed to \p p_rng.
+ * \param f_rng The RNG function. This must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c
+ * NULL if \p f_rng doesn't need a context.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_ECP_INVALID_KEY if \p m is not a valid private
@@ -959,9 +952,9 @@
* This must be initialized.
* \param m The integer by which to multiply. This must be initialized.
* \param P The point to multiply. This must be initialized.
- * \param f_rng The RNG function. This may be \c NULL if randomization
- * of intermediate results isn't desired (discouraged).
- * \param p_rng The RNG context to be passed to \p p_rng.
+ * \param f_rng The RNG function. This must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c
+ * NULL if \p f_rng doesn't need a context.
* \param rs_ctx The restart context (NULL disables restart).
*
* \return \c 0 on success.
@@ -1265,14 +1258,18 @@
* part is ignored.
* \param prv The keypair structure holding the full keypair.
* This must be initialized.
+ * \param f_rng The RNG function. This must not be \c NULL.
+ * \param p_rng The RNG context to be passed to \p f_rng. This may be \c
+ * NULL if \p f_rng doesn't need a context.
*
* \return \c 0 on success, meaning that the keys are valid and match.
* \return #MBEDTLS_ERR_ECP_BAD_INPUT_DATA if the keys are invalid or do not match.
* \return An \c MBEDTLS_ERR_ECP_XXX or an \c MBEDTLS_ERR_MPI_XXX
* error code on calculation failure.
*/
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub,
- const mbedtls_ecp_keypair *prv );
+int mbedtls_ecp_check_pub_priv(
+ const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 199ea3d..2835fd5 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -61,11 +61,9 @@
* ERROR 2 0x006E 0x0001
* MPI 7 0x0002-0x0010
* GCM 3 0x0012-0x0014 0x0013-0x0013
- * BLOWFISH 3 0x0016-0x0018 0x0017-0x0017
* THREADING 3 0x001A-0x001E
* AES 5 0x0020-0x0022 0x0021-0x0025
* CAMELLIA 3 0x0024-0x0026 0x0027-0x0027
- * XTEA 2 0x0028-0x0028 0x0029-0x0029
* BASE64 2 0x002A-0x002C
* OID 1 0x002E-0x002E 0x000B-0x000B
* PADLOCK 1 0x0030-0x0030
@@ -79,9 +77,6 @@
* PBKDF2 1 0x007C-0x007C
* HMAC_DRBG 4 0x0003-0x0009
* CCM 3 0x000D-0x0011
- * ARC4 1 0x0019-0x0019
- * MD2 1 0x002B-0x002B
- * MD4 1 0x002D-0x002D
* MD5 1 0x002F-0x002F
* RIPEMD160 1 0x0031-0x0031
* SHA1 1 0x0035-0x0035 0x0073-0x0073
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index c8e384a..f3c3035 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -246,11 +246,6 @@
* you do not need to call this function. You may not
* call this function after calling mbedtls_cipher_update().
*
- * \note This function may only be called once per operation:
- * you must pass the whole associated data in a single
- * call. This limitation will be lifted in a future version
- * of Mbed TLS.
- *
* \param ctx The GCM context. This must have been started with
* mbedtls_gcm_starts() and must not have yet received
* any input with mbedtls_gcm_update().
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index 2f81158..164a4f7 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -295,8 +295,8 @@
* \return \c 0 on success, or an error from the underlying
* hash calculation.
*/
-int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
- const unsigned char *additional, size_t add_len );
+int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
+ const unsigned char *additional, size_t add_len );
/**
* \brief This function reseeds the HMAC_DRBG context, that is
diff --git a/include/mbedtls/md.h b/include/mbedtls/md.h
index 21dc7c4..7bf8213 100644
--- a/include/mbedtls/md.h
+++ b/include/mbedtls/md.h
@@ -46,15 +46,13 @@
/**
* \brief Supported message digests.
*
- * \warning MD2, MD4, MD5 and SHA-1 are considered weak message digests and
+ * \warning MD5 and SHA-1 are considered weak message digests and
* their use constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
typedef enum {
MBEDTLS_MD_NONE=0, /**< None. */
- MBEDTLS_MD_MD2, /**< The MD2 message digest. */
- MBEDTLS_MD_MD4, /**< The MD4 message digest. */
MBEDTLS_MD_MD5, /**< The MD5 message digest. */
MBEDTLS_MD_SHA1, /**< The SHA-1 message digest. */
MBEDTLS_MD_SHA224, /**< The SHA-224 message digest. */
diff --git a/include/mbedtls/md2.h b/include/mbedtls/md2.h
deleted file mode 100644
index 8d8d1e5..0000000
--- a/include/mbedtls/md2.h
+++ /dev/null
@@ -1,204 +0,0 @@
-/**
- * \file md2.h
- *
- * \brief MD2 message digest algorithm (hash function)
- *
- * \warning MD2 is considered a weak message digest and its use constitutes a
- * security risk. We recommend considering stronger message digests
- * instead.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef MBEDTLS_MD2_H
-#define MBEDTLS_MD2_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_MD2_ALT)
-// Regular implementation
-//
-
-/**
- * \brief MD2 context structure
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-typedef struct mbedtls_md2_context
-{
- unsigned char MBEDTLS_PRIVATE(cksum)[16]; /*!< checksum of the data block */
- unsigned char MBEDTLS_PRIVATE(state)[48]; /*!< intermediate digest state */
- unsigned char MBEDTLS_PRIVATE(buffer)[16]; /*!< data block being processed */
- size_t MBEDTLS_PRIVATE(left); /*!< amount of data in buffer */
-}
-mbedtls_md2_context;
-
-#else /* MBEDTLS_MD2_ALT */
-#include "md2_alt.h"
-#endif /* MBEDTLS_MD2_ALT */
-
-/**
- * \brief Initialize MD2 context
- *
- * \param ctx MD2 context to be initialized
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md2_init( mbedtls_md2_context *ctx );
-
-/**
- * \brief Clear MD2 context
- *
- * \param ctx MD2 context to be cleared
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md2_free( mbedtls_md2_context *ctx );
-
-/**
- * \brief Clone (the state of) an MD2 context
- *
- * \param dst The destination context
- * \param src The context to be cloned
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
- const mbedtls_md2_context *src );
-
-/**
- * \brief MD2 context setup
- *
- * \param ctx context to be initialized
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx );
-
-/**
- * \brief MD2 process buffer
- *
- * \param ctx MD2 context
- * \param input buffer holding the data
- * \param ilen length of the input data
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
- const unsigned char *input,
- size_t ilen );
-
-/**
- * \brief MD2 final digest
- *
- * \param ctx MD2 context
- * \param output MD2 checksum result
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
- unsigned char output[16] );
-
-/**
- * \brief MD2 process data block (internal use only)
- *
- * \param ctx MD2 context
- *
- * \return 0 if successful
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx );
-
-/**
- * \brief Output = MD2( input buffer )
- *
- * \param input buffer holding the data
- * \param ilen length of the input data
- * \param output MD2 checksum result
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- *
- * \warning MD2 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md2_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_md2.h */
diff --git a/include/mbedtls/md4.h b/include/mbedtls/md4.h
deleted file mode 100644
index ac28d29..0000000
--- a/include/mbedtls/md4.h
+++ /dev/null
@@ -1,207 +0,0 @@
-/**
- * \file md4.h
- *
- * \brief MD4 message digest algorithm (hash function)
- *
- * \warning MD4 is considered a weak message digest and its use constitutes a
- * security risk. We recommend considering stronger message digests
- * instead.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-#ifndef MBEDTLS_MD4_H
-#define MBEDTLS_MD4_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_MD4_ALT)
-// Regular implementation
-//
-
-/**
- * \brief MD4 context structure
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-typedef struct mbedtls_md4_context
-{
- uint32_t MBEDTLS_PRIVATE(total)[2]; /*!< number of bytes processed */
- uint32_t MBEDTLS_PRIVATE(state)[4]; /*!< intermediate digest state */
- unsigned char MBEDTLS_PRIVATE(buffer)[64]; /*!< data block being processed */
-}
-mbedtls_md4_context;
-
-#else /* MBEDTLS_MD4_ALT */
-#include "md4_alt.h"
-#endif /* MBEDTLS_MD4_ALT */
-
-/**
- * \brief Initialize MD4 context
- *
- * \param ctx MD4 context to be initialized
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md4_init( mbedtls_md4_context *ctx );
-
-/**
- * \brief Clear MD4 context
- *
- * \param ctx MD4 context to be cleared
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md4_free( mbedtls_md4_context *ctx );
-
-/**
- * \brief Clone (the state of) an MD4 context
- *
- * \param dst The destination context
- * \param src The context to be cloned
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
- const mbedtls_md4_context *src );
-
-/**
- * \brief MD4 context setup
- *
- * \param ctx context to be initialized
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- */
-int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx );
-
-/**
- * \brief MD4 process buffer
- *
- * \param ctx MD4 context
- * \param input buffer holding the data
- * \param ilen length of the input data
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
- const unsigned char *input,
- size_t ilen );
-
-/**
- * \brief MD4 final digest
- *
- * \param ctx MD4 context
- * \param output MD4 checksum result
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
- unsigned char output[16] );
-
-/**
- * \brief MD4 process data block (internal use only)
- *
- * \param ctx MD4 context
- * \param data buffer holding one block of data
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
- const unsigned char data[64] );
-
-/**
- * \brief Output = MD4( input buffer )
- *
- * \param input buffer holding the data
- * \param ilen length of the input data
- * \param output MD4 checksum result
- *
- * \return 0 if successful
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] );
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- *
- * \warning MD4 is considered a weak message digest and its use
- * constitutes a security risk. We recommend considering
- * stronger message digests instead.
- *
- */
-int mbedtls_md4_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_md4.h */
diff --git a/include/mbedtls/md5.h b/include/mbedtls/md5.h
index 27bc409..6ef3591 100644
--- a/include/mbedtls/md5.h
+++ b/include/mbedtls/md5.h
@@ -114,7 +114,7 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx );
+int mbedtls_md5_starts( mbedtls_md5_context *ctx );
/**
* \brief MD5 process buffer
@@ -130,9 +130,9 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_md5_update( mbedtls_md5_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
/**
* \brief MD5 final digest
@@ -147,8 +147,8 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
- unsigned char output[16] );
+int mbedtls_md5_finish( mbedtls_md5_context *ctx,
+ unsigned char output[16] );
/**
* \brief MD5 process data block (internal use only)
@@ -180,9 +180,9 @@
* stronger message digests instead.
*
*/
-int mbedtls_md5_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] );
+int mbedtls_md5( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[16] );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index c866ebe..1921042 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -231,8 +231,6 @@
* PKCS#1 OIDs
*/
#define MBEDTLS_OID_PKCS1_RSA MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */
-#define MBEDTLS_OID_PKCS1_MD2 MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */
-#define MBEDTLS_OID_PKCS1_MD4 MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */
#define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */
#define MBEDTLS_OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */
#define MBEDTLS_OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */
@@ -251,8 +249,6 @@
/*
* Digest algorithms
*/
-#define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
-#define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
#define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_NIST_ALG "\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
@@ -303,8 +299,6 @@
/*
* PKCS#5 PBES1 algorithms
*/
-#define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */
-#define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */
#define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */
#define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */
#define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */
@@ -320,8 +314,6 @@
*/
#define MBEDTLS_OID_PKCS12_PBE MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */
-#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */
-#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index d29059d..ec7fe6e 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -501,7 +501,7 @@
* given the key type.
* \param sig_len On successful return,
* the number of bytes written to \p sig.
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
*
* \return 0 on success, or a specific error code.
@@ -538,7 +538,7 @@
* given the key type.
* \param sig_len On successful return,
* the number of bytes written to \p sig.
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
* \param rs_ctx Restart context (NULL to disable restart)
*
@@ -563,7 +563,7 @@
* \param output Decrypted output
* \param olen Decrypted message length
* \param osize Size of the output buffer
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
@@ -584,9 +584,11 @@
* \param output Encrypted output
* \param olen Encrypted output length
* \param osize Size of the output buffer
- * \param f_rng RNG function
+ * \param f_rng RNG function, must not be \c NULL.
* \param p_rng RNG parameter
*
+ * \note \p f_rng is used for padding generation.
+ *
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
*
* \return 0 on success, or a specific error code.
@@ -601,6 +603,8 @@
*
* \param pub Context holding a public key.
* \param prv Context holding a private (and public) key.
+ * \param f_rng RNG function, must not be \c NULL.
+ * \param p_rng RNG parameter
*
* \return \c 0 on success (keys were checked and match each other).
* \return #MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE if the keys could not
@@ -608,7 +612,10 @@
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA if a context is invalid.
* \return Another non-zero value if the keys do not match.
*/
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
+int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
+ const mbedtls_pk_context *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
/**
* \brief Export debug information
@@ -660,6 +667,8 @@
* The empty password is not supported.
* \param pwdlen Size of the password in bytes.
* Ignored if \p pwd is \c NULL.
+ * \param f_rng RNG function, must not be \c NULL. Used for blinding.
+ * \param p_rng RNG parameter
*
* \note On entry, ctx must be empty, either freshly initialised
* with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
@@ -670,8 +679,9 @@
* \return 0 if successful, or a specific PK or PEM error code
*/
int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
- const unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen );
+ const unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** \ingroup pk_module */
/**
@@ -711,6 +721,8 @@
* Pass a null-terminated string if expecting an encrypted
* key; a non-encrypted key will also be accepted.
* The empty password is not supported.
+ * \param f_rng RNG function, must not be \c NULL. Used for blinding.
+ * \param p_rng RNG parameter
*
* \note On entry, ctx must be empty, either freshly initialised
* with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
@@ -721,7 +733,8 @@
* \return 0 if successful, or a specific PK or PEM error code
*/
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
- const char *path, const char *password );
+ const char *path, const char *password,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** \ingroup pk_module */
/**
diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index 4b8ce7e..06092d3 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h
@@ -54,25 +54,6 @@
/**
* \brief PKCS12 Password Based function (encryption / decryption)
- * for pbeWithSHAAnd128BitRC4
- *
- * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
- * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
- * \param pwd the password used (may be NULL if no password is used)
- * \param pwdlen length of the password (may be 0)
- * \param input the input data
- * \param len data length
- * \param output the output buffer
- *
- * \return 0 if successful, or a MBEDTLS_ERR_XXX code
- */
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *input, size_t len,
- unsigned char *output );
-
-/**
- * \brief PKCS12 Password Based function (encryption / decryption)
* for cipher-based and mbedtls_md-based PBE's
*
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
diff --git a/include/mbedtls/psa_util.h b/include/mbedtls/psa_util.h
index d5feecb..d7b9b17 100644
--- a/include/mbedtls/psa_util.h
+++ b/include/mbedtls/psa_util.h
@@ -121,14 +121,6 @@
{
switch( md_alg )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( PSA_ALG_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( PSA_ALG_MD4 );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( PSA_ALG_MD5 );
diff --git a/include/mbedtls/ripemd160.h b/include/mbedtls/ripemd160.h
index 62570c2..f12f434 100644
--- a/include/mbedtls/ripemd160.h
+++ b/include/mbedtls/ripemd160.h
@@ -85,7 +85,7 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx );
+int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx );
/**
* \brief RIPEMD-160 process buffer
@@ -96,9 +96,9 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
/**
* \brief RIPEMD-160 final digest
@@ -108,8 +108,8 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
- unsigned char output[20] );
+int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx,
+ unsigned char output[20] );
/**
* \brief RIPEMD-160 process data block (internal use only)
@@ -131,9 +131,9 @@
*
* \return 0 if successful
*/
-int mbedtls_ripemd160_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[20] );
+int mbedtls_ripemd160( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20] );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/sha1.h b/include/mbedtls/sha1.h
index 5a42e5c..0975e2d 100644
--- a/include/mbedtls/sha1.h
+++ b/include/mbedtls/sha1.h
@@ -124,7 +124,7 @@
* \return A negative error code on failure.
*
*/
-int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
+int mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
/**
* \brief This function feeds an input buffer into an ongoing SHA-1
@@ -143,9 +143,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_sha1_update( mbedtls_sha1_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
/**
* \brief This function finishes the SHA-1 operation, and writes
@@ -163,8 +163,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
- unsigned char output[20] );
+int mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
+ unsigned char output[20] );
/**
* \brief SHA-1 process data block (internal use only).
@@ -207,9 +207,9 @@
* \return A negative error code on failure.
*
*/
-int mbedtls_sha1_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[20] );
+int mbedtls_sha1( const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20] );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/sha256.h b/include/mbedtls/sha256.h
index 2b982ff..76bed43 100644
--- a/include/mbedtls/sha256.h
+++ b/include/mbedtls/sha256.h
@@ -50,7 +50,7 @@
*
* The structure is used both for SHA-256 and for SHA-224
* checksum calculations. The choice between these two is
- * made in the call to mbedtls_sha256_starts_ret().
+ * made in the call to mbedtls_sha256_starts().
*/
typedef struct mbedtls_sha256_context
{
@@ -102,7 +102,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
+int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
/**
* \brief This function feeds an input buffer into an ongoing
@@ -117,9 +117,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_sha256_update( mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
/**
* \brief This function finishes the SHA-256 operation, and writes
@@ -134,8 +134,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
- unsigned char *output );
+int mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
+ unsigned char *output );
/**
* \brief This function processes a single data block within
@@ -171,10 +171,10 @@
* \param is224 Determines which function to use. This must be
* either \c 0 for SHA-256, or \c 1 for SHA-224.
*/
-int mbedtls_sha256_ret( const unsigned char *input,
- size_t ilen,
- unsigned char *output,
- int is224 );
+int mbedtls_sha256( const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ int is224 );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/sha512.h b/include/mbedtls/sha512.h
index 3f1af17..00d8338 100644
--- a/include/mbedtls/sha512.h
+++ b/include/mbedtls/sha512.h
@@ -49,7 +49,7 @@
*
* The structure is used both for SHA-384 and for SHA-512
* checksum calculations. The choice between these two is
- * made in the call to mbedtls_sha512_starts_ret().
+ * made in the call to mbedtls_sha512_starts().
*/
typedef struct mbedtls_sha512_context
{
@@ -109,7 +109,7 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );
+int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
/**
* \brief This function feeds an input buffer into an ongoing
@@ -124,9 +124,9 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
- const unsigned char *input,
- size_t ilen );
+int mbedtls_sha512_update( mbedtls_sha512_context *ctx,
+ const unsigned char *input,
+ size_t ilen );
/**
* \brief This function finishes the SHA-512 operation, and writes
@@ -141,8 +141,8 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
- unsigned char *output );
+int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
+ unsigned char *output );
/**
* \brief This function processes a single data block within
@@ -185,10 +185,10 @@
* \return \c 0 on success.
* \return A negative error code on failure.
*/
-int mbedtls_sha512_ret( const unsigned char *input,
- size_t ilen,
- unsigned char *output,
- int is384 );
+int mbedtls_sha512( const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ int is384 );
#if defined(MBEDTLS_SELF_TEST)
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index b2f5c67..02b59ed 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -458,18 +458,6 @@
}
mbedtls_ssl_states;
-/*
- * The tls_prf function types.
- */
-typedef enum
-{
- MBEDTLS_SSL_TLS_PRF_NONE,
- MBEDTLS_SSL_TLS_PRF_TLS1,
- MBEDTLS_SSL_TLS_PRF_SHA384,
- MBEDTLS_SSL_TLS_PRF_SHA256
-}
-mbedtls_tls_prf_types;
-
/**
* \brief Callback type: send data on the network.
*
@@ -933,6 +921,8 @@
unsigned char MBEDTLS_PRIVATE(id)[32]; /*!< session identifier */
unsigned char MBEDTLS_PRIVATE(master)[48]; /*!< the master secret */
+ unsigned char exported;
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_x509_crt *MBEDTLS_PRIVATE(peer_cert); /*!< peer X.509 cert chain */
@@ -956,15 +946,62 @@
unsigned char MBEDTLS_PRIVATE(mfl_code); /*!< MaxFragmentLength negotiated by peer */
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- int MBEDTLS_PRIVATE(trunc_hmac); /*!< flag for truncated hmac activation */
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */
#endif
};
+/*
+ * Identifiers for PRFs used in various versions of TLS.
+ */
+typedef enum
+{
+ MBEDTLS_SSL_TLS_PRF_NONE,
+ MBEDTLS_SSL_TLS_PRF_SHA384,
+ MBEDTLS_SSL_TLS_PRF_SHA256,
+ MBEDTLS_SSL_HKDF_EXPAND_SHA384,
+ MBEDTLS_SSL_HKDF_EXPAND_SHA256
+}
+mbedtls_tls_prf_types;
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+typedef enum
+{
+ MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET = 0,
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+ MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_EARLY_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS13_EARLY_EXPORTER_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS13_CLIENT_APPLICATION_TRAFFIC_SECRET,
+ MBEDTLS_SSL_KEY_EXPORT_TLS13_SERVER_APPLICATION_TRAFFIC_SECRET,
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
+} mbedtls_ssl_key_export_type;
+
+/**
+ * \brief Callback type: Export key alongside random values for
+ * session identification, and PRF for
+ * implementation of TLS key exporters.
+ *
+ * \param p_expkey Context for the callback.
+ * \param type The type of the key that is being exported.
+ * \param secret The address of the buffer holding the secret
+ * that's being exporterd.
+ * \param secret_len The length of \p secret in bytes.
+ * \param client_random The client random bytes.
+ * \param server_random The server random bytes.
+ * \param tls_prf_type The identifier for the PRF used in the handshake
+ * to which the key belongs.
+ */
+typedef void mbedtls_ssl_export_keys_t( void *p_expkey,
+ mbedtls_ssl_key_export_type type,
+ const unsigned char *secret,
+ size_t secret_len,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type );
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
/**
* SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
*/
@@ -1030,19 +1067,6 @@
void *MBEDTLS_PRIVATE(p_ticket); /*!< context for the ticket callbacks */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
- /** Callback to export key block and master secret */
- int (*MBEDTLS_PRIVATE(f_export_keys))( void *, const unsigned char *,
- const unsigned char *, size_t, size_t, size_t );
- /** Callback to export key block, master secret,
- * tls_prf and random bytes. Should replace f_export_keys */
- int (*MBEDTLS_PRIVATE(f_export_keys_ext))( void *, const unsigned char *,
- const unsigned char *, size_t, size_t, size_t,
- const unsigned char[32], const unsigned char[32],
- mbedtls_tls_prf_types );
- void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */
-#endif
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
size_t MBEDTLS_PRIVATE(cid_len); /*!< The length of CIDs for incoming DTLS records. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@@ -1180,9 +1204,6 @@
#if defined(MBEDTLS_SSL_RENEGOTIATION)
unsigned int MBEDTLS_PRIVATE(disable_renegotiation) : 1; /*!< disable renegotiation? */
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- unsigned int MBEDTLS_PRIVATE(trunc_hmac) : 1; /*!< negotiate truncated hmac? */
-#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
unsigned int MBEDTLS_PRIVATE(session_tickets) : 1; /*!< use session tickets? */
#endif
@@ -1393,6 +1414,12 @@
* Possible values are #MBEDTLS_SSL_CID_ENABLED
* and #MBEDTLS_SSL_CID_DISABLED. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+ /** Callback to export key block and master secret */
+ mbedtls_ssl_export_keys_t *MBEDTLS_PRIVATE(f_export_keys);
+ void *MBEDTLS_PRIVATE(p_export_keys); /*!< context for key export callback */
+#endif
};
/**
@@ -1535,7 +1562,7 @@
* \brief Set the random number generator callback
*
* \param conf SSL configuration
- * \param f_rng RNG function
+ * \param f_rng RNG function (mandatory)
* \param p_rng RNG parameter
*/
void mbedtls_ssl_conf_rng( mbedtls_ssl_config *conf,
@@ -1916,70 +1943,6 @@
size_t *tlen,
uint32_t *lifetime );
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-/**
- * \brief Callback type: Export key block and master secret
- *
- * \note This is required for certain uses of TLS, e.g. EAP-TLS
- * (RFC 5216) and Thread. The key pointers are ephemeral and
- * therefore must not be stored. The master secret and keys
- * should not be used directly except as an input to a key
- * derivation function.
- *
- * \param p_expkey Context for the callback
- * \param ms Pointer to master secret (fixed length: 48 bytes)
- * \param kb Pointer to key block, see RFC 5246 section 6.3
- * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen).
- * \param maclen MAC length
- * \param keylen Key length
- * \param ivlen IV length
- *
- * \return 0 if successful, or
- * a specific MBEDTLS_ERR_XXX code.
- */
-typedef int mbedtls_ssl_export_keys_t( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen );
-
-/**
- * \brief Callback type: Export key block, master secret,
- * handshake randbytes and the tls_prf function
- * used to derive keys.
- *
- * \note This is required for certain uses of TLS, e.g. EAP-TLS
- * (RFC 5216) and Thread. The key pointers are ephemeral and
- * therefore must not be stored. The master secret and keys
- * should not be used directly except as an input to a key
- * derivation function.
- *
- * \param p_expkey Context for the callback.
- * \param ms Pointer to master secret (fixed length: 48 bytes).
- * \param kb Pointer to key block, see RFC 5246 section 6.3.
- * (variable length: 2 * maclen + 2 * keylen + 2 * ivlen).
- * \param maclen MAC length.
- * \param keylen Key length.
- * \param ivlen IV length.
- * \param client_random The client random bytes.
- * \param server_random The server random bytes.
- * \param tls_prf_type The tls_prf enum type.
- *
- * \return 0 if successful, or
- * a specific MBEDTLS_ERR_XXX code.
- */
-typedef int mbedtls_ssl_export_keys_ext_t( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type );
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
/**
* \brief Callback type: parse and load session ticket
*
@@ -2031,34 +1994,26 @@
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
/**
- * \brief Configure key export callback.
- * (Default: none.)
+ * \brief Configure a key export callback.
+ * (Default: none.)
*
- * \note See \c mbedtls_ssl_export_keys_t.
+ * This API can be used for two purposes:
+ * - Debugging: Use this API to e.g. generate an NSSKeylog
+ * file and use it to inspect encrypted traffic in tools
+ * such as Wireshark.
+ * - Application-specific export: Use this API to implement
+ * key exporters, e.g. for EAP-TLS or DTLS-SRTP.
*
- * \param conf SSL configuration context
- * \param f_export_keys Callback for exporting keys
- * \param p_export_keys Context for the callback
+ *
+ * \param ssl The SSL context to which the export
+ * callback should be attached.
+ * \param f_export_keys The callback for the key export.
+ * \param p_export_keys The opaque context pointer to be passed to the
+ * callback \p f_export_keys.
*/
-void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_export_keys_t *f_export_keys,
- void *p_export_keys );
-
-/**
- * \brief Configure extended key export callback.
- * (Default: none.)
- *
- * \note See \c mbedtls_ssl_export_keys_ext_t.
- * \warning Exported key material must not be used for any purpose
- * before the (D)TLS handshake is completed
- *
- * \param conf SSL configuration context
- * \param f_export_keys_ext Callback for exporting keys
- * \param p_export_keys Context for the callback
- */
-void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
- void *p_export_keys );
+void mbedtls_ssl_set_export_keys_cb( mbedtls_ssl_context *ssl,
+ mbedtls_ssl_export_keys_t *f_export_keys,
+ void *p_export_keys );
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
@@ -2391,18 +2346,49 @@
#if defined(MBEDTLS_SSL_CLI_C)
/**
- * \brief Request resumption of session (client-side only)
- * Session data is copied from presented session structure.
+ * \brief Load a session for session resumption.
*
- * \param ssl SSL context
- * \param session session context
+ * Sessions loaded through this call will be considered
+ * for session resumption in the next handshake.
*
- * \return 0 if successful,
- * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
- * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
- * arguments are otherwise invalid
+ * \note Even if this call succeeds, it is not guaranteed that
+ * the next handshake will indeed be shortened through the
+ * use of session resumption: The server is always free
+ * to reject any attempt for resumption and fall back to
+ * a full handshake.
+ *
+ * \note This function can handle a variety of mechanisms for session
+ * resumption: For TLS 1.2, both session ID-based resumption and
+ * ticket-based resumption will be considered. For TLS 1.3,
+ * once implemented, sessions equate to tickets, and loading
+ * one or more sessions via this call will lead to their
+ * corresponding tickets being advertised as resumption PSKs
+ * by the client.
+ *
+ * \note Calling this function multiple times will only be useful
+ * once TLS 1.3 is supported. For TLS 1.2 connections, this
+ * function should be called at most once.
+ *
+ * \param ssl The SSL context representing the connection which should
+ * be attempted to be setup using session resumption. This
+ * must be initialized via mbedtls_ssl_init() and bound to
+ * an SSL configuration via mbedtls_ssl_setup(), but
+ * the handshake must not yet have been started.
+ * \param session The session to be considered for session resumption.
+ * This must be a session previously exported via
+ * mbedtls_ssl_get_session(), and potentially serialized and
+ * deserialized through mbedtls_ssl_session_save() and
+ * mbedtls_ssl_session_load() in the meantime.
+ *
+ * \return \c 0 if successful.
+ * \return \c MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the session
+ * could not be loaded because of an implementation limitation.
+ * This error is non-fatal, and has no observable effect on
+ * the SSL context or the session that was attempted to be loaded.
+ * \return Another negative error code on other kinds of failure.
*
* \sa mbedtls_ssl_get_session()
+ * \sa mbedtls_ssl_session_load()
*/
int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session *session );
#endif /* MBEDTLS_SSL_CLI_C */
@@ -2451,7 +2437,6 @@
* of session cache or session tickets.
*
* \see mbedtls_ssl_session_load()
- * \see mbedtls_ssl_get_session_pointer()
*
* \param session The session structure to be saved.
* \param buf The buffer to write the serialized data to. It must be a
@@ -2475,23 +2460,6 @@
size_t *olen );
/**
- * \brief Get a pointer to the current session structure, for example
- * to serialize it.
- *
- * \warning Ownership of the session remains with the SSL context, and
- * the returned pointer is only guaranteed to be valid until
- * the next API call operating on the same \p ssl context.
- *
- * \see mbedtls_ssl_session_save()
- *
- * \param ssl The SSL context.
- *
- * \return A pointer to the current session if successful.
- * \return \c NULL if no session is active.
- */
-const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl );
-
-/**
* \brief Set the list of allowed ciphersuites and the preference
* order. First in the list has the highest preference.
* (Overrides all version-specific lists)
@@ -2893,7 +2861,6 @@
#if defined(MBEDTLS_ECP_C)
/**
* \brief Set the allowed curves in order of preference.
- * (Default: all defined curves.)
*
* On server: this only affects selection of the ECDHE curve;
* the curves used for ECDH and ECDSA are determined by the
@@ -2914,6 +2881,19 @@
* \note This list should be ordered by decreasing preference
* (preferred curve first).
*
+ * \note The default list is the same set of curves that
+ * #mbedtls_x509_crt_profile_default allows, plus
+ * ECDHE-only curves selected according to the same criteria.
+ * The order favors curves with the lowest resource usage.
+ *
+ * \note New minor versions of Mbed TLS may extend this list,
+ * for example if new curves are added to the library.
+ * New minor versions of Mbed TLS will not remove items
+ * from this list unless serious security concerns require it.
+ * New minor versions of Mbed TLS may change the order in
+ * keeping with the general principle of favoring the lowest
+ * resource usage.
+ *
* \param conf SSL configuration
* \param curves Ordered list of allowed curves,
* terminated by MBEDTLS_ECP_DP_NONE.
@@ -2925,7 +2905,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/**
* \brief Set the allowed hashes for signatures during the handshake.
- * (Default: all available hashes except MD5.)
*
* \note This only affects which hashes are offered and can be used
* for signatures during the handshake. Hashes for message
@@ -2937,6 +2916,18 @@
* \note This list should be ordered by decreasing preference
* (preferred hash first).
*
+ * \note By default, all supported hashes whose length is at least
+ * 256 bits are allowed. This is the same set as the default
+ * for certificate verification
+ * (#mbedtls_x509_crt_profile_default).
+ * The preference order is currently unspecified and may
+ * change in future versions.
+ *
+ * \note New minor versions of Mbed TLS may extend this list,
+ * for example if new curves are added to the library.
+ * New minor versions of Mbed TLS will not remove items
+ * from this list unless serious security concerns require it.
+ *
* \param conf SSL configuration
* \param hashes Ordered list of allowed signature hashes,
* terminated by \c MBEDTLS_MD_NONE.
@@ -3315,18 +3306,6 @@
void mbedtls_ssl_conf_preference_order( mbedtls_ssl_config *conf, int order );
#endif /* MBEDTLS_SSL_SRV_C */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-/**
- * \brief Activate negotiation of truncated HMAC
- * (Default: MBEDTLS_SSL_TRUNC_HMAC_DISABLED)
- *
- * \param conf SSL configuration
- * \param truncate Enable or disable (MBEDTLS_SSL_TRUNC_HMAC_ENABLED or
- * MBEDTLS_SSL_TRUNC_HMAC_DISABLED)
- */
-void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate );
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
/**
* \brief Enable / Disable session tickets (client only).
@@ -3642,32 +3621,41 @@
#if defined(MBEDTLS_SSL_CLI_C)
/**
- * \brief Save session in order to resume it later (client-side only)
- * Session data is copied to presented session structure.
+ * \brief Export a session in order to resume it later.
*
+ * \param ssl The SSL context representing the connection for which to
+ * to export a session structure for later resumption.
+ * \param session The target structure in which to store the exported session.
+ * This must have been initialized with mbedtls_ssl_init_session()
+ * but otherwise be unused.
*
- * \param ssl SSL context
- * \param session session context
+ * \note This function can handle a variety of mechanisms for session
+ * resumption: For TLS 1.2, both session ID-based resumption and
+ * ticket-based resumption will be considered. For TLS 1.3,
+ * once implemented, sessions equate to tickets, and calling
+ * this function multiple times will export the available
+ * tickets one a time until no further tickets are available,
+ * in which case MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE will
+ * be returned.
*
- * \return 0 if successful,
- * MBEDTLS_ERR_SSL_ALLOC_FAILED if memory allocation failed,
- * MBEDTLS_ERR_SSL_BAD_INPUT_DATA if used server-side or
- * arguments are otherwise invalid.
+ * \note Calling this function multiple times will only be useful
+ * once TLS 1.3 is supported. For TLS 1.2 connections, this
+ * function should be called at most once.
*
- * \note Only the server certificate is copied, and not the full chain,
- * so you should not attempt to validate the certificate again
- * by calling \c mbedtls_x509_crt_verify() on it.
- * Instead, you should use the results from the verification
- * in the original handshake by calling \c mbedtls_ssl_get_verify_result()
- * after loading the session again into a new SSL context
- * using \c mbedtls_ssl_set_session().
- *
- * \note Once the session object is not needed anymore, you should
- * free it by calling \c mbedtls_ssl_session_free().
+ * \return \c 0 if successful. In this case, \p session can be used for
+ * session resumption by passing it to mbedtls_ssl_set_session(),
+ * and serialized for storage via mbedtls_ssl_session_save().
+ * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no further session
+ * is available for export.
+ * This error is a non-fatal, and has no observable effect on
+ * the SSL context or the destination session.
+ * \return Another negative error code on other kinds of failure.
*
* \sa mbedtls_ssl_set_session()
+ * \sa mbedtls_ssl_session_save()
*/
-int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl, mbedtls_ssl_session *session );
+int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
+ mbedtls_ssl_session *session );
#endif /* MBEDTLS_SSL_CLI_C */
/**
diff --git a/include/mbedtls/ssl_ticket.h b/include/mbedtls/ssl_ticket.h
index 871eec3..1047dbb 100644
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@@ -90,7 +90,7 @@
* \brief Prepare context to be actually used
*
* \param ctx Context to be set up
- * \param f_rng RNG callback function
+ * \param f_rng RNG callback function (mandatory)
* \param p_rng RNG callback context
* \param cipher AEAD cipher to use for ticket protection.
* Recommended value: MBEDTLS_CIPHER_AES_256_GCM.
diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h
index 7669bb9..6ffc812 100644
--- a/include/mbedtls/timing.h
+++ b/include/mbedtls/timing.h
@@ -61,52 +61,10 @@
#include "timing_alt.h"
#endif /* MBEDTLS_TIMING_ALT */
-extern volatile int mbedtls_timing_alarmed;
-
-/**
- * \brief Return the CPU cycle counter value
- *
- * \warning This is only a best effort! Do not rely on this!
- * In particular, it is known to be unreliable on virtual
- * machines.
- *
- * \note This value starts at an unspecified origin and
- * may wrap around.
- */
-unsigned long mbedtls_timing_hardclock( void );
-
-/**
- * \brief Return the elapsed time in milliseconds
- *
- * \param val points to a timer structure
- * \param reset If 0, query the elapsed time. Otherwise (re)start the timer.
- *
- * \return Elapsed time since the previous reset in ms. When
- * restarting, this is always 0.
- *
- * \note To initialize a timer, call this function with reset=1.
- *
- * Determining the elapsed time and resetting the timer is not
- * atomic on all platforms, so after the sequence
- * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 =
- * get_timer(0) }` the value time1+time2 is only approximately
- * the delay since the first reset.
- */
+/* Internal use */
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
/**
- * \brief Setup an alarm clock
- *
- * \param seconds delay before the "mbedtls_timing_alarmed" flag is set
- * (must be >=0)
- *
- * \warning Only one alarm at a time is supported. In a threaded
- * context, this means one for the whole process, not one per
- * thread.
- */
-void mbedtls_set_alarm( int seconds );
-
-/**
* \brief Set a pair of delays to watch
* (See \c mbedtls_timing_get_delay().)
*
@@ -136,15 +94,6 @@
*/
int mbedtls_timing_get_delay( void *data );
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if a test failed
- */
-int mbedtls_timing_self_test( int verbose );
-#endif
-
#ifdef __cplusplus
}
#endif
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index d383168..9b0a495 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -156,13 +156,33 @@
* Security profile for certificate verification.
*
* All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
+ *
+ * The fields of this structure are part of the public API and can be
+ * manipulated directly by applications. Future versions of the library may
+ * add extra fields or reorder existing fields.
+ *
+ * You can create custom profiles by starting from a copy of
+ * an existing profile, such as mbedtls_x509_crt_profile_default or
+ * mbedtls_x509_ctr_profile_none and then tune it to your needs.
+ *
+ * For example to allow SHA-224 in addition to the default:
+ *
+ * mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_default;
+ * my_profile.allowed_mds |= MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 );
+ *
+ * Or to allow only RSA-3072+ with SHA-256:
+ *
+ * mbedtls_x509_crt_profile my_profile = mbedtls_x509_crt_profile_none;
+ * my_profile.allowed_mds = MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 );
+ * my_profile.allowed_pks = MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_RSA );
+ * my_profile.rsa_min_bitlen = 3072;
*/
typedef struct mbedtls_x509_crt_profile
{
- uint32_t MBEDTLS_PRIVATE(allowed_mds); /**< MDs for signatures */
- uint32_t MBEDTLS_PRIVATE(allowed_pks); /**< PK algs for signatures */
- uint32_t MBEDTLS_PRIVATE(allowed_curves); /**< Elliptic curves for ECDSA */
- uint32_t MBEDTLS_PRIVATE(rsa_min_bitlen); /**< Minimum size for RSA keys */
+ uint32_t allowed_mds; /**< MDs for signatures */
+ uint32_t allowed_pks; /**< PK algs for signatures */
+ uint32_t allowed_curves; /**< Elliptic curves for ECDSA */
+ uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */
}
mbedtls_x509_crt_profile;
@@ -332,12 +352,22 @@
/**
* Default security profile. Should provide a good balance between security
* and compatibility with current deployments.
+ *
+ * This profile permits:
+ * - SHA2 hashes with at least 256 bits: SHA-256, SHA-384, SHA-512.
+ * - Elliptic curves with 255 bits and above except secp256k1.
+ * - RSA with 2048 bits and above.
+ *
+ * New minor versions of Mbed TLS may extend this profile, for example if
+ * new algorithms are added to the library. New minor versions of Mbed TLS will
+ * not reduce this profile unless serious security concerns require it.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
/**
* Expected next default profile. Recommended for new deployments.
- * Currently targets a 128-bit security level, except for RSA-2048.
+ * Currently targets a 128-bit security level, except for allowing RSA-2048.
+ * This profile may change at any time.
*/
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
@@ -347,6 +377,12 @@
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
/**
+ * Empty profile that allows nothing. Useful as a basis for constructing
+ * custom profiles.
+ */
+extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none;
+
+/**
* \brief Parse a single DER formatted certificate and add it
* to the end of the provided chained list.
*
@@ -1108,16 +1144,13 @@
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -1130,15 +1163,12 @@
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return 0 if successful, or a specific error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index 0a069df..a0f1278 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -264,16 +264,13 @@
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
@@ -287,15 +284,12 @@
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
- * \param f_rng RNG function (for signature, see note)
+ * \param f_rng RNG function. This must not be \c NULL.
* \param p_rng RNG parameter
*
* \return 0 if successful, or a specific error code
*
- * \note f_rng may be NULL if RSA is used for signature and the
- * signature is made offline (otherwise f_rng is desirable
- * for countermeasures against timing attacks).
- * ECDSA signatures always require a non-NULL f_rng.
+ * \note \p f_rng is used for the signature operation.
*/
int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
diff --git a/include/mbedtls/xtea.h b/include/mbedtls/xtea.h
deleted file mode 100644
index 72c998e..0000000
--- a/include/mbedtls/xtea.h
+++ /dev/null
@@ -1,135 +0,0 @@
-/**
- * \file xtea.h
- *
- * \brief XTEA block cipher (32-bit)
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef MBEDTLS_XTEA_H
-#define MBEDTLS_XTEA_H
-#include "mbedtls/private_access.h"
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#define MBEDTLS_XTEA_ENCRYPT 1
-#define MBEDTLS_XTEA_DECRYPT 0
-
-#define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if !defined(MBEDTLS_XTEA_ALT)
-// Regular implementation
-//
-
-/**
- * \brief XTEA context structure
- */
-typedef struct mbedtls_xtea_context
-{
- uint32_t MBEDTLS_PRIVATE(k)[4]; /*!< key */
-}
-mbedtls_xtea_context;
-
-#else /* MBEDTLS_XTEA_ALT */
-#include "xtea_alt.h"
-#endif /* MBEDTLS_XTEA_ALT */
-
-/**
- * \brief Initialize XTEA context
- *
- * \param ctx XTEA context to be initialized
- */
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
-
-/**
- * \brief Clear XTEA context
- *
- * \param ctx XTEA context to be cleared
- */
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
-
-/**
- * \brief XTEA key schedule
- *
- * \param ctx XTEA context to be initialized
- * \param key the secret key
- */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
-
-/**
- * \brief XTEA cipher function
- *
- * \param ctx XTEA context
- * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
- * \param input 8-byte input block
- * \param output 8-byte output block
- *
- * \return 0 if successful
- */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
- int mode,
- const unsigned char input[8],
- unsigned char output[8] );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/**
- * \brief XTEA CBC cipher function
- *
- * \param ctx XTEA context
- * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
- * \param length the length of input, multiple of 8
- * \param iv initialization vector for CBC mode
- * \param input input block
- * \param output output block
- *
- * \return 0 if successful,
- * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
- */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[8],
- const unsigned char *input,
- unsigned char *output);
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
-int mbedtls_xtea_self_test( int verbose );
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* xtea.h */
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 534902f..3532fef 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3682,7 +3682,6 @@
* The following key types defined in this specification follow this scheme:
*
* - #PSA_KEY_TYPE_AES;
- * - #PSA_KEY_TYPE_ARC4;
* - #PSA_KEY_TYPE_CAMELLIA;
* - #PSA_KEY_TYPE_DERIVE;
* - #PSA_KEY_TYPE_HMAC;
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index 674c7d0..20451c9 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -40,17 +40,13 @@
* Hash multi-part operation definitions.
*/
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_RIPEMD160) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_1) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_SHA_224) || \
@@ -66,12 +62,6 @@
union
{
unsigned MBEDTLS_PRIVATE(dummy); /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD2_C)
- mbedtls_md2_context MBEDTLS_PRIVATE(md2);
-#endif
-#if defined(MBEDTLS_MD4_C)
- mbedtls_md4_context MBEDTLS_PRIVATE(md4);
-#endif
#if defined(MBEDTLS_MD5_C)
mbedtls_md5_context MBEDTLS_PRIVATE(md5);
#endif
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index eb16492..32ef1c2 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -69,8 +69,6 @@
#define PSA_WANT_ALG_GCM 1
#define PSA_WANT_ALG_HKDF 1
#define PSA_WANT_ALG_HMAC 1
-#define PSA_WANT_ALG_MD2 1
-#define PSA_WANT_ALG_MD4 1
#define PSA_WANT_ALG_MD5 1
#define PSA_WANT_ALG_OFB 1
/* PBKDF2-HMAC is not yet supported via the PSA API in Mbed TLS.
@@ -118,7 +116,6 @@
#define PSA_WANT_KEY_TYPE_DERIVE 1
#define PSA_WANT_KEY_TYPE_HMAC 1
#define PSA_WANT_KEY_TYPE_AES 1
-#define PSA_WANT_KEY_TYPE_ARC4 1
#define PSA_WANT_KEY_TYPE_CAMELLIA 1
#define PSA_WANT_KEY_TYPE_CHACHA20 1
#define PSA_WANT_KEY_TYPE_DES 1
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 79f9673..15cdb41 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -68,8 +68,6 @@
*/
#define PSA_HASH_LENGTH(alg) \
( \
- PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD2 ? 16 : \
- PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD4 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_MD5 ? 16 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
PSA_ALG_HMAC_GET_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 31a6464..7d2f432 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -481,12 +481,6 @@
* Camellia block cipher. */
#define PSA_KEY_TYPE_CAMELLIA ((psa_key_type_t)0x2403)
-/** Key for the RC4 stream cipher.
- *
- * Note that RC4 is weak and deprecated and should only be used in
- * legacy protocols. */
-#define PSA_KEY_TYPE_ARC4 ((psa_key_type_t)0x2002)
-
/** Key for the ChaCha20 stream cipher or the Chacha20-Poly1305 AEAD algorithm.
*
* ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539.
@@ -850,10 +844,6 @@
(alg) & PSA_ALG_KEY_DERIVATION_STRETCHING_FLAG)
#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
-/** MD2 */
-#define PSA_ALG_MD2 ((psa_algorithm_t)0x02000001)
-/** MD4 */
-#define PSA_ALG_MD4 ((psa_algorithm_t)0x02000002)
/** MD5 */
#define PSA_ALG_MD5 ((psa_algorithm_t)0x02000003)
/** PSA_ALG_RIPEMD160 */
@@ -1115,7 +1105,6 @@
*
* The underlying stream cipher is determined by the key type.
* - To use ChaCha20, use a key type of #PSA_KEY_TYPE_CHACHA20.
- * - To use ARC4, use a key type of #PSA_KEY_TYPE_ARC4.
*/
#define PSA_ALG_STREAM_CIPHER ((psa_algorithm_t)0x04800100)
@@ -2031,6 +2020,27 @@
(PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
PSA_KEY_PERSISTENCE_VOLATILE)
+/** Whether a key lifetime indicates that the key is read-only.
+ *
+ * Read-only keys cannot be created or destroyed through the PSA Crypto API.
+ * They must be created through platform-specific means that bypass the API.
+ *
+ * Some platforms may offer ways to destroy read-only keys. For example,
+ * consider a platform with multiple levels of privilege, where a
+ * low-privilege application can use a key but is not allowed to destroy
+ * it, and the platform exposes the key to the application with a read-only
+ * lifetime. High-privilege code can destroy the key even though the
+ * application sees the key as read-only.
+ *
+ * \param lifetime The lifetime value to query (value of type
+ * ::psa_key_lifetime_t).
+ *
+ * \return \c 1 if the key is read-only, otherwise \c 0.
+ */
+#define PSA_KEY_LIFETIME_IS_READ_ONLY(lifetime) \
+ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \
+ PSA_KEY_PERSISTENCE_READ_ONLY)
+
/** Construct a lifetime from a persistence level and a location.
*
* \param persistence The persistence level
@@ -2151,7 +2161,7 @@
*/
static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
{
- return( ( key.MBEDTLS_PRIVATE(key_id) == 0 ) && ( key.MBEDTLS_PRIVATE(owner) == 0 ) );
+ return( key.MBEDTLS_PRIVATE(key_id) == 0 );
}
#endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index f31820a..d6ecba5 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -13,13 +13,11 @@
set(src_crypto
aes.c
aesni.c
- arc4.c
aria.c
asn1parse.c
asn1write.c
base64.c
bignum.c
- blowfish.c
camellia.c
ccm.c
chacha20.c
@@ -42,8 +40,6 @@
hkdf.c
hmac_drbg.c
md.c
- md2.c
- md4.c
md5.c
memory_buffer_alloc.c
mps_reader.c
@@ -84,7 +80,6 @@
timing.c
version.c
version_features.c
- xtea.c
)
list(APPEND src_crypto ${thirdparty_src})
diff --git a/library/Makefile b/library/Makefile
index 90a477d..62fd997 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -72,13 +72,11 @@
OBJS_CRYPTO= \
aes.o \
aesni.o \
- arc4.o \
aria.o \
asn1parse.o \
asn1write.o \
base64.o \
bignum.o \
- blowfish.o \
camellia.o \
ccm.o \
chacha20.o \
@@ -101,8 +99,6 @@
hkdf.o \
hmac_drbg.o \
md.o \
- md2.o \
- md4.o \
md5.o \
memory_buffer_alloc.o \
mps_reader.o \
@@ -143,7 +139,6 @@
timing.o \
version.o \
version_features.o \
- xtea.o \
# This line is intentionally left blank
include ../3rdparty/Makefile.inc
diff --git a/library/arc4.c b/library/arc4.c
deleted file mode 100644
index b34dc5e..0000000
--- a/library/arc4.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- * An implementation of the ARCFOUR algorithm
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The ARCFOUR algorithm was publicly disclosed on 94/09.
- *
- * http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_ARC4_C)
-
-#include "mbedtls/arc4.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_ARC4_ALT)
-
-void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
-}
-
-void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
-}
-
-/*
- * ARC4 key schedule
- */
-void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
- unsigned int keylen )
-{
- int i, j, a;
- unsigned int k;
- unsigned char *m;
-
- ctx->x = 0;
- ctx->y = 0;
- m = ctx->m;
-
- for( i = 0; i < 256; i++ )
- m[i] = (unsigned char) i;
-
- j = k = 0;
-
- for( i = 0; i < 256; i++, k++ )
- {
- if( k >= keylen ) k = 0;
-
- a = m[i];
- j = ( j + a + key[k] ) & 0xFF;
- m[i] = m[j];
- m[j] = (unsigned char) a;
- }
-}
-
-/*
- * ARC4 cipher function
- */
-int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
- unsigned char *output )
-{
- int x, y, a, b;
- size_t i;
- unsigned char *m;
-
- x = ctx->x;
- y = ctx->y;
- m = ctx->m;
-
- for( i = 0; i < length; i++ )
- {
- x = ( x + 1 ) & 0xFF; a = m[x];
- y = ( y + a ) & 0xFF; b = m[y];
-
- m[x] = (unsigned char) b;
- m[y] = (unsigned char) a;
-
- output[i] = (unsigned char)
- ( input[i] ^ m[(unsigned char)( a + b )] );
- }
-
- ctx->x = x;
- ctx->y = y;
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_ARC4_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-/*
- * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
- *
- * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
- */
-static const unsigned char arc4_test_key[3][8] =
-{
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char arc4_test_pt[3][8] =
-{
- { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char arc4_test_ct[3][8] =
-{
- { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
- { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
- { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_arc4_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char ibuf[8];
- unsigned char obuf[8];
- mbedtls_arc4_context ctx;
-
- mbedtls_arc4_init( &ctx );
-
- for( i = 0; i < 3; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " ARC4 test #%d: ", i + 1 );
-
- memcpy( ibuf, arc4_test_pt[i], 8 );
-
- mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
- mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
-
- if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- ret = 1;
- goto exit;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
-exit:
- mbedtls_arc4_free( &ctx );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_ARC4_C */
diff --git a/library/bignum.c b/library/bignum.c
index c49d63e..10d824f 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -203,7 +203,13 @@
}
/*
- * Copy the contents of Y into X
+ * Copy the contents of Y into X.
+ *
+ * This function is not constant-time. Leading zeros in Y may be removed.
+ *
+ * Ensure that X does not shrink. This is not guaranteed by the public API,
+ * but some code in the bignum module relies on this property, for example
+ * in mbedtls_mpi_exp_mod().
*/
int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y )
{
@@ -217,7 +223,11 @@
if( Y->n == 0 )
{
- mbedtls_mpi_free( X );
+ if( X->n != 0 )
+ {
+ X->s = 1;
+ memset( X->p, 0, X->n * ciL );
+ }
return( 0 );
}
@@ -502,6 +512,12 @@
mbedtls_mpi_init( &T );
+ if( s[0] == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+
if( s[0] == '-' )
{
++s;
@@ -1625,6 +1641,7 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t i, j;
mbedtls_mpi TA, TB;
+ int result_is_zero = 0;
MPI_VALIDATE_RET( X != NULL );
MPI_VALIDATE_RET( A != NULL );
MPI_VALIDATE_RET( B != NULL );
@@ -1637,10 +1654,14 @@
for( i = A->n; i > 0; i-- )
if( A->p[i - 1] != 0 )
break;
+ if( i == 0 )
+ result_is_zero = 1;
for( j = B->n; j > 0; j-- )
if( B->p[j - 1] != 0 )
break;
+ if( j == 0 )
+ result_is_zero = 1;
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, i + j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( X, 0 ) );
@@ -1648,7 +1669,14 @@
for( ; j > 0; j-- )
mpi_mul_hlp( i, A->p, X->p + j - 1, B->p[j - 1] );
- X->s = A->s * B->s;
+ /* If the result is 0, we don't shortcut the operation, which reduces
+ * but does not eliminate side channels leaking the zero-ness. We do
+ * need to take care to set the sign bit properly since the library does
+ * not fully support an MPI object with a value of 0 and s == -1. */
+ if( result_is_zero )
+ X->s = 1;
+ else
+ X->s = A->s * B->s;
cleanup:
@@ -2175,6 +2203,11 @@
#endif
j = N->n + 1;
+ /* All W[i] and X must have at least N->n limbs for the mpi_montmul()
+ * and mpi_montred() calls later. Here we ensure that W[1] and X are
+ * large enough, and later we'll grow other W[i] to the same length.
+ * They must not be shrunk midway through this function!
+ */
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( X, j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], j ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &T, j * 2 ) );
@@ -2209,10 +2242,18 @@
* W[1] = A * R^2 * R^-1 mod N = A * R mod N
*/
if( mbedtls_mpi_cmp_mpi( A, N ) >= 0 )
+ {
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &W[1], A, N ) );
+ /* This should be a no-op because W[1] is already that large before
+ * mbedtls_mpi_mod_mpi(), but it's necessary to avoid an overflow
+ * in mpi_montmul() below, so let's make sure. */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_grow( &W[1], N->n + 1 ) );
+ }
else
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &W[1], A ) );
+ /* Note that this is safe because W[1] always has at least N->n limbs
+ * (it grew above and was preserved by mbedtls_mpi_copy()). */
mpi_montmul( &W[1], &RR, N, mm, &T );
/*
@@ -2368,19 +2409,67 @@
lz = mbedtls_mpi_lsb( &TA );
lzt = mbedtls_mpi_lsb( &TB );
+ /* The loop below gives the correct result when A==0 but not when B==0.
+ * So have a special case for B==0. Leverage the fact that we just
+ * calculated the lsb and lsb(B)==0 iff B is odd or 0 to make the test
+ * slightly more efficient than cmp_int(). */
+ if( lzt == 0 && mbedtls_mpi_get_bit( &TB, 0 ) == 0 )
+ {
+ ret = mbedtls_mpi_copy( G, A );
+ goto cleanup;
+ }
+
if( lzt < lz )
lz = lzt;
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, lz ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, lz ) );
-
TA.s = TB.s = 1;
+ /* We mostly follow the procedure described in HAC 14.54, but with some
+ * minor differences:
+ * - Sequences of multiplications or divisions by 2 are grouped into a
+ * single shift operation.
+ * - The procedure in HAC assumes that 0 < TB <= TA.
+ * - The condition TB <= TA is not actually necessary for correctness.
+ * TA and TB have symmetric roles except for the loop termination
+ * condition, and the shifts at the beginning of the loop body
+ * remove any significance from the ordering of TA vs TB before
+ * the shifts.
+ * - If TA = 0, the loop goes through 0 iterations and the result is
+ * correctly TB.
+ * - The case TB = 0 was short-circuited above.
+ *
+ * For the correctness proof below, decompose the original values of
+ * A and B as
+ * A = sa * 2^a * A' with A'=0 or A' odd, and sa = +-1
+ * B = sb * 2^b * B' with B'=0 or B' odd, and sb = +-1
+ * Then gcd(A, B) = 2^{min(a,b)} * gcd(A',B'),
+ * and gcd(A',B') is odd or 0.
+ *
+ * At the beginning, we have TA = |A| and TB = |B| so gcd(A,B) = gcd(TA,TB).
+ * The code maintains the following invariant:
+ * gcd(A,B) = 2^k * gcd(TA,TB) for some k (I)
+ */
+
+ /* Proof that the loop terminates:
+ * At each iteration, either the right-shift by 1 is made on a nonzero
+ * value and the nonnegative integer bitlen(TA) + bitlen(TB) decreases
+ * by at least 1, or the right-shift by 1 is made on zero and then
+ * TA becomes 0 which ends the loop (TB cannot be 0 if it is right-shifted
+ * since in that case TB is calculated from TB-TA with the condition TB>TA).
+ */
while( mbedtls_mpi_cmp_int( &TA, 0 ) != 0 )
{
+ /* Divisions by 2 preserve the invariant (I). */
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TA, mbedtls_mpi_lsb( &TA ) ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, mbedtls_mpi_lsb( &TB ) ) );
+ /* Set either TA or TB to |TA-TB|/2. Since TA and TB are both odd,
+ * TA-TB is even so the division by 2 has an integer result.
+ * Invariant (I) is preserved since any odd divisor of both TA and TB
+ * also divides |TA-TB|/2, and any odd divisor of both TA and |TA-TB|/2
+ * also divides TB, and any odd divisior of both TB and |TA-TB|/2 also
+ * divides TA.
+ */
if( mbedtls_mpi_cmp_mpi( &TA, &TB ) >= 0 )
{
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TA, &TA, &TB ) );
@@ -2391,8 +2480,18 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( &TB, &TB, &TA ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &TB, 1 ) );
}
+ /* Note that one of TA or TB is still odd. */
}
+ /* By invariant (I), gcd(A,B) = 2^k * gcd(TA,TB) for some k.
+ * At the loop exit, TA = 0, so gcd(TA,TB) = TB.
+ * - If there was at least one loop iteration, then one of TA or TB is odd,
+ * and TA = 0, so TB is odd and gcd(TA,TB) = gcd(A',B'). In this case,
+ * lz = min(a,b) so gcd(A,B) = 2^lz * TB.
+ * - If there was no loop iteration, then A was 0, and gcd(A,B) = B.
+ * In this case, lz = 0 and B = TB so gcd(A,B) = B = 2^lz * TB as well.
+ */
+
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_l( &TB, lz ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( G, &TB ) );
diff --git a/library/blowfish.c b/library/blowfish.c
deleted file mode 100644
index 76da448..0000000
--- a/library/blowfish.c
+++ /dev/null
@@ -1,690 +0,0 @@
-/*
- * Blowfish implementation
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The Blowfish block cipher was designed by Bruce Schneier in 1993.
- * http://www.schneier.com/blowfish.html
- * http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
- *
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_BLOWFISH_C)
-
-#include "mbedtls/blowfish.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if !defined(MBEDTLS_BLOWFISH_ALT)
-
-/* Parameter validation macros */
-#define BLOWFISH_VALIDATE_RET( cond ) \
- MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA )
-#define BLOWFISH_VALIDATE( cond ) \
- MBEDTLS_INTERNAL_VALIDATE( cond )
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
- 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
- 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
- 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
- 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
- 0x9216D5D9L, 0x8979FB1BL
-};
-
-/* declarations of data at the end of this file */
-static const uint32_t S[4][256];
-
-static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
-{
- unsigned short a, b, c, d;
- uint32_t y;
-
- d = (unsigned short)(x & 0xFF);
- x >>= 8;
- c = (unsigned short)(x & 0xFF);
- x >>= 8;
- b = (unsigned short)(x & 0xFF);
- x >>= 8;
- a = (unsigned short)(x & 0xFF);
- y = ctx->S[0][a] + ctx->S[1][b];
- y = y ^ ctx->S[2][c];
- y = y + ctx->S[3][d];
-
- return( y );
-}
-
-static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
-{
- uint32_t Xl, Xr, temp;
- short i;
-
- Xl = *xl;
- Xr = *xr;
-
- for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
- {
- Xl = Xl ^ ctx->P[i];
- Xr = F( ctx, Xl ) ^ Xr;
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
- }
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
-
- Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
- Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
-
- *xl = Xl;
- *xr = Xr;
-}
-
-static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
-{
- uint32_t Xl, Xr, temp;
- short i;
-
- Xl = *xl;
- Xr = *xr;
-
- for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
- {
- Xl = Xl ^ ctx->P[i];
- Xr = F( ctx, Xl ) ^ Xr;
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
- }
-
- temp = Xl;
- Xl = Xr;
- Xr = temp;
-
- Xr = Xr ^ ctx->P[1];
- Xl = Xl ^ ctx->P[0];
-
- *xl = Xl;
- *xr = Xr;
-}
-
-void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
-{
- BLOWFISH_VALIDATE( ctx != NULL );
- memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
-}
-
-void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
-}
-
-/*
- * Blowfish key schedule
- */
-int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx,
- const unsigned char *key,
- unsigned int keybits )
-{
- unsigned int i, j, k;
- uint32_t data, datal, datar;
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( key != NULL );
-
- if( keybits < MBEDTLS_BLOWFISH_MIN_KEY_BITS ||
- keybits > MBEDTLS_BLOWFISH_MAX_KEY_BITS ||
- keybits % 8 != 0 )
- {
- return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
- }
-
- keybits >>= 3;
-
- for( i = 0; i < 4; i++ )
- {
- for( j = 0; j < 256; j++ )
- ctx->S[i][j] = S[i][j];
- }
-
- j = 0;
- for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
- {
- data = 0x00000000;
- for( k = 0; k < 4; ++k )
- {
- data = ( data << 8 ) | key[j++];
- if( j >= keybits )
- j = 0;
- }
- ctx->P[i] = P[i] ^ data;
- }
-
- datal = 0x00000000;
- datar = 0x00000000;
-
- for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
- {
- blowfish_enc( ctx, &datal, &datar );
- ctx->P[i] = datal;
- ctx->P[i + 1] = datar;
- }
-
- for( i = 0; i < 4; i++ )
- {
- for( j = 0; j < 256; j += 2 )
- {
- blowfish_enc( ctx, &datal, &datar );
- ctx->S[i][j] = datal;
- ctx->S[i][j + 1] = datar;
- }
- }
- return( 0 );
-}
-
-/*
- * Blowfish-ECB block encryption/decryption
- */
-int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
- int mode,
- const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
-{
- uint32_t X0, X1;
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
- mode == MBEDTLS_BLOWFISH_DECRYPT );
- BLOWFISH_VALIDATE_RET( input != NULL );
- BLOWFISH_VALIDATE_RET( output != NULL );
-
- GET_UINT32_BE( X0, input, 0 );
- GET_UINT32_BE( X1, input, 4 );
-
- if( mode == MBEDTLS_BLOWFISH_DECRYPT )
- {
- blowfish_dec( ctx, &X0, &X1 );
- }
- else /* MBEDTLS_BLOWFISH_ENCRYPT */
- {
- blowfish_enc( ctx, &X0, &X1 );
- }
-
- PUT_UINT32_BE( X0, output, 0 );
- PUT_UINT32_BE( X1, output, 4 );
-
- return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * Blowfish-CBC buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output )
-{
- int i;
- unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
- mode == MBEDTLS_BLOWFISH_DECRYPT );
- BLOWFISH_VALIDATE_RET( iv != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
- if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
- return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
-
- if( mode == MBEDTLS_BLOWFISH_DECRYPT )
- {
- while( length > 0 )
- {
- memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
- mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
-
- for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
- output[i] = (unsigned char)( output[i] ^ iv[i] );
-
- memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
-
- input += MBEDTLS_BLOWFISH_BLOCKSIZE;
- output += MBEDTLS_BLOWFISH_BLOCKSIZE;
- length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
- else
- {
- while( length > 0 )
- {
- for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
- output[i] = (unsigned char)( input[i] ^ iv[i] );
-
- mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
- memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
-
- input += MBEDTLS_BLOWFISH_BLOCKSIZE;
- output += MBEDTLS_BLOWFISH_BLOCKSIZE;
- length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
-
- return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-/*
- * Blowfish CFB buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output )
-{
- int c;
- size_t n;
-
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( mode == MBEDTLS_BLOWFISH_ENCRYPT ||
- mode == MBEDTLS_BLOWFISH_DECRYPT );
- BLOWFISH_VALIDATE_RET( iv != NULL );
- BLOWFISH_VALIDATE_RET( iv_off != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
- n = *iv_off;
- if( n >= 8 )
- return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-
- if( mode == MBEDTLS_BLOWFISH_DECRYPT )
- {
- while( length-- )
- {
- if( n == 0 )
- mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
-
- c = *input++;
- *output++ = (unsigned char)( c ^ iv[n] );
- iv[n] = (unsigned char) c;
-
- n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
- else
- {
- while( length-- )
- {
- if( n == 0 )
- mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
-
- iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
-
- n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
- }
-
- *iv_off = n;
-
- return( 0 );
-}
-#endif /*MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-/*
- * Blowfish CTR buffer encryption/decryption
- */
-int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
- unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
- const unsigned char *input,
- unsigned char *output )
-{
- int c, i;
- size_t n;
- BLOWFISH_VALIDATE_RET( ctx != NULL );
- BLOWFISH_VALIDATE_RET( nonce_counter != NULL );
- BLOWFISH_VALIDATE_RET( stream_block != NULL );
- BLOWFISH_VALIDATE_RET( nc_off != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || input != NULL );
- BLOWFISH_VALIDATE_RET( length == 0 || output != NULL );
-
- n = *nc_off;
- if( n >= 8 )
- return( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA );
-
- while( length-- )
- {
- if( n == 0 ) {
- mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
- stream_block );
-
- for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
- if( ++nonce_counter[i - 1] != 0 )
- break;
- }
- c = *input++;
- *output++ = (unsigned char)( c ^ stream_block[n] );
-
- n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
- }
-
- *nc_off = n;
-
- return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static const uint32_t S[4][256] = {
- { 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
- 0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
- 0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
- 0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
- 0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
- 0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
- 0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
- 0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
- 0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
- 0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
- 0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
- 0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
- 0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
- 0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
- 0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
- 0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
- 0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
- 0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
- 0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
- 0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
- 0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
- 0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
- 0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
- 0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
- 0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
- 0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
- 0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
- 0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
- 0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
- 0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
- 0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
- 0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
- 0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
- 0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
- 0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
- 0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
- 0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
- 0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
- 0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
- 0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
- 0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
- 0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
- 0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
- 0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
- 0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
- 0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
- 0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
- 0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
- 0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
- 0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
- 0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
- 0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
- 0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
- 0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
- 0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
- 0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
- 0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
- 0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
- 0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
- 0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
- 0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
- 0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
- 0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
- 0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL },
- { 0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
- 0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
- 0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
- 0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
- 0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
- 0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
- 0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
- 0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
- 0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
- 0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
- 0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
- 0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
- 0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
- 0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
- 0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
- 0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
- 0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
- 0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
- 0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
- 0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
- 0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
- 0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
- 0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
- 0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
- 0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
- 0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
- 0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
- 0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
- 0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
- 0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
- 0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
- 0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
- 0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
- 0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
- 0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
- 0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
- 0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
- 0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
- 0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
- 0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
- 0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
- 0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
- 0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
- 0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
- 0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
- 0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
- 0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
- 0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
- 0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
- 0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
- 0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
- 0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
- 0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
- 0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
- 0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
- 0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
- 0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
- 0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
- 0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
- 0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
- 0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
- 0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
- 0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
- 0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L },
- { 0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
- 0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
- 0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
- 0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
- 0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
- 0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
- 0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
- 0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
- 0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
- 0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
- 0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
- 0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
- 0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
- 0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
- 0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
- 0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
- 0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
- 0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
- 0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
- 0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
- 0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
- 0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
- 0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
- 0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
- 0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
- 0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
- 0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
- 0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
- 0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
- 0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
- 0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
- 0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
- 0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
- 0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
- 0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
- 0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
- 0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
- 0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
- 0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
- 0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
- 0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
- 0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
- 0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
- 0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
- 0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
- 0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
- 0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
- 0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
- 0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
- 0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
- 0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
- 0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
- 0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
- 0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
- 0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
- 0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
- 0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
- 0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
- 0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
- 0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
- 0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
- 0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
- 0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
- 0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L },
- { 0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
- 0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
- 0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
- 0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
- 0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
- 0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
- 0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
- 0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
- 0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
- 0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
- 0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
- 0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
- 0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
- 0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
- 0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
- 0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
- 0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
- 0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
- 0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
- 0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
- 0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
- 0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
- 0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
- 0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
- 0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
- 0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
- 0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
- 0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
- 0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
- 0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
- 0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
- 0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
- 0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
- 0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
- 0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
- 0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
- 0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
- 0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
- 0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
- 0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
- 0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
- 0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
- 0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
- 0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
- 0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
- 0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
- 0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
- 0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
- 0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
- 0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
- 0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
- 0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
- 0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
- 0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
- 0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
- 0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
- 0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
- 0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
- 0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
- 0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
- 0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
- 0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
- 0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
- 0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L }
-};
-
-#endif /* !MBEDTLS_BLOWFISH_ALT */
-#endif /* MBEDTLS_BLOWFISH_C */
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 7f23387..5776d5e 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -36,10 +36,6 @@
#include "mbedtls/aes.h"
#endif
-#if defined(MBEDTLS_ARC4_C)
-#include "mbedtls/arc4.h"
-#endif
-
#if defined(MBEDTLS_CAMELLIA_C)
#include "mbedtls/camellia.h"
#endif
@@ -52,10 +48,6 @@
#include "mbedtls/des.h"
#endif
-#if defined(MBEDTLS_BLOWFISH_C)
-#include "mbedtls/blowfish.h"
-#endif
-
#if defined(MBEDTLS_CHACHA20_C)
#include "mbedtls/chacha20.h"
#endif
@@ -1674,225 +1666,6 @@
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* MBEDTLS_DES_C */
-#if defined(MBEDTLS_BLOWFISH_C)
-
-static int blowfish_crypt_ecb_wrap( void *ctx, mbedtls_operation_t operation,
- const unsigned char *input, unsigned char *output )
-{
- return mbedtls_blowfish_crypt_ecb( (mbedtls_blowfish_context *) ctx, operation, input,
- output );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static int blowfish_crypt_cbc_wrap( void *ctx, mbedtls_operation_t operation,
- size_t length, unsigned char *iv, const unsigned char *input,
- unsigned char *output )
-{
- return mbedtls_blowfish_crypt_cbc( (mbedtls_blowfish_context *) ctx, operation, length, iv,
- input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static int blowfish_crypt_cfb64_wrap( void *ctx, mbedtls_operation_t operation,
- size_t length, size_t *iv_off, unsigned char *iv,
- const unsigned char *input, unsigned char *output )
-{
- return mbedtls_blowfish_crypt_cfb64( (mbedtls_blowfish_context *) ctx, operation, length,
- iv_off, iv, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static int blowfish_crypt_ctr_wrap( void *ctx, size_t length, size_t *nc_off,
- unsigned char *nonce_counter, unsigned char *stream_block,
- const unsigned char *input, unsigned char *output )
-{
- return mbedtls_blowfish_crypt_ctr( (mbedtls_blowfish_context *) ctx, length, nc_off,
- nonce_counter, stream_block, input, output );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-
-static int blowfish_setkey_wrap( void *ctx, const unsigned char *key,
- unsigned int key_bitlen )
-{
- return mbedtls_blowfish_setkey( (mbedtls_blowfish_context *) ctx, key, key_bitlen );
-}
-
-static void * blowfish_ctx_alloc( void )
-{
- mbedtls_blowfish_context *ctx;
- ctx = mbedtls_calloc( 1, sizeof( mbedtls_blowfish_context ) );
-
- if( ctx == NULL )
- return( NULL );
-
- mbedtls_blowfish_init( ctx );
-
- return( ctx );
-}
-
-static void blowfish_ctx_free( void *ctx )
-{
- mbedtls_blowfish_free( (mbedtls_blowfish_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t blowfish_info = {
- MBEDTLS_CIPHER_ID_BLOWFISH,
- blowfish_crypt_ecb_wrap,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- blowfish_crypt_cbc_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- blowfish_crypt_cfb64_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
- blowfish_crypt_ctr_wrap,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
- NULL,
-#endif
- blowfish_setkey_wrap,
- blowfish_setkey_wrap,
- blowfish_ctx_alloc,
- blowfish_ctx_free
-};
-
-static const mbedtls_cipher_info_t blowfish_ecb_info = {
- MBEDTLS_CIPHER_BLOWFISH_ECB,
- MBEDTLS_MODE_ECB,
- 128,
- "BLOWFISH-ECB",
- 0,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-static const mbedtls_cipher_info_t blowfish_cbc_info = {
- MBEDTLS_CIPHER_BLOWFISH_CBC,
- MBEDTLS_MODE_CBC,
- 128,
- "BLOWFISH-CBC",
- 8,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
-static const mbedtls_cipher_info_t blowfish_cfb64_info = {
- MBEDTLS_CIPHER_BLOWFISH_CFB64,
- MBEDTLS_MODE_CFB,
- 128,
- "BLOWFISH-CFB64",
- 8,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
-static const mbedtls_cipher_info_t blowfish_ctr_info = {
- MBEDTLS_CIPHER_BLOWFISH_CTR,
- MBEDTLS_MODE_CTR,
- 128,
- "BLOWFISH-CTR",
- 8,
- MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
- 8,
- &blowfish_info
-};
-#endif /* MBEDTLS_CIPHER_MODE_CTR */
-#endif /* MBEDTLS_BLOWFISH_C */
-
-#if defined(MBEDTLS_ARC4_C)
-static int arc4_crypt_stream_wrap( void *ctx, size_t length,
- const unsigned char *input,
- unsigned char *output )
-{
- return( mbedtls_arc4_crypt( (mbedtls_arc4_context *) ctx, length, input, output ) );
-}
-
-static int arc4_setkey_wrap( void *ctx, const unsigned char *key,
- unsigned int key_bitlen )
-{
- /* we get key_bitlen in bits, arc4 expects it in bytes */
- if( key_bitlen % 8 != 0 )
- return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
-
- mbedtls_arc4_setup( (mbedtls_arc4_context *) ctx, key, key_bitlen / 8 );
- return( 0 );
-}
-
-static void * arc4_ctx_alloc( void )
-{
- mbedtls_arc4_context *ctx;
- ctx = mbedtls_calloc( 1, sizeof( mbedtls_arc4_context ) );
-
- if( ctx == NULL )
- return( NULL );
-
- mbedtls_arc4_init( ctx );
-
- return( ctx );
-}
-
-static void arc4_ctx_free( void *ctx )
-{
- mbedtls_arc4_free( (mbedtls_arc4_context *) ctx );
- mbedtls_free( ctx );
-}
-
-static const mbedtls_cipher_base_t arc4_base_info = {
- MBEDTLS_CIPHER_ID_ARC4,
- NULL,
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_OFB)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_XTS)
- NULL,
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_STREAM)
- arc4_crypt_stream_wrap,
-#endif
- arc4_setkey_wrap,
- arc4_setkey_wrap,
- arc4_ctx_alloc,
- arc4_ctx_free
-};
-
-static const mbedtls_cipher_info_t arc4_128_info = {
- MBEDTLS_CIPHER_ARC4_128,
- MBEDTLS_MODE_STREAM,
- 128,
- "ARC4-128",
- 0,
- 0,
- 1,
- &arc4_base_info
-};
-#endif /* MBEDTLS_ARC4_C */
-
#if defined(MBEDTLS_CHACHA20_C)
static int chacha20_setkey_wrap( void *ctx, const unsigned char *key,
@@ -2285,23 +2058,6 @@
#endif
#endif /* MBEDTLS_AES_C */
-#if defined(MBEDTLS_ARC4_C)
- { MBEDTLS_CIPHER_ARC4_128, &arc4_128_info },
-#endif
-
-#if defined(MBEDTLS_BLOWFISH_C)
- { MBEDTLS_CIPHER_BLOWFISH_ECB, &blowfish_ecb_info },
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- { MBEDTLS_CIPHER_BLOWFISH_CBC, &blowfish_cbc_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- { MBEDTLS_CIPHER_BLOWFISH_CFB64, &blowfish_cfb64_info },
-#endif
-#if defined(MBEDTLS_CIPHER_MODE_CTR)
- { MBEDTLS_CIPHER_BLOWFISH_CTR, &blowfish_ctr_info },
-#endif
-#endif /* MBEDTLS_BLOWFISH_C */
-
#if defined(MBEDTLS_CAMELLIA_C)
{ MBEDTLS_CIPHER_CAMELLIA_128_ECB, &camellia_128_ecb_info },
{ MBEDTLS_CIPHER_CAMELLIA_192_ECB, &camellia_192_ecb_info },
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 602ec69..b664fb0 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -304,7 +304,7 @@
}
/* CTR_DRBG_Instantiate with derivation function (SP 800-90A §10.2.1.3.2)
- * mbedtls_ctr_drbg_update_ret(ctx, additional, add_len)
+ * mbedtls_ctr_drbg_update(ctx, additional, add_len)
* implements
* CTR_DRBG_Instantiate(entropy_input, nonce, personalization_string,
* security_strength) -> initial_working_state
@@ -315,7 +315,7 @@
* and with outputs
* ctx = initial_working_state
*/
-int mbedtls_ctr_drbg_update_ret( mbedtls_ctr_drbg_context *ctx,
+int mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional,
size_t add_len )
{
@@ -657,7 +657,7 @@
fclose( f );
f = NULL;
- ret = mbedtls_ctr_drbg_update_ret( ctx, buf, n );
+ ret = mbedtls_ctr_drbg_update( ctx, buf, n );
exit:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
diff --git a/library/debug.c b/library/debug.c
index 4be2cba..fa60d13 100644
--- a/library/debug.c
+++ b/library/debug.c
@@ -220,8 +220,8 @@
const char *text, const mbedtls_mpi *X )
{
char str[DEBUG_BUF_SIZE];
- int j, k, zeros = 1;
- size_t i, n, idx = 0;
+ size_t bitlen;
+ size_t idx = 0;
if( NULL == ssl ||
NULL == ssl->conf ||
@@ -232,55 +232,43 @@
return;
}
- for( n = X->n - 1; n > 0; n-- )
- if( X->p[n] != 0 )
- break;
+ bitlen = mbedtls_mpi_bitlen( X );
- for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
- if( ( ( X->p[n] >> j ) & 1 ) != 0 )
- break;
-
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "value of '%s' (%d bits) is:\n",
- text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
-
+ mbedtls_snprintf( str, sizeof( str ), "value of '%s' (%u bits) is:\n",
+ text, (unsigned) bitlen );
debug_send_line( ssl, level, file, line, str );
- idx = 0;
- for( i = n + 1, j = 0; i > 0; i-- )
+ if( bitlen == 0 )
{
- if( zeros && X->p[i - 1] == 0 )
- continue;
-
- for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
+ str[0] = ' '; str[1] = '0'; str[2] = '0';
+ idx = 3;
+ }
+ else
+ {
+ int n;
+ for( n = (int) ( ( bitlen - 1 ) / 8 ); n >= 0; n-- )
{
- if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
- continue;
- else
- zeros = 0;
-
- if( j % 16 == 0 )
+ size_t limb_offset = n / sizeof( mbedtls_mpi_uint );
+ size_t offset_in_limb = n % sizeof( mbedtls_mpi_uint );
+ unsigned char octet =
+ ( X->p[limb_offset] >> ( offset_in_limb * 8 ) ) & 0xff;
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", octet );
+ idx += 3;
+ /* Wrap lines after 16 octets that each take 3 columns */
+ if( idx >= 3 * 16 )
{
- if( j > 0 )
- {
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
- debug_send_line( ssl, level, file, line, str );
- idx = 0;
- }
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+ debug_send_line( ssl, level, file, line, str );
+ idx = 0;
}
-
- idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " %02x", (unsigned int)
- ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
-
- j++;
}
-
}
- if( zeros == 1 )
- idx += mbedtls_snprintf( str + idx, sizeof( str ) - idx, " 00" );
-
- mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
- debug_send_line( ssl, level, file, line, str );
+ if( idx != 0 )
+ {
+ mbedtls_snprintf( str + idx, sizeof( str ) - idx, "\n" );
+ debug_send_line( ssl, level, file, line, str );
+ }
}
#endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/dhm.c b/library/dhm.c
index e88f3a2..29ce755 100644
--- a/library/dhm.c
+++ b/library/dhm.c
@@ -444,6 +444,9 @@
DHM_VALIDATE_RET( output != NULL );
DHM_VALIDATE_RET( olen != NULL );
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
+
if( output_size < mbedtls_dhm_get_len( ctx ) )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
@@ -453,25 +456,17 @@
mbedtls_mpi_init( &GYb );
/* Blind peer's value */
- if( f_rng != NULL )
- {
- MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
- }
- else
- MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );
+ MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
/* Do modular exponentiation */
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
&ctx->P, &ctx->RP ) );
/* Unblind secret value */
- if( f_rng != NULL )
- {
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
- }
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
/* Output the secret without any leading zero byte. This is mandatory
* for TLS per RFC 5246 §8.1.2. */
diff --git a/library/ecjpake.c b/library/ecjpake.c
index de43ddb..d229311 100644
--- a/library/ecjpake.c
+++ b/library/ecjpake.c
@@ -962,6 +962,28 @@
0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
};
+/*
+ * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!!
+ *
+ * This is the linear congruential generator from numerical recipes,
+ * except we only use the low byte as the output. See
+ * https://en.wikipedia.org/wiki/Linear_congruential_generator#Parameters_in_common_use
+ */
+static int self_test_rng( void *ctx, unsigned char *out, size_t len )
+{
+ static uint32_t state = 42;
+
+ (void) ctx;
+
+ for( size_t i = 0; i < len; i++ )
+ {
+ state = state * 1664525u + 1013904223u;
+ out[i] = (unsigned char) state;
+ }
+
+ return( 0 );
+}
+
/* Load my private keys and generate the corresponding public keys */
static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
const unsigned char *xm1, size_t len1,
@@ -972,9 +994,9 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm1, &ctx->xm1,
- &ctx->grp.G, NULL, NULL ) );
+ &ctx->grp.G, self_test_rng, NULL ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &ctx->grp, &ctx->Xm2, &ctx->xm2,
- &ctx->grp.G, NULL, NULL ) );
+ &ctx->grp.G, self_test_rng, NULL ) );
cleanup:
return( ret );
diff --git a/library/ecp.c b/library/ecp.c
index 044bbe1..3dc1378 100644
--- a/library/ecp.c
+++ b/library/ecp.c
@@ -101,16 +101,6 @@
#include "ecp_internal_alt.h"
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-#if defined(MBEDTLS_HMAC_DRBG_C)
-#include "mbedtls/hmac_drbg.h"
-#elif defined(MBEDTLS_CTR_DRBG_C)
-#include "mbedtls/ctr_drbg.h"
-#else
-#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
-#endif
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
@@ -124,144 +114,6 @@
static unsigned long add_count, dbl_count, mul_count;
#endif
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
-/*
- * Currently ecp_mul() takes a RNG function as an argument, used for
- * side-channel protection, but it can be NULL. The initial reasoning was
- * that people will pass non-NULL RNG when they care about side-channels, but
- * unfortunately we have some APIs that call ecp_mul() with a NULL RNG, with
- * no opportunity for the user to do anything about it.
- *
- * The obvious strategies for addressing that include:
- * - change those APIs so that they take RNG arguments;
- * - require a global RNG to be available to all crypto modules.
- *
- * Unfortunately those would break compatibility. So what we do instead is
- * have our own internal DRBG instance, seeded from the secret scalar.
- *
- * The following is a light-weight abstraction layer for doing that with
- * HMAC_DRBG (first choice) or CTR_DRBG.
- */
-
-#if defined(MBEDTLS_HMAC_DRBG_C)
-
-/* DRBG context type */
-typedef mbedtls_hmac_drbg_context ecp_drbg_context;
-
-/* DRBG context init */
-static inline void ecp_drbg_init( ecp_drbg_context *ctx )
-{
- mbedtls_hmac_drbg_init( ctx );
-}
-
-/* DRBG context free */
-static inline void ecp_drbg_free( ecp_drbg_context *ctx )
-{
- mbedtls_hmac_drbg_free( ctx );
-}
-
-/* DRBG function */
-static inline int ecp_drbg_random( void *p_rng,
- unsigned char *output, size_t output_len )
-{
- return( mbedtls_hmac_drbg_random( p_rng, output, output_len ) );
-}
-
-/* DRBG context seeding */
-static int ecp_drbg_seed( ecp_drbg_context *ctx,
- const mbedtls_mpi *secret, size_t secret_len )
-{
- int ret;
- unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
- /* The list starts with strong hashes */
- const mbedtls_md_type_t md_type = mbedtls_md_list()[0];
- const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_type );
-
- if( secret_len > MBEDTLS_ECP_MAX_BYTES )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
- secret_bytes, secret_len ) );
-
- ret = mbedtls_hmac_drbg_seed_buf( ctx, md_info, secret_bytes, secret_len );
-
-cleanup:
- mbedtls_platform_zeroize( secret_bytes, secret_len );
-
- return( ret );
-}
-
-#elif defined(MBEDTLS_CTR_DRBG_C)
-
-/* DRBG context type */
-typedef mbedtls_ctr_drbg_context ecp_drbg_context;
-
-/* DRBG context init */
-static inline void ecp_drbg_init( ecp_drbg_context *ctx )
-{
- mbedtls_ctr_drbg_init( ctx );
-}
-
-/* DRBG context free */
-static inline void ecp_drbg_free( ecp_drbg_context *ctx )
-{
- mbedtls_ctr_drbg_free( ctx );
-}
-
-/* DRBG function */
-static inline int ecp_drbg_random( void *p_rng,
- unsigned char *output, size_t output_len )
-{
- return( mbedtls_ctr_drbg_random( p_rng, output, output_len ) );
-}
-
-/*
- * Since CTR_DRBG doesn't have a seed_buf() function the way HMAC_DRBG does,
- * we need to pass an entropy function when seeding. So we use a dummy
- * function for that, and pass the actual entropy as customisation string.
- * (During seeding of CTR_DRBG the entropy input and customisation string are
- * concatenated before being used to update the secret state.)
- */
-static int ecp_ctr_drbg_null_entropy(void *ctx, unsigned char *out, size_t len)
-{
- (void) ctx;
- memset( out, 0, len );
- return( 0 );
-}
-
-/* DRBG context seeding */
-static int ecp_drbg_seed( ecp_drbg_context *ctx,
- const mbedtls_mpi *secret, size_t secret_len )
-{
- int ret;
- unsigned char secret_bytes[MBEDTLS_ECP_MAX_BYTES];
-
- if( secret_len > MBEDTLS_ECP_MAX_BYTES )
- {
- ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
- goto cleanup;
- }
-
- MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( secret,
- secret_bytes, secret_len ) );
-
- ret = mbedtls_ctr_drbg_seed( ctx, ecp_ctr_drbg_null_entropy, NULL,
- secret_bytes, secret_len );
-
-cleanup:
- mbedtls_platform_zeroize( secret_bytes, secret_len );
-
- return( ret );
-}
-
-#else
-#error "Invalid configuration detected. Include check_config.h to ensure that the configuration is valid."
-#endif /* DRBG modules */
-#endif /* MBEDTLS_ECP_NO_INTERNAL_RNG */
-
#if defined(MBEDTLS_ECP_RESTARTABLE)
/*
* Maximum number of "basic operations" to be done in a row.
@@ -309,10 +161,6 @@
ecp_rsm_comb_core, /* ecp_mul_comb_core() */
ecp_rsm_final_norm, /* do the final normalization */
} state;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_context drbg_ctx;
- unsigned char drbg_seeded;
-#endif
};
/*
@@ -325,10 +173,6 @@
ctx->T = NULL;
ctx->T_size = 0;
ctx->state = ecp_rsm_init;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_init( &ctx->drbg_ctx );
- ctx->drbg_seeded = 0;
-#endif
}
/*
@@ -350,10 +194,6 @@
mbedtls_free( ctx->T );
}
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_free( &ctx->drbg_ctx );
-#endif
-
ecp_restart_rsm_init( ctx );
}
@@ -509,9 +349,9 @@
* - readable name
*
* Curves are listed in order: largest curves first, and for a given size,
- * fastest curves first. This provides the default order for the SSL module.
+ * fastest curves first.
*
- * Reminder: update profiles in x509_crt.c when adding a new curves!
+ * Reminder: update profiles in x509_crt.c and ssl_tls.c when adding a new curve!
*/
static const mbedtls_ecp_curve_info ecp_supported_curves[] =
{
@@ -2068,9 +1908,7 @@
i = d;
MBEDTLS_MPI_CHK( ecp_select_comb( grp, R, T, T_size, x[i] ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &R->Z, 1 ) );
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != 0 )
-#endif
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, R, f_rng, p_rng ) );
}
@@ -2204,9 +2042,7 @@
*
* Avoid the leak by randomizing coordinates before we normalize them.
*/
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng != 0 )
-#endif
MBEDTLS_MPI_CHK( ecp_randomize_jac( grp, RR, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_jac( grp, RR ) );
@@ -2286,42 +2122,9 @@
size_t d;
unsigned char T_size = 0, T_ok = 0;
mbedtls_ecp_point *T = NULL;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_context drbg_ctx;
-
- ecp_drbg_init( &drbg_ctx );
-#endif
ECP_RS_ENTER( rsm );
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- if( f_rng == NULL )
- {
- /* Adjust pointers */
- f_rng = &ecp_drbg_random;
-#if defined(MBEDTLS_ECP_RESTARTABLE)
- if( rs_ctx != NULL && rs_ctx->rsm != NULL )
- p_rng = &rs_ctx->rsm->drbg_ctx;
- else
-#endif
- p_rng = &drbg_ctx;
-
- /* Initialize internal DRBG if necessary */
-#if defined(MBEDTLS_ECP_RESTARTABLE)
- if( rs_ctx == NULL || rs_ctx->rsm == NULL ||
- rs_ctx->rsm->drbg_seeded == 0 )
-#endif
- {
- const size_t m_len = ( grp->nbits + 7 ) / 8;
- MBEDTLS_MPI_CHK( ecp_drbg_seed( p_rng, m, m_len ) );
- }
-#if defined(MBEDTLS_ECP_RESTARTABLE)
- if( rs_ctx != NULL && rs_ctx->rsm != NULL )
- rs_ctx->rsm->drbg_seeded = 1;
-#endif
- }
-#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
-
/* Is P the base point ? */
#if MBEDTLS_ECP_FIXED_POINT_OPTIM == 1
p_eq_g = ( mbedtls_mpi_cmp_mpi( &P->Y, &grp->G.Y ) == 0 &&
@@ -2393,10 +2196,6 @@
cleanup:
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_free( &drbg_ctx );
-#endif
-
/* does T belong to the group? */
if( T == grp->T )
T = NULL;
@@ -2583,22 +2382,10 @@
unsigned char b;
mbedtls_ecp_point RP;
mbedtls_mpi PX;
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_context drbg_ctx;
-
- ecp_drbg_init( &drbg_ctx );
-#endif
mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX );
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
if( f_rng == NULL )
- {
- const size_t m_len = ( grp->nbits + 7 ) / 8;
- MBEDTLS_MPI_CHK( ecp_drbg_seed( &drbg_ctx, m, m_len ) );
- f_rng = &ecp_drbg_random;
- p_rng = &drbg_ctx;
- }
-#endif /* !MBEDTLS_ECP_NO_INTERNAL_RNG */
+ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/* Save PX and read from P before writing to R, in case P == R */
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) );
@@ -2613,10 +2400,7 @@
MOD_ADD( RP.X );
/* Randomize coordinates of the starting point */
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- if( f_rng != NULL )
-#endif
- MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
/* Loop invariant: R = result so far, RP = R + P */
i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */
@@ -2648,18 +2432,10 @@
*
* Avoid the leak by randomizing coordinates before we normalize them.
*/
-#if defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- if( f_rng != NULL )
-#endif
- MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
-
+ MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
cleanup:
-#if !defined(MBEDTLS_ECP_NO_INTERNAL_RNG)
- ecp_drbg_free( &drbg_ctx );
-#endif
-
mbedtls_ecp_point_free( &RP ); mbedtls_mpi_free( &PX );
return( ret );
@@ -2669,8 +2445,11 @@
/*
* Restartable multiplication R = m * P
+ *
+ * This internal function can be called without an RNG in case where we know
+ * the inputs are not sensitive.
*/
-int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+static int ecp_mul_restartable_internal( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_ecp_restart_ctx *rs_ctx )
@@ -2679,10 +2458,6 @@
#if defined(MBEDTLS_ECP_INTERNAL_ALT)
char is_grp_capable = 0;
#endif
- ECP_VALIDATE_RET( grp != NULL );
- ECP_VALIDATE_RET( R != NULL );
- ECP_VALIDATE_RET( m != NULL );
- ECP_VALIDATE_RET( P != NULL );
#if defined(MBEDTLS_ECP_RESTARTABLE)
/* reset ops count for this call if top-level */
@@ -2736,6 +2511,25 @@
}
/*
+ * Restartable multiplication R = m * P
+ */
+int mbedtls_ecp_mul_restartable( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
+ const mbedtls_mpi *m, const mbedtls_ecp_point *P,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+ mbedtls_ecp_restart_ctx *rs_ctx )
+{
+ ECP_VALIDATE_RET( grp != NULL );
+ ECP_VALIDATE_RET( R != NULL );
+ ECP_VALIDATE_RET( m != NULL );
+ ECP_VALIDATE_RET( P != NULL );
+
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
+
+ return( ecp_mul_restartable_internal( grp, R, m, P, f_rng, p_rng, rs_ctx ) );
+}
+
+/*
* Multiplication R = m * P
*/
int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
@@ -2828,8 +2622,8 @@
}
else
{
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul_restartable( grp, R, m, P,
- NULL, NULL, rs_ctx ) );
+ MBEDTLS_MPI_CHK( ecp_mul_restartable_internal( grp, R, m, P,
+ NULL, NULL, rs_ctx ) );
}
cleanup:
@@ -3272,7 +3066,9 @@
/*
* Check a public-private key pair
*/
-int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv )
+int mbedtls_ecp_check_pub_priv(
+ const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_point Q;
@@ -3296,7 +3092,7 @@
mbedtls_ecp_group_copy( &grp, &prv->grp );
/* Also checks d is valid */
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &Q, &prv->d, &prv->grp.G, f_rng, p_rng ) );
if( mbedtls_mpi_cmp_mpi( &Q.X, &prv->Q.X ) ||
mbedtls_mpi_cmp_mpi( &Q.Y, &prv->Q.Y ) ||
@@ -3315,6 +3111,28 @@
#if defined(MBEDTLS_SELF_TEST)
+/*
+ * PRNG for test - !!!INSECURE NEVER USE IN PRODUCTION!!!
+ *
+ * This is the linear congruential generator from numerical recipes,
+ * except we only use the low byte as the output. See
+ * https://en.wikipedia.org/wiki/Linear_congruential_generator#Parameters_in_common_use
+ */
+static int self_test_rng( void *ctx, unsigned char *out, size_t len )
+{
+ static uint32_t state = 42;
+
+ (void) ctx;
+
+ for( size_t i = 0; i < len; i++ )
+ {
+ state = state * 1664525u + 1013904223u;
+ out[i] = (unsigned char) state;
+ }
+
+ return( 0 );
+}
+
/* Adjust the exponent to be a valid private point for the specified curve.
* This is sometimes necessary because we use a single set of exponents
* for all curves but the validity of values depends on the curve. */
@@ -3370,7 +3188,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[0] ) );
MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, self_test_rng, NULL ) );
for( i = 1; i < n_exponents; i++ )
{
@@ -3383,7 +3201,7 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_read_string( m, 16, exponents[i] ) );
MBEDTLS_MPI_CHK( self_test_adjust_exponent( grp, m ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, R, m, P, self_test_rng, NULL ) );
if( add_count != add_c_prev ||
dbl_count != dbl_c_prev ||
@@ -3461,7 +3279,7 @@
mbedtls_printf( " ECP SW test #1 (constant op_count, base point G): " );
/* Do a dummy multiplication first to trigger precomputation */
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &m, 2 ) );
- MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, NULL, NULL ) );
+ MBEDTLS_MPI_CHK( mbedtls_ecp_mul( &grp, &P, &m, &grp.G, self_test_rng, NULL ) );
ret = self_test_point( verbose,
&grp, &R, &m, &grp.G,
sw_exponents,
diff --git a/library/entropy.c b/library/entropy.c
index cc68628..9e31f84 100644
--- a/library/entropy.c
+++ b/library/entropy.c
@@ -73,11 +73,6 @@
MBEDTLS_ENTROPY_MIN_PLATFORM,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
-#if defined(MBEDTLS_TIMING_C)
- mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
- MBEDTLS_ENTROPY_MIN_HARDCLOCK,
- MBEDTLS_ENTROPY_SOURCE_WEAK );
-#endif
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
MBEDTLS_ENTROPY_MIN_HARDWARE,
@@ -164,10 +159,10 @@
if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
{
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
- if( ( ret = mbedtls_sha512_ret( data, len, tmp, 0 ) ) != 0 )
+ if( ( ret = mbedtls_sha512( data, len, tmp, 0 ) ) != 0 )
goto cleanup;
#else
- if( ( ret = mbedtls_sha256_ret( data, len, tmp, 0 ) ) != 0 )
+ if( ( ret = mbedtls_sha256( data, len, tmp, 0 ) ) != 0 )
goto cleanup;
#endif
p = tmp;
@@ -184,22 +179,22 @@
*/
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
if( ctx->accumulator_started == 0 &&
- ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+ ( ret = mbedtls_sha512_starts( &ctx->accumulator, 0 ) ) != 0 )
goto cleanup;
else
ctx->accumulator_started = 1;
- if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
+ if( ( ret = mbedtls_sha512_update( &ctx->accumulator, header, 2 ) ) != 0 )
goto cleanup;
- ret = mbedtls_sha512_update_ret( &ctx->accumulator, p, use_len );
+ ret = mbedtls_sha512_update( &ctx->accumulator, p, use_len );
#else
if( ctx->accumulator_started == 0 &&
- ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+ ( ret = mbedtls_sha256_starts( &ctx->accumulator, 0 ) ) != 0 )
goto cleanup;
else
ctx->accumulator_started = 1;
- if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, header, 2 ) ) != 0 )
+ if( ( ret = mbedtls_sha256_update( &ctx->accumulator, header, 2 ) ) != 0 )
goto cleanup;
- ret = mbedtls_sha256_update_ret( &ctx->accumulator, p, use_len );
+ ret = mbedtls_sha256_update( &ctx->accumulator, p, use_len );
#endif
cleanup:
@@ -361,7 +356,7 @@
* in a previous call to entropy_update(). If this is not guaranteed, the
* code below will fail.
*/
- if( ( ret = mbedtls_sha512_finish_ret( &ctx->accumulator, buf ) ) != 0 )
+ if( ( ret = mbedtls_sha512_finish( &ctx->accumulator, buf ) ) != 0 )
goto exit;
/*
@@ -369,20 +364,20 @@
*/
mbedtls_sha512_free( &ctx->accumulator );
mbedtls_sha512_init( &ctx->accumulator );
- if( ( ret = mbedtls_sha512_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+ if( ( ret = mbedtls_sha512_starts( &ctx->accumulator, 0 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha512_update_ret( &ctx->accumulator, buf,
+ if( ( ret = mbedtls_sha512_update( &ctx->accumulator, buf,
MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit;
/*
* Perform second SHA-512 on entropy
*/
- if( ( ret = mbedtls_sha512_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+ if( ( ret = mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
buf, 0 ) ) != 0 )
goto exit;
#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
- if( ( ret = mbedtls_sha256_finish_ret( &ctx->accumulator, buf ) ) != 0 )
+ if( ( ret = mbedtls_sha256_finish( &ctx->accumulator, buf ) ) != 0 )
goto exit;
/*
@@ -390,16 +385,16 @@
*/
mbedtls_sha256_free( &ctx->accumulator );
mbedtls_sha256_init( &ctx->accumulator );
- if( ( ret = mbedtls_sha256_starts_ret( &ctx->accumulator, 0 ) ) != 0 )
+ if( ( ret = mbedtls_sha256_starts( &ctx->accumulator, 0 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha256_update_ret( &ctx->accumulator, buf,
+ if( ( ret = mbedtls_sha256_update( &ctx->accumulator, buf,
MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit;
/*
* Perform second SHA-256 on entropy
*/
- if( ( ret = mbedtls_sha256_ret( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
+ if( ( ret = mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE,
buf, 0 ) ) != 0 )
goto exit;
#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index e5d75c5..bccc034 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -211,24 +211,6 @@
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
-#if defined(MBEDTLS_TIMING_C)
-int mbedtls_hardclock_poll( void *data,
- unsigned char *output, size_t len, size_t *olen )
-{
- unsigned long timer = mbedtls_timing_hardclock();
- ((void) data);
- *olen = 0;
-
- if( len < sizeof(unsigned long) )
- return( 0 );
-
- memcpy( output, &timer, sizeof(unsigned long) );
- *olen = sizeof(unsigned long);
-
- return( 0 );
-}
-#endif /* MBEDTLS_TIMING_C */
-
#if defined(MBEDTLS_ENTROPY_NV_SEED)
int mbedtls_nv_seed_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
diff --git a/library/entropy_poll.h b/library/entropy_poll.h
index 9120fe5..bf26889 100644
--- a/library/entropy_poll.h
+++ b/library/entropy_poll.h
@@ -38,7 +38,6 @@
* Default thresholds for built-in sources, in bytes
*/
#define MBEDTLS_ENTROPY_MIN_PLATFORM 32 /**< Minimum for platform source */
-#define MBEDTLS_ENTROPY_MIN_HARDCLOCK 4 /**< Minimum for mbedtls_timing_hardclock() */
#if !defined(MBEDTLS_ENTROPY_MIN_HARDWARE)
#define MBEDTLS_ENTROPY_MIN_HARDWARE 32 /**< Minimum for the hardware source */
#endif
@@ -51,14 +50,6 @@
unsigned char *output, size_t len, size_t *olen );
#endif
-#if defined(MBEDTLS_TIMING_C)
-/**
- * \brief mbedtls_timing_hardclock-based entropy poll callback
- */
-int mbedtls_hardclock_poll( void *data,
- unsigned char *output, size_t len, size_t *olen );
-#endif
-
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
/**
* \brief Entropy poll callback for a hardware source
diff --git a/library/gcm.c b/library/gcm.c
index 2bd9071..8fa4ee7 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -281,7 +281,7 @@
GCM_VALIDATE_RET( ctx != NULL );
GCM_VALIDATE_RET( iv != NULL );
- /* IV is are limited to 2^64 bits, so 2^61 bytes */
+ /* IV is limited to 2^64 bits, so 2^61 bytes */
/* IV is not allowed to be zero length */
if( iv_len == 0 || (uint64_t) iv_len >> 61 != 0 )
return( MBEDTLS_ERR_GCM_BAD_INPUT );
@@ -332,36 +332,72 @@
return( 0 );
}
-
+/**
+ * mbedtls_gcm_context::buf contains the partial state of the computation of
+ * the authentication tag.
+ * mbedtls_gcm_context::add_len and mbedtls_gcm_context::len indicate
+ * different stages of the computation:
+ * * len == 0 && add_len == 0: initial state
+ * * len == 0 && add_len % 16 != 0: the first `add_len % 16` bytes have
+ * a partial block of AD that has been
+ * xored in but not yet multiplied in.
+ * * len == 0 && add_len % 16 == 0: the authentication tag is correct if
+ * the data ends now.
+ * * len % 16 != 0: the first `len % 16` bytes have
+ * a partial block of ciphertext that has
+ * been xored in but not yet multiplied in.
+ * * len > 0 && len % 16 == 0: the authentication tag is correct if
+ * the data ends now.
+ */
int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
const unsigned char *add, size_t add_len )
{
const unsigned char *p;
- size_t use_len, i;
+ size_t use_len, i, offset;
GCM_VALIDATE_RET( add_len == 0 || add != NULL );
- /* IV is are limited to 2^64 bits, so 2^61 bytes */
+ /* IV is limited to 2^64 bits, so 2^61 bytes */
if( (uint64_t) add_len >> 61 != 0 )
return( MBEDTLS_ERR_GCM_BAD_INPUT );
- /* Calling update_ad multiple times is not yet supported */
- if( ctx->add_len != 0 )
- return( MBEDTLS_ERR_GCM_BAD_INPUT );
-
- ctx->add_len = add_len;
+ offset = ctx->add_len % 16;
p = add;
- while( add_len > 0 )
+
+ if( offset != 0 )
{
- use_len = ( add_len < 16 ) ? add_len : 16;
+ use_len = 16 - offset;
+ if( use_len > add_len )
+ use_len = add_len;
for( i = 0; i < use_len; i++ )
+ ctx->buf[i+offset] ^= p[i];
+
+ if( offset + use_len == 16 )
+ gcm_mult( ctx, ctx->buf, ctx->buf );
+
+ ctx->add_len += use_len;
+ add_len -= use_len;
+ p += use_len;
+ }
+
+ ctx->add_len += add_len;
+
+ while( add_len >= 16 )
+ {
+ for( i = 0; i < 16; i++ )
ctx->buf[i] ^= p[i];
gcm_mult( ctx, ctx->buf, ctx->buf );
- add_len -= use_len;
- p += use_len;
+ add_len -= 16;
+ p += 16;
+ }
+
+ if( add_len > 0 )
+ {
+ for( i = 0; i < add_len; i++ )
+ ctx->buf[i] ^= p[i];
}
return( 0 );
@@ -423,7 +459,9 @@
*output_length = input_length;
/* Exit early if input_length==0 so that we don't do any pointer arithmetic
- * on a potentially null pointer. */
+ * on a potentially null pointer.
+ * Returning early also means that the last partial block of AD remains
+ * untouched for mbedtls_gcm_finish */
if( input_length == 0 )
return( 0 );
@@ -442,6 +480,11 @@
return( MBEDTLS_ERR_GCM_BAD_INPUT );
}
+ if( ctx->len == 0 && ctx->add_len % 16 != 0 )
+ {
+ gcm_mult( ctx, ctx->buf, ctx->buf );
+ }
+
offset = ctx->len % 16;
if( offset != 0 )
{
@@ -507,6 +550,11 @@
orig_len = ctx->len * 8;
orig_add_len = ctx->add_len * 8;
+ if( ctx->len == 0 && ctx->add_len % 16 != 0 )
+ {
+ gcm_mult( ctx, ctx->buf, ctx->buf );
+ }
+
if( tag_len > 16 || tag_len < 4 )
return( MBEDTLS_ERR_GCM_BAD_INPUT );
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 7e1b4fb..ab353bf 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -59,7 +59,7 @@
/*
* HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
-int mbedtls_hmac_drbg_update_ret( mbedtls_hmac_drbg_context *ctx,
+int mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional,
size_t add_len )
{
@@ -130,7 +130,7 @@
return( ret );
memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) );
- if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, data, data_len ) ) != 0 )
+ if( ( ret = mbedtls_hmac_drbg_update( ctx, data, data_len ) ) != 0 )
return( ret );
return( 0 );
@@ -205,7 +205,7 @@
}
/* 2. Update state */
- if( ( ret = mbedtls_hmac_drbg_update_ret( ctx, seed, seedlen ) ) != 0 )
+ if( ( ret = mbedtls_hmac_drbg_update( ctx, seed, seedlen ) ) != 0 )
goto exit;
/* 3. Reset reseed_counter */
@@ -348,7 +348,7 @@
/* 2. Use additional data if any */
if( additional != NULL && add_len != 0 )
{
- if( ( ret = mbedtls_hmac_drbg_update_ret( ctx,
+ if( ( ret = mbedtls_hmac_drbg_update( ctx,
additional, add_len ) ) != 0 )
goto exit;
}
@@ -372,7 +372,7 @@
}
/* 6. Update */
- if( ( ret = mbedtls_hmac_drbg_update_ret( ctx,
+ if( ( ret = mbedtls_hmac_drbg_update( ctx,
additional, add_len ) ) != 0 )
goto exit;
@@ -479,7 +479,7 @@
fclose( f );
f = NULL;
- ret = mbedtls_hmac_drbg_update_ret( ctx, buf, n );
+ ret = mbedtls_hmac_drbg_update( ctx, buf, n );
exit:
mbedtls_platform_zeroize( buf, sizeof( buf ) );
diff --git a/library/md.c b/library/md.c
index 28261ac..a228789 100644
--- a/library/md.c
+++ b/library/md.c
@@ -30,8 +30,6 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/error.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
@@ -52,24 +50,6 @@
#include <stdio.h>
#endif
-#if defined(MBEDTLS_MD2_C)
-const mbedtls_md_info_t mbedtls_md2_info = {
- "MD2",
- MBEDTLS_MD_MD2,
- 16,
- 16,
-};
-#endif
-
-#if defined(MBEDTLS_MD4_C)
-const mbedtls_md_info_t mbedtls_md4_info = {
- "MD4",
- MBEDTLS_MD_MD4,
- 16,
- 64,
-};
-#endif
-
#if defined(MBEDTLS_MD5_C)
const mbedtls_md_info_t mbedtls_md5_info = {
"MD5",
@@ -165,14 +145,6 @@
MBEDTLS_MD_MD5,
#endif
-#if defined(MBEDTLS_MD4_C)
- MBEDTLS_MD_MD4,
-#endif
-
-#if defined(MBEDTLS_MD2_C)
- MBEDTLS_MD_MD2,
-#endif
-
MBEDTLS_MD_NONE
};
@@ -187,14 +159,6 @@
return( NULL );
/* Get the appropriate digest information */
-#if defined(MBEDTLS_MD2_C)
- if( !strcmp( "MD2", md_name ) )
- return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
-#endif
-#if defined(MBEDTLS_MD4_C)
- if( !strcmp( "MD4", md_name ) )
- return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
-#endif
#if defined(MBEDTLS_MD5_C)
if( !strcmp( "MD5", md_name ) )
return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
@@ -230,14 +194,6 @@
{
switch( md_type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( &mbedtls_md4_info );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( &mbedtls_md5_info );
@@ -285,16 +241,6 @@
{
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- mbedtls_md2_free( ctx->md_ctx );
- break;
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- mbedtls_md4_free( ctx->md_ctx );
- break;
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
mbedtls_md5_free( ctx->md_ctx );
@@ -359,16 +305,6 @@
switch( src->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- mbedtls_md2_clone( dst->md_ctx, src->md_ctx );
- break;
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- mbedtls_md4_clone( dst->md_ctx, src->md_ctx );
- break;
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
mbedtls_md5_clone( dst->md_ctx, src->md_ctx );
@@ -431,16 +367,6 @@
switch( md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- ALLOC( md2 );
- break;
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- ALLOC( md4 );
- break;
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
ALLOC( md5 );
@@ -501,41 +427,33 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_starts_ret( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_starts_ret( ctx->md_ctx ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
- return( mbedtls_md5_starts_ret( ctx->md_ctx ) );
+ return( mbedtls_md5_starts( ctx->md_ctx ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
case MBEDTLS_MD_RIPEMD160:
- return( mbedtls_ripemd160_starts_ret( ctx->md_ctx ) );
+ return( mbedtls_ripemd160_starts( ctx->md_ctx ) );
#endif
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_MD_SHA1:
- return( mbedtls_sha1_starts_ret( ctx->md_ctx ) );
+ return( mbedtls_sha1_starts( ctx->md_ctx ) );
#endif
#if defined(MBEDTLS_SHA224_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_sha256_starts_ret( ctx->md_ctx, 1 ) );
+ return( mbedtls_sha256_starts( ctx->md_ctx, 1 ) );
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA256:
- return( mbedtls_sha256_starts_ret( ctx->md_ctx, 0 ) );
+ return( mbedtls_sha256_starts( ctx->md_ctx, 0 ) );
#endif
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_MD_SHA384:
- return( mbedtls_sha512_starts_ret( ctx->md_ctx, 1 ) );
+ return( mbedtls_sha512_starts( ctx->md_ctx, 1 ) );
#endif
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512:
- return( mbedtls_sha512_starts_ret( ctx->md_ctx, 0 ) );
+ return( mbedtls_sha512_starts( ctx->md_ctx, 0 ) );
#endif
default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@@ -549,41 +467,33 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_update_ret( ctx->md_ctx, input, ilen ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
- return( mbedtls_md5_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_md5_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
case MBEDTLS_MD_RIPEMD160:
- return( mbedtls_ripemd160_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_ripemd160_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_MD_SHA1:
- return( mbedtls_sha1_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_sha1_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA224_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA256:
- return( mbedtls_sha256_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_sha256_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_MD_SHA384:
- return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
#endif
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512:
- return( mbedtls_sha512_update_ret( ctx->md_ctx, input, ilen ) );
+ return( mbedtls_sha512_update( ctx->md_ctx, input, ilen ) );
#endif
default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@@ -597,41 +507,33 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_finish_ret( ctx->md_ctx, output ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_finish_ret( ctx->md_ctx, output ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
- return( mbedtls_md5_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_md5_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
case MBEDTLS_MD_RIPEMD160:
- return( mbedtls_ripemd160_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_ripemd160_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_MD_SHA1:
- return( mbedtls_sha1_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_sha1_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA224_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_sha256_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA256:
- return( mbedtls_sha256_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_sha256_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_MD_SHA384:
- return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
#endif
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512:
- return( mbedtls_sha512_finish_ret( ctx->md_ctx, output ) );
+ return( mbedtls_sha512_finish( ctx->md_ctx, output ) );
#endif
default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@@ -646,41 +548,33 @@
switch( md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_md2_ret( input, ilen, output ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_md4_ret( input, ilen, output ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
- return( mbedtls_md5_ret( input, ilen, output ) );
+ return( mbedtls_md5( input, ilen, output ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
case MBEDTLS_MD_RIPEMD160:
- return( mbedtls_ripemd160_ret( input, ilen, output ) );
+ return( mbedtls_ripemd160( input, ilen, output ) );
#endif
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_MD_SHA1:
- return( mbedtls_sha1_ret( input, ilen, output ) );
+ return( mbedtls_sha1( input, ilen, output ) );
#endif
#if defined(MBEDTLS_SHA224_C)
case MBEDTLS_MD_SHA224:
- return( mbedtls_sha256_ret( input, ilen, output, 1 ) );
+ return( mbedtls_sha256( input, ilen, output, 1 ) );
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA256:
- return( mbedtls_sha256_ret( input, ilen, output, 0 ) );
+ return( mbedtls_sha256( input, ilen, output, 0 ) );
#endif
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_MD_SHA384:
- return( mbedtls_sha512_ret( input, ilen, output, 1 ) );
+ return( mbedtls_sha512( input, ilen, output, 1 ) );
#endif
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512:
- return( mbedtls_sha512_ret( input, ilen, output, 0 ) );
+ return( mbedtls_sha512( input, ilen, output, 0 ) );
#endif
default:
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
@@ -858,14 +752,6 @@
switch( ctx->md_info->type )
{
-#if defined(MBEDTLS_MD2_C)
- case MBEDTLS_MD_MD2:
- return( mbedtls_internal_md2_process( ctx->md_ctx ) );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case MBEDTLS_MD_MD4:
- return( mbedtls_internal_md4_process( ctx->md_ctx, data ) );
-#endif
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( mbedtls_internal_md5_process( ctx->md_ctx, data ) );
diff --git a/library/md2.c b/library/md2.c
deleted file mode 100644
index a11bc0f..0000000
--- a/library/md2.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/*
- * RFC 1115/1319 compliant MD2 implementation
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The MD2 algorithm was designed by Ron Rivest in 1989.
- *
- * http://www.ietf.org/rfc/rfc1115.txt
- * http://www.ietf.org/rfc/rfc1319.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD2_C)
-
-#include "mbedtls/md2.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD2_ALT)
-
-static const unsigned char PI_SUBST[256] =
-{
- 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36,
- 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3,
- 0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C,
- 0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
- 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E,
- 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E,
- 0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2,
- 0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
- 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E,
- 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3,
- 0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56,
- 0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
- 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D,
- 0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65,
- 0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0,
- 0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
- 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C,
- 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E,
- 0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81,
- 0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
- 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88,
- 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE,
- 0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58,
- 0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
- 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99,
- 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
-};
-
-void mbedtls_md2_init( mbedtls_md2_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_md2_context ) );
-}
-
-void mbedtls_md2_free( mbedtls_md2_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md2_context ) );
-}
-
-void mbedtls_md2_clone( mbedtls_md2_context *dst,
- const mbedtls_md2_context *src )
-{
- *dst = *src;
-}
-
-/*
- * MD2 context setup
- */
-int mbedtls_md2_starts_ret( mbedtls_md2_context *ctx )
-{
- memset( ctx->cksum, 0, 16 );
- memset( ctx->state, 0, 46 );
- memset( ctx->buffer, 0, 16 );
- ctx->left = 0;
-
- return( 0 );
-}
-
-#if !defined(MBEDTLS_MD2_PROCESS_ALT)
-int mbedtls_internal_md2_process( mbedtls_md2_context *ctx )
-{
- int i, j;
- unsigned char t = 0;
-
- for( i = 0; i < 16; i++ )
- {
- ctx->state[i + 16] = ctx->buffer[i];
- ctx->state[i + 32] =
- (unsigned char)( ctx->buffer[i] ^ ctx->state[i]);
- }
-
- for( i = 0; i < 18; i++ )
- {
- for( j = 0; j < 48; j++ )
- {
- ctx->state[j] = (unsigned char)
- ( ctx->state[j] ^ PI_SUBST[t] );
- t = ctx->state[j];
- }
-
- t = (unsigned char)( t + i );
- }
-
- t = ctx->cksum[15];
-
- for( i = 0; i < 16; i++ )
- {
- ctx->cksum[i] = (unsigned char)
- ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] );
- t = ctx->cksum[i];
- }
-
- /* Zeroise variables to clear sensitive data from memory. */
- mbedtls_platform_zeroize( &t, sizeof( t ) );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD2_PROCESS_ALT */
-
-/*
- * MD2 process buffer
- */
-int mbedtls_md2_update_ret( mbedtls_md2_context *ctx,
- const unsigned char *input,
- size_t ilen )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t fill;
-
- while( ilen > 0 )
- {
- if( ilen > 16 - ctx->left )
- fill = 16 - ctx->left;
- else
- fill = ilen;
-
- memcpy( ctx->buffer + ctx->left, input, fill );
-
- ctx->left += fill;
- input += fill;
- ilen -= fill;
-
- if( ctx->left == 16 )
- {
- ctx->left = 0;
- if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
- return( ret );
- }
- }
-
- return( 0 );
-}
-
-/*
- * MD2 final digest
- */
-int mbedtls_md2_finish_ret( mbedtls_md2_context *ctx,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t i;
- unsigned char x;
-
- x = (unsigned char)( 16 - ctx->left );
-
- for( i = ctx->left; i < 16; i++ )
- ctx->buffer[i] = x;
-
- if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
- return( ret );
-
- memcpy( ctx->buffer, ctx->cksum, 16 );
- if( ( ret = mbedtls_internal_md2_process( ctx ) ) != 0 )
- return( ret );
-
- memcpy( output, ctx->state, 16 );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD2_ALT */
-
-/*
- * output = MD2( input buffer )
- */
-int mbedtls_md2_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_md2_context ctx;
-
- mbedtls_md2_init( &ctx );
-
- if( ( ret = mbedtls_md2_starts_ret( &ctx ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md2_update_ret( &ctx, input, ilen ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md2_finish_ret( &ctx, output ) ) != 0 )
- goto exit;
-
-exit:
- mbedtls_md2_free( &ctx );
-
- return( ret );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * RFC 1319 test vectors
- */
-static const unsigned char md2_test_str[7][81] =
-{
- { "" },
- { "a" },
- { "abc" },
- { "message digest" },
- { "abcdefghijklmnopqrstuvwxyz" },
- { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
- { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md2_test_strlen[7] =
-{
- 0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md2_test_sum[7][16] =
-{
- { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D,
- 0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 },
- { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72,
- 0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 },
- { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B,
- 0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB },
- { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B,
- 0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 },
- { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB,
- 0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B },
- { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39,
- 0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD },
- { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D,
- 0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md2_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char md2sum[16];
-
- for( i = 0; i < 7; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " MD2 test #%d: ", i + 1 );
-
- ret = mbedtls_md2_ret( md2_test_str[i], md2_test_strlen[i], md2sum );
- if( ret != 0 )
- goto fail;
-
- if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
- {
- ret = 1;
- goto fail;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
- return( 0 );
-
-fail:
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD2_C */
diff --git a/library/md4.c b/library/md4.c
deleted file mode 100644
index c366c0d..0000000
--- a/library/md4.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/*
- * RFC 1186/1320 compliant MD4 implementation
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * The MD4 algorithm was designed by Ron Rivest in 1990.
- *
- * http://www.ietf.org/rfc/rfc1186.txt
- * http://www.ietf.org/rfc/rfc1320.txt
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_MD4_C)
-
-#include "mbedtls/md4.h"
-#include "mbedtls/platform_util.h"
-#include "mbedtls/error.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_MD4_ALT)
-
-/*
- * 32-bit integer manipulation macros (little endian)
- */
-#ifndef GET_UINT32_LE
-#define GET_UINT32_LE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] ) \
- | ( (uint32_t) (b)[(i) + 1] << 8 ) \
- | ( (uint32_t) (b)[(i) + 2] << 16 ) \
- | ( (uint32_t) (b)[(i) + 3] << 24 ); \
-}
-#endif
-
-#ifndef PUT_UINT32_LE
-#define PUT_UINT32_LE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
- (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
- (b)[(i) + 2] = (unsigned char) ( ( (n) >> 16 ) & 0xFF ); \
- (b)[(i) + 3] = (unsigned char) ( ( (n) >> 24 ) & 0xFF ); \
-}
-#endif
-
-void mbedtls_md4_init( mbedtls_md4_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_md4_context ) );
-}
-
-void mbedtls_md4_free( mbedtls_md4_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md4_context ) );
-}
-
-void mbedtls_md4_clone( mbedtls_md4_context *dst,
- const mbedtls_md4_context *src )
-{
- *dst = *src;
-}
-
-/*
- * MD4 context setup
- */
-int mbedtls_md4_starts_ret( mbedtls_md4_context *ctx )
-{
- ctx->total[0] = 0;
- ctx->total[1] = 0;
-
- ctx->state[0] = 0x67452301;
- ctx->state[1] = 0xEFCDAB89;
- ctx->state[2] = 0x98BADCFE;
- ctx->state[3] = 0x10325476;
-
- return( 0 );
-}
-
-#if !defined(MBEDTLS_MD4_PROCESS_ALT)
-int mbedtls_internal_md4_process( mbedtls_md4_context *ctx,
- const unsigned char data[64] )
-{
- struct
- {
- uint32_t X[16], A, B, C, D;
- } local;
-
- GET_UINT32_LE( local.X[ 0], data, 0 );
- GET_UINT32_LE( local.X[ 1], data, 4 );
- GET_UINT32_LE( local.X[ 2], data, 8 );
- GET_UINT32_LE( local.X[ 3], data, 12 );
- GET_UINT32_LE( local.X[ 4], data, 16 );
- GET_UINT32_LE( local.X[ 5], data, 20 );
- GET_UINT32_LE( local.X[ 6], data, 24 );
- GET_UINT32_LE( local.X[ 7], data, 28 );
- GET_UINT32_LE( local.X[ 8], data, 32 );
- GET_UINT32_LE( local.X[ 9], data, 36 );
- GET_UINT32_LE( local.X[10], data, 40 );
- GET_UINT32_LE( local.X[11], data, 44 );
- GET_UINT32_LE( local.X[12], data, 48 );
- GET_UINT32_LE( local.X[13], data, 52 );
- GET_UINT32_LE( local.X[14], data, 56 );
- GET_UINT32_LE( local.X[15], data, 60 );
-
-#define S(x,n) (((x) << (n)) | (((x) & 0xFFFFFFFF) >> (32 - (n))))
-
- local.A = ctx->state[0];
- local.B = ctx->state[1];
- local.C = ctx->state[2];
- local.D = ctx->state[3];
-
-#define F(x, y, z) (((x) & (y)) | ((~(x)) & (z)))
-#define P(a,b,c,d,x,s) \
- do \
- { \
- (a) += F((b),(c),(d)) + (x); \
- (a) = S((a),(s)); \
- } while( 0 )
-
-
- P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 1], 7 );
- P( local.C, local.D, local.A, local.B, local.X[ 2], 11 );
- P( local.B, local.C, local.D, local.A, local.X[ 3], 19 );
- P( local.A, local.B, local.C, local.D, local.X[ 4], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 5], 7 );
- P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
- P( local.B, local.C, local.D, local.A, local.X[ 7], 19 );
- P( local.A, local.B, local.C, local.D, local.X[ 8], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 9], 7 );
- P( local.C, local.D, local.A, local.B, local.X[10], 11 );
- P( local.B, local.C, local.D, local.A, local.X[11], 19 );
- P( local.A, local.B, local.C, local.D, local.X[12], 3 );
- P( local.D, local.A, local.B, local.C, local.X[13], 7 );
- P( local.C, local.D, local.A, local.B, local.X[14], 11 );
- P( local.B, local.C, local.D, local.A, local.X[15], 19 );
-
-#undef P
-#undef F
-
-#define F(x,y,z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
-#define P(a,b,c,d,x,s) \
- do \
- { \
- (a) += F((b),(c),(d)) + (x) + 0x5A827999; \
- (a) = S((a),(s)); \
- } while( 0 )
-
- P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 4], 5 );
- P( local.C, local.D, local.A, local.B, local.X[ 8], 9 );
- P( local.B, local.C, local.D, local.A, local.X[12], 13 );
- P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 5], 5 );
- P( local.C, local.D, local.A, local.B, local.X[ 9], 9 );
- P( local.B, local.C, local.D, local.A, local.X[13], 13 );
- P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 6], 5 );
- P( local.C, local.D, local.A, local.B, local.X[10], 9 );
- P( local.B, local.C, local.D, local.A, local.X[14], 13 );
- P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 7], 5 );
- P( local.C, local.D, local.A, local.B, local.X[11], 9 );
- P( local.B, local.C, local.D, local.A, local.X[15], 13 );
-
-#undef P
-#undef F
-
-#define F(x,y,z) ((x) ^ (y) ^ (z))
-#define P(a,b,c,d,x,s) \
- do \
- { \
- (a) += F((b),(c),(d)) + (x) + 0x6ED9EBA1; \
- (a) = S((a),(s)); \
- } while( 0 )
-
- P( local.A, local.B, local.C, local.D, local.X[ 0], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 8], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 4], 11 );
- P( local.B, local.C, local.D, local.A, local.X[12], 15 );
- P( local.A, local.B, local.C, local.D, local.X[ 2], 3 );
- P( local.D, local.A, local.B, local.C, local.X[10], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 6], 11 );
- P( local.B, local.C, local.D, local.A, local.X[14], 15 );
- P( local.A, local.B, local.C, local.D, local.X[ 1], 3 );
- P( local.D, local.A, local.B, local.C, local.X[ 9], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 5], 11 );
- P( local.B, local.C, local.D, local.A, local.X[13], 15 );
- P( local.A, local.B, local.C, local.D, local.X[ 3], 3 );
- P( local.D, local.A, local.B, local.C, local.X[11], 9 );
- P( local.C, local.D, local.A, local.B, local.X[ 7], 11 );
- P( local.B, local.C, local.D, local.A, local.X[15], 15 );
-
-#undef F
-#undef P
-
- ctx->state[0] += local.A;
- ctx->state[1] += local.B;
- ctx->state[2] += local.C;
- ctx->state[3] += local.D;
-
- /* Zeroise variables to clear sensitive data from memory. */
- mbedtls_platform_zeroize( &local, sizeof( local ) );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD4_PROCESS_ALT */
-
-/*
- * MD4 process buffer
- */
-int mbedtls_md4_update_ret( mbedtls_md4_context *ctx,
- const unsigned char *input,
- size_t ilen )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t fill;
- uint32_t left;
-
- if( ilen == 0 )
- return( 0 );
-
- left = ctx->total[0] & 0x3F;
- fill = 64 - left;
-
- ctx->total[0] += (uint32_t) ilen;
- ctx->total[0] &= 0xFFFFFFFF;
-
- if( ctx->total[0] < (uint32_t) ilen )
- ctx->total[1]++;
-
- if( left && ilen >= fill )
- {
- memcpy( (void *) (ctx->buffer + left),
- (void *) input, fill );
-
- if( ( ret = mbedtls_internal_md4_process( ctx, ctx->buffer ) ) != 0 )
- return( ret );
-
- input += fill;
- ilen -= fill;
- left = 0;
- }
-
- while( ilen >= 64 )
- {
- if( ( ret = mbedtls_internal_md4_process( ctx, input ) ) != 0 )
- return( ret );
-
- input += 64;
- ilen -= 64;
- }
-
- if( ilen > 0 )
- {
- memcpy( (void *) (ctx->buffer + left),
- (void *) input, ilen );
- }
-
- return( 0 );
-}
-
-static const unsigned char md4_padding[64] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * MD4 final digest
- */
-int mbedtls_md4_finish_ret( mbedtls_md4_context *ctx,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- uint32_t last, padn;
- uint32_t high, low;
- unsigned char msglen[8];
-
- high = ( ctx->total[0] >> 29 )
- | ( ctx->total[1] << 3 );
- low = ( ctx->total[0] << 3 );
-
- PUT_UINT32_LE( low, msglen, 0 );
- PUT_UINT32_LE( high, msglen, 4 );
-
- last = ctx->total[0] & 0x3F;
- padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
-
- ret = mbedtls_md4_update_ret( ctx, (unsigned char *)md4_padding, padn );
- if( ret != 0 )
- return( ret );
-
- if( ( ret = mbedtls_md4_update_ret( ctx, msglen, 8 ) ) != 0 )
- return( ret );
-
-
- PUT_UINT32_LE( ctx->state[0], output, 0 );
- PUT_UINT32_LE( ctx->state[1], output, 4 );
- PUT_UINT32_LE( ctx->state[2], output, 8 );
- PUT_UINT32_LE( ctx->state[3], output, 12 );
-
- return( 0 );
-}
-
-#endif /* !MBEDTLS_MD4_ALT */
-
-/*
- * output = MD4( input buffer )
- */
-int mbedtls_md4_ret( const unsigned char *input,
- size_t ilen,
- unsigned char output[16] )
-{
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- mbedtls_md4_context ctx;
-
- mbedtls_md4_init( &ctx );
-
- if( ( ret = mbedtls_md4_starts_ret( &ctx ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md4_update_ret( &ctx, input, ilen ) ) != 0 )
- goto exit;
-
- if( ( ret = mbedtls_md4_finish_ret( &ctx, output ) ) != 0 )
- goto exit;
-
-exit:
- mbedtls_md4_free( &ctx );
-
- return( ret );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * RFC 1320 test vectors
- */
-static const unsigned char md4_test_str[7][81] =
-{
- { "" },
- { "a" },
- { "abc" },
- { "message digest" },
- { "abcdefghijklmnopqrstuvwxyz" },
- { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
- { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" }
-};
-
-static const size_t md4_test_strlen[7] =
-{
- 0, 1, 3, 14, 26, 62, 80
-};
-
-static const unsigned char md4_test_sum[7][16] =
-{
- { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31,
- 0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 },
- { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46,
- 0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 },
- { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52,
- 0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D },
- { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8,
- 0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B },
- { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD,
- 0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 },
- { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35,
- 0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 },
- { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19,
- 0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_md4_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char md4sum[16];
-
- for( i = 0; i < 7; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " MD4 test #%d: ", i + 1 );
-
- ret = mbedtls_md4_ret( md4_test_str[i], md4_test_strlen[i], md4sum );
- if( ret != 0 )
- goto fail;
-
- if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
- {
- ret = 1;
- goto fail;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
- return( 0 );
-
-fail:
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_MD4_C */
diff --git a/library/md5.c b/library/md5.c
index 019b7f4..d7f8cee 100644
--- a/library/md5.c
+++ b/library/md5.c
@@ -88,7 +88,7 @@
/*
* MD5 context setup
*/
-int mbedtls_md5_starts_ret( mbedtls_md5_context *ctx )
+int mbedtls_md5_starts( mbedtls_md5_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@@ -242,7 +242,7 @@
/*
* MD5 process buffer
*/
-int mbedtls_md5_update_ret( mbedtls_md5_context *ctx,
+int mbedtls_md5_update( mbedtls_md5_context *ctx,
const unsigned char *input,
size_t ilen )
{
@@ -293,7 +293,7 @@
/*
* MD5 final digest
*/
-int mbedtls_md5_finish_ret( mbedtls_md5_context *ctx,
+int mbedtls_md5_finish( mbedtls_md5_context *ctx,
unsigned char output[16] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -352,7 +352,7 @@
/*
* output = MD5( input buffer )
*/
-int mbedtls_md5_ret( const unsigned char *input,
+int mbedtls_md5( const unsigned char *input,
size_t ilen,
unsigned char output[16] )
{
@@ -361,13 +361,13 @@
mbedtls_md5_init( &ctx );
- if( ( ret = mbedtls_md5_starts_ret( &ctx ) ) != 0 )
+ if( ( ret = mbedtls_md5_starts( &ctx ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_update_ret( &ctx, input, ilen ) ) != 0 )
+ if( ( ret = mbedtls_md5_update( &ctx, input, ilen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_finish_ret( &ctx, output ) ) != 0 )
+ if( ( ret = mbedtls_md5_finish( &ctx, output ) ) != 0 )
goto exit;
exit:
@@ -427,7 +427,7 @@
if( verbose != 0 )
mbedtls_printf( " MD5 test #%d: ", i + 1 );
- ret = mbedtls_md5_ret( md5_test_buf[i], md5_test_buflen[i], md5sum );
+ ret = mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
if( ret != 0 )
goto fail;
diff --git a/library/md_wrap.h b/library/md_wrap.h
index 51655f9..cfd418a 100644
--- a/library/md_wrap.h
+++ b/library/md_wrap.h
@@ -57,12 +57,6 @@
unsigned char block_size;
};
-#if defined(MBEDTLS_MD2_C)
-extern const mbedtls_md_info_t mbedtls_md2_info;
-#endif
-#if defined(MBEDTLS_MD4_C)
-extern const mbedtls_md_info_t mbedtls_md4_info;
-#endif
#if defined(MBEDTLS_MD5_C)
extern const mbedtls_md_info_t mbedtls_md5_info;
#endif
diff --git a/library/net_sockets.c b/library/net_sockets.c
index 8f79b74..5fbe1f7 100644
--- a/library/net_sockets.c
+++ b/library/net_sockets.c
@@ -136,6 +136,31 @@
}
/*
+ * Return 0 if the file descriptor is valid, an error otherwise.
+ * If for_select != 0, check whether the file descriptor is within the range
+ * allowed for fd_set used for the FD_xxx macros and the select() function.
+ */
+static int check_fd( int fd, int for_select )
+{
+ if( fd < 0 )
+ return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+
+#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
+ !defined(EFI32)
+ (void) for_select;
+#else
+ /* A limitation of select() is that it only works with file descriptors
+ * that are strictly less than FD_SETSIZE. This is a limitation of the
+ * fd_set type. Error out early, because attempting to call FD_SET on a
+ * large file descriptor is a buffer overflow on typical platforms. */
+ if( for_select && fd >= FD_SETSIZE )
+ return( MBEDTLS_ERR_NET_POLL_FAILED );
+#endif
+
+ return( 0 );
+}
+
+/*
* Initialize a context
*/
void mbedtls_net_init( mbedtls_net_context *ctx )
@@ -466,15 +491,9 @@
int fd = ctx->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
- /* A limitation of select() is that it only works with file descriptors
- * that are strictly less than FD_SETSIZE. This is a limitation of the
- * fd_set type. Error out early, because attempting to call FD_SET on a
- * large file descriptor is a buffer overflow on typical platforms. */
- if( fd >= FD_SETSIZE )
- return( MBEDTLS_ERR_NET_POLL_FAILED );
+ ret = check_fd( fd, 1 );
+ if( ret != 0 )
+ return( ret );
#if defined(__has_feature)
#if __has_feature(memory_sanitizer)
@@ -553,8 +572,9 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 0 );
+ if( ret != 0 )
+ return( ret );
ret = (int) read( fd, buf, len );
@@ -592,15 +612,9 @@
fd_set read_fds;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
-
- /* A limitation of select() is that it only works with file descriptors
- * that are strictly less than FD_SETSIZE. This is a limitation of the
- * fd_set type. Error out early, because attempting to call FD_SET on a
- * large file descriptor is a buffer overflow on typical platforms. */
- if( fd >= FD_SETSIZE )
- return( MBEDTLS_ERR_NET_POLL_FAILED );
+ ret = check_fd( fd, 1 );
+ if( ret != 0 )
+ return( ret );
FD_ZERO( &read_fds );
FD_SET( fd, &read_fds );
@@ -640,8 +654,9 @@
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int fd = ((mbedtls_net_context *) ctx)->fd;
- if( fd < 0 )
- return( MBEDTLS_ERR_NET_INVALID_CONTEXT );
+ ret = check_fd( fd, 0 );
+ if( ret != 0 )
+ return( ret );
ret = (int) write( fd, buf, len );
diff --git a/library/oid.c b/library/oid.c
index c4a4df9..f70ceea 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -340,18 +340,6 @@
static const oid_sig_alg_t oid_sig_alg[] =
{
#if defined(MBEDTLS_RSA_C)
-#if defined(MBEDTLS_MD2_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD2, "md2WithRSAEncryption", "RSA with MD2" ),
- MBEDTLS_MD_MD2, MBEDTLS_PK_RSA,
- },
-#endif /* MBEDTLS_MD2_C */
-#if defined(MBEDTLS_MD4_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD4, "md4WithRSAEncryption", "RSA with MD4" ),
- MBEDTLS_MD_MD4, MBEDTLS_PK_RSA,
- },
-#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
{
OID_DESCRIPTOR( MBEDTLS_OID_PKCS1_MD5, "md5WithRSAEncryption", "RSA with MD5" ),
@@ -609,18 +597,6 @@
static const oid_md_alg_t oid_md_alg[] =
{
-#if defined(MBEDTLS_MD2_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD2, "id-md2", "MD2" ),
- MBEDTLS_MD_MD2,
- },
-#endif /* MBEDTLS_MD2_C */
-#if defined(MBEDTLS_MD4_C)
- {
- OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD4, "id-md4", "MD4" ),
- MBEDTLS_MD_MD4,
- },
-#endif /* MBEDTLS_MD4_C */
#if defined(MBEDTLS_MD5_C)
{
OID_DESCRIPTOR( MBEDTLS_OID_DIGEST_ALG_MD5, "id-md5", "MD5" ),
diff --git a/library/pem.c b/library/pem.c
index fcfde94..1b40e5e 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -87,13 +87,13 @@
/*
* key[ 0..15] = MD5(pwd || IV)
*/
- if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
+ if( ( ret = mbedtls_md5_starts( &md5_ctx ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
+ if( ( ret = mbedtls_md5_update( &md5_ctx, pwd, pwdlen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
+ if( ( ret = mbedtls_md5_update( &md5_ctx, iv, 8 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
+ if( ( ret = mbedtls_md5_finish( &md5_ctx, md5sum ) ) != 0 )
goto exit;
if( keylen <= 16 )
@@ -107,15 +107,15 @@
/*
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
*/
- if( ( ret = mbedtls_md5_starts_ret( &md5_ctx ) ) != 0 )
+ if( ( ret = mbedtls_md5_starts( &md5_ctx ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_update_ret( &md5_ctx, md5sum, 16 ) ) != 0 )
+ if( ( ret = mbedtls_md5_update( &md5_ctx, md5sum, 16 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_update_ret( &md5_ctx, pwd, pwdlen ) ) != 0 )
+ if( ( ret = mbedtls_md5_update( &md5_ctx, pwd, pwdlen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_update_ret( &md5_ctx, iv, 8 ) ) != 0 )
+ if( ( ret = mbedtls_md5_update( &md5_ctx, iv, 8 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_md5_finish_ret( &md5_ctx, md5sum ) ) != 0 )
+ if( ( ret = mbedtls_md5_finish( &md5_ctx, md5sum ) ) != 0 )
goto exit;
use_len = 16;
diff --git a/library/pk.c b/library/pk.c
index 06021e2..275d34b 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -500,7 +500,10 @@
/*
* Check public-private key pair
*/
-int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
+int mbedtls_pk_check_pair( const mbedtls_pk_context *pub,
+ const mbedtls_pk_context *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
PK_VALIDATE_RET( pub != NULL );
PK_VALIDATE_RET( prv != NULL );
@@ -511,6 +514,9 @@
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
}
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
+
if( prv->pk_info->check_pair_func == NULL )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
@@ -525,7 +531,7 @@
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
}
- return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
+ return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx, f_rng, p_rng ) );
}
/*
diff --git a/library/pk_wrap.c b/library/pk_wrap.c
index 7c317c5..864e495 100644
--- a/library/pk_wrap.c
+++ b/library/pk_wrap.c
@@ -154,8 +154,12 @@
ilen, input, output ) );
}
-static int rsa_check_pair_wrap( const void *pub, const void *prv )
+static int rsa_check_pair_wrap( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
+ (void) f_rng;
+ (void) p_rng;
return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
(const mbedtls_rsa_context *) prv ) );
}
@@ -388,10 +392,13 @@
#endif /* MBEDTLS_ECP_RESTARTABLE */
#endif /* MBEDTLS_ECDSA_C */
-static int eckey_check_pair( const void *pub, const void *prv )
+static int eckey_check_pair( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
- (const mbedtls_ecp_keypair *) prv ) );
+ (const mbedtls_ecp_keypair *) prv,
+ f_rng, p_rng ) );
}
static void *eckey_alloc_wrap( void )
@@ -799,7 +806,9 @@
}
#if defined(MBEDTLS_RSA_C)
-static int rsa_alt_check_pair( const void *pub, const void *prv )
+static int rsa_alt_check_pair( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng )
{
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
unsigned char hash[32];
@@ -813,7 +822,7 @@
if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
hash, sizeof( hash ),
- sig, &sig_len, NULL, NULL ) ) != 0 )
+ sig, &sig_len, f_rng, p_rng ) ) != 0 )
{
return( ret );
}
diff --git a/library/pk_wrap.h b/library/pk_wrap.h
index f7f938a..b2db637 100644
--- a/library/pk_wrap.h
+++ b/library/pk_wrap.h
@@ -85,7 +85,9 @@
void *p_rng );
/** Check public-private key pair */
- int (*check_pair_func)( const void *pub, const void *prv );
+ int (*check_pair_func)( const void *pub, const void *prv,
+ int (*f_rng)(void *, unsigned char *, size_t),
+ void *p_rng );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
diff --git a/library/pkcs12.c b/library/pkcs12.c
index 9823d96..04b1a6d 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -35,10 +35,6 @@
#include <string.h>
-#if defined(MBEDTLS_ARC4_C)
-#include "mbedtls/arc4.h"
-#endif
-
#if defined(MBEDTLS_DES_C)
#include "mbedtls/des.h"
#endif
@@ -125,47 +121,6 @@
#undef PKCS12_MAX_PWDLEN
-int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
- const unsigned char *pwd, size_t pwdlen,
- const unsigned char *data, size_t len,
- unsigned char *output )
-{
-#if !defined(MBEDTLS_ARC4_C)
- ((void) pbe_params);
- ((void) mode);
- ((void) pwd);
- ((void) pwdlen);
- ((void) data);
- ((void) len);
- ((void) output);
- return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
-#else
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- unsigned char key[16];
- mbedtls_arc4_context ctx;
- ((void) mode);
-
- mbedtls_arc4_init( &ctx );
-
- if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
- pwd, pwdlen,
- key, 16, NULL, 0 ) ) != 0 )
- {
- return( ret );
- }
-
- mbedtls_arc4_setup( &ctx, key, 16 );
- if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
- goto exit;
-
-exit:
- mbedtls_platform_zeroize( key, sizeof( key ) );
- mbedtls_arc4_free( &ctx );
-
- return( ret );
-#endif /* MBEDTLS_ARC4_C */
-}
-
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
diff --git a/library/pkparse.c b/library/pkparse.c
index 3222ca2..fe6aaca 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -123,7 +123,8 @@
* Load and parse a private key
*/
int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
- const char *path, const char *pwd )
+ const char *path, const char *pwd,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t n;
@@ -136,10 +137,10 @@
return( ret );
if( pwd == NULL )
- ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0 );
+ ret = mbedtls_pk_parse_key( ctx, buf, n, NULL, 0, f_rng, p_rng );
else
ret = mbedtls_pk_parse_key( ctx, buf, n,
- (const unsigned char *) pwd, strlen( pwd ) );
+ (const unsigned char *) pwd, strlen( pwd ), f_rng, p_rng );
mbedtls_platform_zeroize( buf, n );
mbedtls_free( buf );
@@ -859,8 +860,8 @@
* Parse a SEC1 encoded private EC key
*/
static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
- const unsigned char *key,
- size_t keylen )
+ const unsigned char *key, size_t keylen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int version, pubkey_done;
@@ -967,7 +968,7 @@
if( ! pubkey_done &&
( ret = mbedtls_ecp_mul( &eck->grp, &eck->Q, &eck->d, &eck->grp.G,
- NULL, NULL ) ) != 0 )
+ f_rng, p_rng ) ) != 0 )
{
mbedtls_ecp_keypair_free( eck );
return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, ret ) );
@@ -997,9 +998,9 @@
*
*/
static int pk_parse_key_pkcs8_unencrypted_der(
- mbedtls_pk_context *pk,
- const unsigned char* key,
- size_t keylen )
+ mbedtls_pk_context *pk,
+ const unsigned char* key, size_t keylen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, version;
size_t len;
@@ -1009,6 +1010,11 @@
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
const mbedtls_pk_info_t *pk_info;
+#if !defined(MBEDTLS_ECP_C)
+ (void) f_rng;
+ (void) p_rng;
+#endif
+
/*
* This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
*
@@ -1071,7 +1077,7 @@
if( pk_alg == MBEDTLS_PK_ECKEY || pk_alg == MBEDTLS_PK_ECKEY_DH )
{
if( ( ret = pk_use_ecparams( ¶ms, &mbedtls_pk_ec( *pk )->grp ) ) != 0 ||
- ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len ) ) != 0 )
+ ( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ), p, len, f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
return( ret );
@@ -1094,9 +1100,10 @@
*/
#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
static int pk_parse_key_pkcs8_encrypted_der(
- mbedtls_pk_context *pk,
- unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen )
+ mbedtls_pk_context *pk,
+ unsigned char *key, size_t keylen,
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, decrypted = 0;
size_t len;
@@ -1163,24 +1170,6 @@
decrypted = 1;
}
- else if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) == 0 )
- {
- if( ( ret = mbedtls_pkcs12_pbe_sha1_rc4_128( &pbe_params,
- MBEDTLS_PKCS12_PBE_DECRYPT,
- pwd, pwdlen,
- p, len, buf ) ) != 0 )
- {
- return( ret );
- }
-
- // Best guess for password mismatch when using RC4. If first tag is
- // not MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE
- //
- if( *buf != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
- return( MBEDTLS_ERR_PK_PASSWORD_MISMATCH );
-
- decrypted = 1;
- }
else
#endif /* MBEDTLS_PKCS12_C */
#if defined(MBEDTLS_PKCS5_C)
@@ -1206,7 +1195,7 @@
if( decrypted == 0 )
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
- return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) );
+ return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len, f_rng, p_rng ) );
}
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
@@ -1215,7 +1204,8 @@
*/
int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
const unsigned char *key, size_t keylen,
- const unsigned char *pwd, size_t pwdlen )
+ const unsigned char *pwd, size_t pwdlen,
+ int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_pk_info_t *pk_info;
@@ -1278,7 +1268,8 @@
if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 ||
( ret = pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
- pem.buf, pem.buflen ) ) != 0 )
+ pem.buf, pem.buflen,
+ f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
}
@@ -1305,7 +1296,7 @@
if( ret == 0 )
{
if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk,
- pem.buf, pem.buflen ) ) != 0 )
+ pem.buf, pem.buflen, f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
}
@@ -1327,9 +1318,8 @@
key, NULL, 0, &len );
if( ret == 0 )
{
- if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk,
- pem.buf, pem.buflen,
- pwd, pwdlen ) ) != 0 )
+ if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, pem.buf, pem.buflen,
+ pwd, pwdlen, f_rng, p_rng ) ) != 0 )
{
mbedtls_pk_free( pk );
}
@@ -1362,7 +1352,7 @@
memcpy( key_copy, key, keylen );
ret = pk_parse_key_pkcs8_encrypted_der( pk, key_copy, keylen,
- pwd, pwdlen );
+ pwd, pwdlen, f_rng, p_rng );
mbedtls_platform_zeroize( key_copy, keylen );
mbedtls_free( key_copy );
@@ -1380,8 +1370,11 @@
}
#endif /* MBEDTLS_PKCS12_C || MBEDTLS_PKCS5_C */
- if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 )
+ if( ( ret = pk_parse_key_pkcs8_unencrypted_der(
+ pk, key, keylen, f_rng, p_rng ) ) == 0 )
+ {
return( 0 );
+ }
mbedtls_pk_free( pk );
mbedtls_pk_init( pk );
@@ -1403,7 +1396,7 @@
pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY );
if( mbedtls_pk_setup( pk, pk_info ) == 0 &&
pk_parse_key_sec1_der( mbedtls_pk_ec( *pk ),
- key, keylen ) == 0 )
+ key, keylen, f_rng, p_rng ) == 0 )
{
return( 0 );
}
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7921eb2..4f932c6 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -58,11 +58,9 @@
#endif
#include "mbedtls/aes.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/chacha20.h"
#include "mbedtls/chachapoly.h"
@@ -75,8 +73,6 @@
#include "mbedtls/entropy.h"
#include "mbedtls/error.h"
#include "mbedtls/gcm.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/md.h"
#include "md_wrap.h"
@@ -89,7 +85,6 @@
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#include "mbedtls/xtea.h"
#define ARRAY_LENGTH( array ) ( sizeof( array ) / sizeof( *( array ) ) )
@@ -150,12 +145,6 @@
case MBEDTLS_ERR_ASN1_BUF_TOO_SMALL:
return( PSA_ERROR_BUFFER_TOO_SMALL );
-#if defined(MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA)
- case MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA:
-#endif
- case MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH:
- return( PSA_ERROR_NOT_SUPPORTED );
-
#if defined(MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA)
case MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA:
#endif
@@ -302,9 +291,6 @@
case MBEDTLS_ERR_RSA_RNG_FAILED:
return( PSA_ERROR_INSUFFICIENT_ENTROPY );
- case MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH:
- return( PSA_ERROR_INVALID_ARGUMENT );
-
case MBEDTLS_ERR_ECP_BAD_INPUT_DATA:
case MBEDTLS_ERR_ECP_INVALID_KEY:
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -478,12 +464,6 @@
return( PSA_ERROR_INVALID_ARGUMENT );
break;
#endif
-#if defined(PSA_WANT_KEY_TYPE_ARC4)
- case PSA_KEY_TYPE_ARC4:
- if( bits < 8 || bits > 2048 )
- return( PSA_ERROR_INVALID_ARGUMENT );
- break;
-#endif
#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
case PSA_KEY_TYPE_CHACHA20:
if( bits != 256 )
@@ -1072,6 +1052,17 @@
return( PSA_ERROR_GENERIC_ERROR );
}
+ if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) )
+ {
+ /* Refuse the destruction of a read-only key (which may or may not work
+ * if we attempt it, depending on whether the key is merely read-only
+ * by policy or actually physically read-only).
+ * Just do the best we can, which is to wipe the copy in memory
+ * (done in this function's cleanup code). */
+ overall_status = PSA_ERROR_NOT_PERMITTED;
+ goto exit;
+ }
+
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
driver = psa_get_se_driver_entry( slot->attr.lifetime );
if( driver != NULL )
@@ -1133,12 +1124,10 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
exit:
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_wipe_key_slot( slot );
/* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
- if( overall_status == PSA_SUCCESS )
+ if( status != PSA_SUCCESS )
overall_status = status;
return( overall_status );
}
@@ -2240,6 +2229,46 @@
return( status );
}
+static psa_status_t psa_mac_finalize_alg_and_key_validation(
+ psa_algorithm_t alg,
+ const psa_key_attributes_t *attributes,
+ uint8_t *mac_size )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_type_t key_type = psa_get_key_type( attributes );
+ size_t key_bits = psa_get_key_bits( attributes );
+
+ if( ! PSA_ALG_IS_MAC( alg ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+
+ /* Validate the combination of key type and algorithm */
+ status = psa_mac_key_can_do( alg, key_type );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ /* Get the output length for the algorithm and key combination */
+ *mac_size = PSA_MAC_LENGTH( key_type, key_bits, alg );
+
+ if( *mac_size < 4 )
+ {
+ /* A very short MAC is too short for security since it can be
+ * brute-forced. Ancient protocols with 32-bit MACs do exist,
+ * so we make this our minimum, even though 32 bits is still
+ * too small for security. */
+ return( PSA_ERROR_NOT_SUPPORTED );
+ }
+
+ if( *mac_size > PSA_MAC_LENGTH( key_type, key_bits,
+ PSA_ALG_FULL_LENGTH_MAC( alg ) ) )
+ {
+ /* It's impossible to "truncate" to a larger length than the full length
+ * of the algorithm. */
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ }
+
+ return( PSA_SUCCESS );
+}
+
static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
mbedtls_svc_key_id_t key,
psa_algorithm_t alg,
@@ -2253,9 +2282,6 @@
if( operation->id != 0 )
return( PSA_ERROR_BAD_STATE );
- if( ! PSA_ALG_IS_MAC( alg ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
status = psa_get_and_lock_key_slot_with_policy(
key,
&slot,
@@ -2268,39 +2294,12 @@
.core = slot->attr
};
- /* Validate the combination of key type and algorithm */
- status = psa_mac_key_can_do( alg, psa_get_key_type( &attributes ) );
+ status = psa_mac_finalize_alg_and_key_validation( alg, &attributes,
+ &operation->mac_size );
if( status != PSA_SUCCESS )
goto exit;
operation->is_sign = is_sign;
-
- /* Get the output length for the algorithm and key combination */
- operation->mac_size = PSA_MAC_LENGTH(
- psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ),
- alg );
-
- if( operation->mac_size < 4 )
- {
- /* A very short MAC is too short for security since it can be
- * brute-forced. Ancient protocols with 32-bit MACs do exist,
- * so we make this our minimum, even though 32 bits is still
- * too small for security. */
- status = PSA_ERROR_NOT_SUPPORTED;
- goto exit;
- }
-
- if( operation->mac_size > PSA_MAC_LENGTH( psa_get_key_type( &attributes ),
- psa_get_key_bits( &attributes ),
- PSA_ALG_FULL_LENGTH_MAC( alg ) ) )
- {
- /* It's impossible to "truncate" to a larger length than the full length
- * of the algorithm. */
- status = PSA_ERROR_INVALID_ARGUMENT;
- goto exit;
- }
-
/* Dispatch the MAC setup call with validated input */
if( is_sign )
{
@@ -2393,24 +2392,22 @@
mac, operation->mac_size,
mac_length );
- if( status == PSA_SUCCESS )
+ /* In case of success, set the potential excess room in the output buffer
+ * to an invalid value, to avoid potentially leaking a longer MAC.
+ * In case of error, set the output length and content to a safe default,
+ * such that in case the caller misses an error check, the output would be
+ * an unachievable MAC.
+ */
+ if( status != PSA_SUCCESS )
{
- /* Set the excess room in the output buffer to an invalid value, to
- * avoid potentially leaking a longer MAC. */
- if( mac_size > operation->mac_size )
- memset( &mac[operation->mac_size],
- '!',
- mac_size - operation->mac_size );
- }
- else
- {
- /* Set the output length and content to a safe default, such that in
- * case the caller misses an error check, the output would be an
- * unachievable MAC. */
*mac_length = mac_size;
- memset( mac, '!', mac_size );
+ operation->mac_size = 0;
}
+ if( mac_size > operation->mac_size )
+ memset( &mac[operation->mac_size], '!',
+ mac_size - operation->mac_size );
+
abort_status = psa_mac_abort( operation );
return( status == PSA_SUCCESS ? abort_status : status );
@@ -2444,7 +2441,116 @@
return( status == PSA_SUCCESS ? abort_status : status );
}
+static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length,
+ int is_sign )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
+ psa_key_slot_t *slot;
+ uint8_t operation_mac_size = 0;
+ status = psa_get_and_lock_key_slot_with_policy(
+ key, &slot,
+ is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+
+ status = psa_mac_finalize_alg_and_key_validation( alg, &attributes,
+ &operation_mac_size );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( mac_size < operation_mac_size )
+ {
+ status = PSA_ERROR_BUFFER_TOO_SMALL;
+ goto exit;
+ }
+
+ status = psa_driver_wrapper_mac_compute(
+ &attributes,
+ slot->key.data, slot->key.bytes,
+ alg,
+ input, input_length,
+ mac, operation_mac_size, mac_length );
+
+exit:
+ /* In case of success, set the potential excess room in the output buffer
+ * to an invalid value, to avoid potentially leaking a longer MAC.
+ * In case of error, set the output length and content to a safe default,
+ * such that in case the caller misses an error check, the output would be
+ * an unachievable MAC.
+ */
+ if( status != PSA_SUCCESS )
+ {
+ *mac_length = mac_size;
+ operation_mac_size = 0;
+ }
+ if( mac_size > operation_mac_size )
+ memset( &mac[operation_mac_size], '!', mac_size - operation_mac_size );
+
+ unlock_status = psa_unlock_key_slot( slot );
+
+ return( ( status == PSA_SUCCESS ) ? unlock_status : status );
+}
+
+psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length)
+{
+ return( psa_mac_compute_internal( key, alg,
+ input, input_length,
+ mac, mac_size, mac_length, 1 ) );
+}
+
+psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ const uint8_t *mac,
+ size_t mac_length)
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ uint8_t actual_mac[PSA_MAC_MAX_SIZE];
+ size_t actual_mac_length;
+
+ status = psa_mac_compute_internal( key, alg,
+ input, input_length,
+ actual_mac, sizeof( actual_mac ),
+ &actual_mac_length, 0 );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( mac_length != actual_mac_length )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+ if( mbedtls_psa_safer_memcmp( mac, actual_mac, actual_mac_length ) != 0 )
+ {
+ status = PSA_ERROR_INVALID_SIGNATURE;
+ goto exit;
+ }
+
+exit:
+ mbedtls_platform_zeroize( actual_mac, sizeof( actual_mac ) );
+
+ return ( status );
+}
/****************************************************************/
/* Asymmetric cryptography */
@@ -3730,6 +3836,17 @@
psa_status_t status;
uint8_t offset, length;
+ switch( tls12_prf->state )
+ {
+ case PSA_TLS12_PRF_STATE_LABEL_SET:
+ tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT;
+ break;
+ case PSA_TLS12_PRF_STATE_OUTPUT:
+ break;
+ default:
+ return( PSA_ERROR_BAD_STATE );
+ }
+
while( output_length != 0 )
{
/* Check if we have fully processed the current block. */
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 4992a6e..a65e884 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -131,9 +131,6 @@
case PSA_KEY_TYPE_CAMELLIA:
cipher_id_tmp = MBEDTLS_CIPHER_ID_CAMELLIA;
break;
- case PSA_KEY_TYPE_ARC4:
- cipher_id_tmp = MBEDTLS_CIPHER_ID_ARC4;
- break;
case PSA_KEY_TYPE_CHACHA20:
cipher_id_tmp = MBEDTLS_CIPHER_ID_CHACHA20;
break;
diff --git a/library/psa_crypto_hash.c b/library/psa_crypto_hash.c
index d0f986e..92dcbba 100644
--- a/library/psa_crypto_hash.c
+++ b/library/psa_crypto_hash.c
@@ -31,14 +31,6 @@
/* Use builtin defines specific to this compilation unit, since the test driver
* relies on the software driver. */
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD2) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD2) ) )
-#define BUILTIN_ALG_MD2 1
-#endif
-#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD4) || \
- ( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD4) ) )
-#define BUILTIN_ALG_MD4 1
-#endif
#if( defined(MBEDTLS_PSA_BUILTIN_ALG_MD5) || \
( defined(PSA_CRYPTO_DRIVER_TEST) && defined(MBEDTLS_PSA_ACCEL_ALG_MD5) ) )
#define BUILTIN_ALG_MD5 1
@@ -76,14 +68,6 @@
{
switch( alg )
{
-#if defined(MBEDTLS_MD2_C)
- case PSA_ALG_MD2:
- return( &mbedtls_md2_info );
-#endif
-#if defined(MBEDTLS_MD4_C)
- case PSA_ALG_MD4:
- return( &mbedtls_md4_info );
-#endif
#if defined(MBEDTLS_MD5_C)
case PSA_ALG_MD5:
return( &mbedtls_md5_info );
@@ -134,16 +118,6 @@
* in use. It's ok to call abort on such an object, and there's
* nothing to do. */
break;
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_free( &operation->ctx.md2 );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_free( &operation->ctx.md4 );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_free( &operation->ctx.md5 );
@@ -200,58 +174,46 @@
switch( alg )
{
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_init( &operation->ctx.md2 );
- ret = mbedtls_md2_starts_ret( &operation->ctx.md2 );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_init( &operation->ctx.md4 );
- ret = mbedtls_md4_starts_ret( &operation->ctx.md4 );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_init( &operation->ctx.md5 );
- ret = mbedtls_md5_starts_ret( &operation->ctx.md5 );
+ ret = mbedtls_md5_starts( &operation->ctx.md5 );
break;
#endif
#if defined(BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
mbedtls_ripemd160_init( &operation->ctx.ripemd160 );
- ret = mbedtls_ripemd160_starts_ret( &operation->ctx.ripemd160 );
+ ret = mbedtls_ripemd160_starts( &operation->ctx.ripemd160 );
break;
#endif
#if defined(BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
mbedtls_sha1_init( &operation->ctx.sha1 );
- ret = mbedtls_sha1_starts_ret( &operation->ctx.sha1 );
+ ret = mbedtls_sha1_starts( &operation->ctx.sha1 );
break;
#endif
#if defined(BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
mbedtls_sha256_init( &operation->ctx.sha256 );
- ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 1 );
+ ret = mbedtls_sha256_starts( &operation->ctx.sha256, 1 );
break;
#endif
#if defined(BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
mbedtls_sha256_init( &operation->ctx.sha256 );
- ret = mbedtls_sha256_starts_ret( &operation->ctx.sha256, 0 );
+ ret = mbedtls_sha256_starts( &operation->ctx.sha256, 0 );
break;
#endif
#if defined(BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
mbedtls_sha512_init( &operation->ctx.sha512 );
- ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 1 );
+ ret = mbedtls_sha512_starts( &operation->ctx.sha512, 1 );
break;
#endif
#if defined(BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
mbedtls_sha512_init( &operation->ctx.sha512 );
- ret = mbedtls_sha512_starts_ret( &operation->ctx.sha512, 0 );
+ ret = mbedtls_sha512_starts( &operation->ctx.sha512, 0 );
break;
#endif
default:
@@ -274,18 +236,6 @@
{
case 0:
return( PSA_ERROR_BAD_STATE );
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- mbedtls_md2_clone( &target_operation->ctx.md2,
- &source_operation->ctx.md2 );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- mbedtls_md4_clone( &target_operation->ctx.md4,
- &source_operation->ctx.md4 );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
mbedtls_md5_clone( &target_operation->ctx.md5,
@@ -347,57 +297,45 @@
switch( operation->alg )
{
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- ret = mbedtls_md2_update_ret( &operation->ctx.md2,
- input, input_length );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- ret = mbedtls_md4_update_ret( &operation->ctx.md4,
- input, input_length );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
- ret = mbedtls_md5_update_ret( &operation->ctx.md5,
+ ret = mbedtls_md5_update( &operation->ctx.md5,
input, input_length );
break;
#endif
#if defined(BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
- ret = mbedtls_ripemd160_update_ret( &operation->ctx.ripemd160,
+ ret = mbedtls_ripemd160_update( &operation->ctx.ripemd160,
input, input_length );
break;
#endif
#if defined(BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
- ret = mbedtls_sha1_update_ret( &operation->ctx.sha1,
+ ret = mbedtls_sha1_update( &operation->ctx.sha1,
input, input_length );
break;
#endif
#if defined(BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
- ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
+ ret = mbedtls_sha256_update( &operation->ctx.sha256,
input, input_length );
break;
#endif
#if defined(BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
- ret = mbedtls_sha256_update_ret( &operation->ctx.sha256,
+ ret = mbedtls_sha256_update( &operation->ctx.sha256,
input, input_length );
break;
#endif
#if defined(BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
- ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
+ ret = mbedtls_sha512_update( &operation->ctx.sha512,
input, input_length );
break;
#endif
#if defined(BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
- ret = mbedtls_sha512_update_ret( &operation->ctx.sha512,
+ ret = mbedtls_sha512_update( &operation->ctx.sha512,
input, input_length );
break;
#endif
@@ -437,49 +375,39 @@
switch( operation->alg )
{
-#if defined(BUILTIN_ALG_MD2)
- case PSA_ALG_MD2:
- ret = mbedtls_md2_finish_ret( &operation->ctx.md2, hash );
- break;
-#endif
-#if defined(BUILTIN_ALG_MD4)
- case PSA_ALG_MD4:
- ret = mbedtls_md4_finish_ret( &operation->ctx.md4, hash );
- break;
-#endif
#if defined(BUILTIN_ALG_MD5)
case PSA_ALG_MD5:
- ret = mbedtls_md5_finish_ret( &operation->ctx.md5, hash );
+ ret = mbedtls_md5_finish( &operation->ctx.md5, hash );
break;
#endif
#if defined(BUILTIN_ALG_RIPEMD160)
case PSA_ALG_RIPEMD160:
- ret = mbedtls_ripemd160_finish_ret( &operation->ctx.ripemd160, hash );
+ ret = mbedtls_ripemd160_finish( &operation->ctx.ripemd160, hash );
break;
#endif
#if defined(BUILTIN_ALG_SHA_1)
case PSA_ALG_SHA_1:
- ret = mbedtls_sha1_finish_ret( &operation->ctx.sha1, hash );
+ ret = mbedtls_sha1_finish( &operation->ctx.sha1, hash );
break;
#endif
#if defined(BUILTIN_ALG_SHA_224)
case PSA_ALG_SHA_224:
- ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
+ ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash );
break;
#endif
#if defined(BUILTIN_ALG_SHA_256)
case PSA_ALG_SHA_256:
- ret = mbedtls_sha256_finish_ret( &operation->ctx.sha256, hash );
+ ret = mbedtls_sha256_finish( &operation->ctx.sha256, hash );
break;
#endif
#if defined(BUILTIN_ALG_SHA_384)
case PSA_ALG_SHA_384:
- ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
+ ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash );
break;
#endif
#if defined(BUILTIN_ALG_SHA_512)
case PSA_ALG_SHA_512:
- ret = mbedtls_sha512_finish_ret( &operation->ctx.sha512, hash );
+ ret = mbedtls_sha512_finish( &operation->ctx.sha512, hash );
break;
#endif
default:
@@ -587,14 +515,6 @@
{
switch( alg )
{
-#if defined(MBEDTLS_PSA_ACCEL_ALG_MD2)
- case PSA_ALG_MD2:
- return( 1 );
-#endif
-#if defined(MBEDTLS_PSA_ACCEL_ALG_MD4)
- case PSA_ALG_MD4:
- return( 1 );
-#endif
#if defined(MBEDTLS_PSA_ACCEL_ALG_MD5)
case PSA_ALG_MD5:
return( 1 );
diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
index 20c56a0..2c079d4 100644
--- a/library/psa_crypto_mac.c
+++ b/library/psa_crypto_mac.c
@@ -46,10 +46,6 @@
{
switch( alg )
{
- case PSA_ALG_MD2:
- return( 16 );
- case PSA_ALG_MD4:
- return( 64 );
case PSA_ALG_MD5:
return( 64 );
case PSA_ALG_RIPEMD160:
@@ -359,30 +355,6 @@
return( status );
}
-static psa_status_t mac_compute(
- const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *input,
- size_t input_length,
- uint8_t *mac,
- size_t mac_size,
- size_t *mac_length )
-{
- /* One-shot MAC has not been implemented in this PSA implementation yet. */
- (void) attributes;
- (void) key_buffer;
- (void) key_buffer_size;
- (void) alg;
- (void) input;
- (void) input_length;
- (void) mac;
- (void) mac_size;
- (void) mac_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
static psa_status_t mac_update(
mbedtls_psa_mac_operation_t *operation,
const uint8_t *input,
@@ -497,6 +469,44 @@
return( status );
}
+
+static psa_status_t mac_compute(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *mac,
+ size_t mac_size,
+ size_t *mac_length )
+{
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ mbedtls_psa_mac_operation_t operation = MBEDTLS_PSA_MAC_OPERATION_INIT;
+
+ status = mac_setup( &operation,
+ attributes, key_buffer, key_buffer_size,
+ alg );
+ if( status != PSA_SUCCESS )
+ goto exit;
+
+ if( input_length > 0 )
+ {
+ status = mac_update( &operation, input, input_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
+ }
+
+ status = mac_finish_internal( &operation, mac, mac_size );
+ if( status == PSA_SUCCESS )
+ *mac_length = mac_size;
+
+exit:
+ mac_abort( &operation );
+
+ return( status );
+}
+
#endif /* BUILTIN_ALG_HMAC || BUILTIN_ALG_CMAC */
#if defined(MBEDTLS_PSA_BUILTIN_MAC)
diff --git a/library/psa_crypto_rsa.c b/library/psa_crypto_rsa.c
index 5388923..d85b86c 100644
--- a/library/psa_crypto_rsa.c
+++ b/library/psa_crypto_rsa.c
@@ -108,7 +108,8 @@
/* Parse the data. */
if( PSA_KEY_TYPE_IS_KEY_PAIR( type ) )
status = mbedtls_to_psa_error(
- mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0 ) );
+ mbedtls_pk_parse_key( &ctx, data, data_length, NULL, 0,
+ mbedtls_psa_get_random, MBEDTLS_PSA_RANDOM_STATE ) );
else
status = mbedtls_to_psa_error(
mbedtls_pk_parse_public_key( &ctx, data, data_length ) );
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 4cf32db..a95b4b3 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -455,7 +455,10 @@
{
/* Persistent keys require storage support */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- return( PSA_SUCCESS );
+ if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ else
+ return( PSA_SUCCESS );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
@@ -545,16 +548,17 @@
++stats->empty_slots;
continue;
}
- if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
++stats->volatile_slots;
- else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ else
{
psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
++stats->persistent_slots;
if( id > stats->max_open_internal_key_id )
stats->max_open_internal_key_id = id;
}
- else
+ if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) !=
+ PSA_KEY_LOCATION_LOCAL_STORAGE )
{
psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
++stats->external_slots;
diff --git a/library/ripemd160.c b/library/ripemd160.c
index 0e1df8f..d2ccbbe 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -89,7 +89,7 @@
/*
* RIPEMD-160 context setup
*/
-int mbedtls_ripemd160_starts_ret( mbedtls_ripemd160_context *ctx )
+int mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@@ -305,7 +305,7 @@
/*
* RIPEMD-160 process buffer
*/
-int mbedtls_ripemd160_update_ret( mbedtls_ripemd160_context *ctx,
+int mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
const unsigned char *input,
size_t ilen )
{
@@ -365,7 +365,7 @@
/*
* RIPEMD-160 final digest
*/
-int mbedtls_ripemd160_finish_ret( mbedtls_ripemd160_context *ctx,
+int mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx,
unsigned char output[20] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -383,11 +383,11 @@
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
- ret = mbedtls_ripemd160_update_ret( ctx, ripemd160_padding, padn );
+ ret = mbedtls_ripemd160_update( ctx, ripemd160_padding, padn );
if( ret != 0 )
return( ret );
- ret = mbedtls_ripemd160_update_ret( ctx, msglen, 8 );
+ ret = mbedtls_ripemd160_update( ctx, msglen, 8 );
if( ret != 0 )
return( ret );
@@ -405,7 +405,7 @@
/*
* output = RIPEMD-160( input buffer )
*/
-int mbedtls_ripemd160_ret( const unsigned char *input,
+int mbedtls_ripemd160( const unsigned char *input,
size_t ilen,
unsigned char output[20] )
{
@@ -414,13 +414,13 @@
mbedtls_ripemd160_init( &ctx );
- if( ( ret = mbedtls_ripemd160_starts_ret( &ctx ) ) != 0 )
+ if( ( ret = mbedtls_ripemd160_starts( &ctx ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_ripemd160_update_ret( &ctx, input, ilen ) ) != 0 )
+ if( ( ret = mbedtls_ripemd160_update( &ctx, input, ilen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_ripemd160_finish_ret( &ctx, output ) ) != 0 )
+ if( ( ret = mbedtls_ripemd160_finish( &ctx, output ) ) != 0 )
goto exit;
exit:
@@ -487,7 +487,7 @@
if( verbose != 0 )
mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 );
- ret = mbedtls_ripemd160_ret( ripemd160_test_str[i],
+ ret = mbedtls_ripemd160( ripemd160_test_str[i],
ripemd160_test_strlen[i], output );
if( ret != 0 )
goto fail;
diff --git a/library/rsa.c b/library/rsa.c
index 57b8a6f..ed1632a 100644
--- a/library/rsa.c
+++ b/library/rsa.c
@@ -929,8 +929,11 @@
RSA_VALIDATE_RET( input != NULL );
RSA_VALIDATE_RET( output != NULL );
- if( rsa_check_context( ctx, 1 /* private key checks */,
- f_rng != NULL /* blinding y/n */ ) != 0 )
+ if( f_rng == NULL )
+ return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
+
+ if( rsa_check_context( ctx, 1 /* private key checks */,
+ 1 /* blinding on */ ) != 0 )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
@@ -947,15 +950,12 @@
mbedtls_mpi_init( &Q1 );
mbedtls_mpi_init( &R );
- if( f_rng != NULL )
- {
#if defined(MBEDTLS_RSA_NO_CRT)
- mbedtls_mpi_init( &D_blind );
+ mbedtls_mpi_init( &D_blind );
#else
- mbedtls_mpi_init( &DP_blind );
- mbedtls_mpi_init( &DQ_blind );
+ mbedtls_mpi_init( &DP_blind );
+ mbedtls_mpi_init( &DQ_blind );
#endif
- }
#if !defined(MBEDTLS_RSA_NO_CRT)
mbedtls_mpi_init( &TP ); mbedtls_mpi_init( &TQ );
@@ -975,57 +975,54 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &I, &T ) );
- if( f_rng != NULL )
- {
- /*
- * Blinding
- * T = T * Vi mod N
- */
- MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
+ /*
+ * Blinding
+ * T = T * Vi mod N
+ */
+ MBEDTLS_MPI_CHK( rsa_prepare_blinding( ctx, f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vi ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
- /*
- * Exponent blinding
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
+ /*
+ * Exponent blinding
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &P1, &ctx->P, 1 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &Q1, &ctx->Q, 1 ) );
#if defined(MBEDTLS_RSA_NO_CRT)
- /*
- * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
- f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) );
+ /*
+ * D_blind = ( P - 1 ) * ( Q - 1 ) * R + D
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &P1, &Q1 ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &D_blind, &D_blind, &R ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &D_blind, &D_blind, &ctx->D ) );
- D = &D_blind;
+ D = &D_blind;
#else
- /*
- * DP_blind = ( P - 1 ) * R + DP
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
- f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind,
- &ctx->DP ) );
+ /*
+ * DP_blind = ( P - 1 ) * R + DP
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DP_blind, &P1, &R ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DP_blind, &DP_blind,
+ &ctx->DP ) );
- DP = &DP_blind;
+ DP = &DP_blind;
- /*
- * DQ_blind = ( Q - 1 ) * R + DQ
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
- f_rng, p_rng ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind,
- &ctx->DQ ) );
+ /*
+ * DQ_blind = ( Q - 1 ) * R + DQ
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &R, RSA_EXPONENT_BLINDING,
+ f_rng, p_rng ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &DQ_blind, &Q1, &R ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &DQ_blind, &DQ_blind,
+ &ctx->DQ ) );
- DQ = &DQ_blind;
+ DQ = &DQ_blind;
#endif /* MBEDTLS_RSA_NO_CRT */
- }
#if defined(MBEDTLS_RSA_NO_CRT)
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &T, &T, D, &ctx->N, &ctx->RN ) );
@@ -1054,15 +1051,12 @@
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &T, &TQ, &TP ) );
#endif /* MBEDTLS_RSA_NO_CRT */
- if( f_rng != NULL )
- {
- /*
- * Unblind
- * T = T * Vf mod N
- */
- MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) );
- MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
- }
+ /*
+ * Unblind
+ * T = T * Vf mod N
+ */
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &T, &T, &ctx->Vf ) );
+ MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &T, &T, &ctx->N ) );
/* Verify the result to prevent glitching attacks. */
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &C, &T, &ctx->E,
@@ -1086,15 +1080,12 @@
mbedtls_mpi_free( &Q1 );
mbedtls_mpi_free( &R );
- if( f_rng != NULL )
- {
#if defined(MBEDTLS_RSA_NO_CRT)
- mbedtls_mpi_free( &D_blind );
+ mbedtls_mpi_free( &D_blind );
#else
- mbedtls_mpi_free( &DP_blind );
- mbedtls_mpi_free( &DQ_blind );
+ mbedtls_mpi_free( &DP_blind );
+ mbedtls_mpi_free( &DQ_blind );
#endif
- }
mbedtls_mpi_free( &T );
@@ -2678,7 +2669,7 @@
if( verbose != 0 )
mbedtls_printf( " PKCS#1 data sign : " );
- if( mbedtls_sha1_ret( rsa_plaintext, PT_LEN, sha1sum ) != 0 )
+ if( mbedtls_sha1( rsa_plaintext, PT_LEN, sha1sum ) != 0 )
{
if( verbose != 0 )
mbedtls_printf( "failed\n" );
diff --git a/library/sha1.c b/library/sha1.c
index c6087ac..545d093 100644
--- a/library/sha1.c
+++ b/library/sha1.c
@@ -98,7 +98,7 @@
/*
* SHA-1 context setup
*/
-int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
+int mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
{
SHA1_VALIDATE_RET( ctx != NULL );
@@ -292,7 +292,7 @@
/*
* SHA-1 process buffer
*/
-int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
+int mbedtls_sha1_update( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
@@ -345,7 +345,7 @@
/*
* SHA-1 final digest
*/
-int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
+int mbedtls_sha1_finish( mbedtls_sha1_context *ctx,
unsigned char output[20] )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -408,7 +408,7 @@
/*
* output = SHA-1( input buffer )
*/
-int mbedtls_sha1_ret( const unsigned char *input,
+int mbedtls_sha1( const unsigned char *input,
size_t ilen,
unsigned char output[20] )
{
@@ -420,13 +420,13 @@
mbedtls_sha1_init( &ctx );
- if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
+ if( ( ret = mbedtls_sha1_starts( &ctx ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha1_update_ret( &ctx, input, ilen ) ) != 0 )
+ if( ( ret = mbedtls_sha1_update( &ctx, input, ilen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha1_finish_ret( &ctx, output ) ) != 0 )
+ if( ( ret = mbedtls_sha1_finish( &ctx, output ) ) != 0 )
goto exit;
exit:
@@ -481,7 +481,7 @@
if( verbose != 0 )
mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
- if( ( ret = mbedtls_sha1_starts_ret( &ctx ) ) != 0 )
+ if( ( ret = mbedtls_sha1_starts( &ctx ) ) != 0 )
goto fail;
if( i == 2 )
@@ -490,20 +490,20 @@
for( j = 0; j < 1000; j++ )
{
- ret = mbedtls_sha1_update_ret( &ctx, buf, buflen );
+ ret = mbedtls_sha1_update( &ctx, buf, buflen );
if( ret != 0 )
goto fail;
}
}
else
{
- ret = mbedtls_sha1_update_ret( &ctx, sha1_test_buf[i],
+ ret = mbedtls_sha1_update( &ctx, sha1_test_buf[i],
sha1_test_buflen[i] );
if( ret != 0 )
goto fail;
}
- if( ( ret = mbedtls_sha1_finish_ret( &ctx, sha1sum ) ) != 0 )
+ if( ( ret = mbedtls_sha1_finish( &ctx, sha1sum ) ) != 0 )
goto fail;
if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
diff --git a/library/sha256.c b/library/sha256.c
index 3cb2122..6ec6da2 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -100,7 +100,7 @@
/*
* SHA-256 context setup
*/
-int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
+int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
{
SHA256_VALIDATE_RET( ctx != NULL );
@@ -285,7 +285,7 @@
/*
* SHA-256 process buffer
*/
-int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
+int mbedtls_sha256_update( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen )
{
@@ -338,7 +338,7 @@
/*
* SHA-256 final digest
*/
-int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
+int mbedtls_sha256_finish( mbedtls_sha256_context *ctx,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -408,7 +408,7 @@
/*
* output = SHA-256( input buffer )
*/
-int mbedtls_sha256_ret( const unsigned char *input,
+int mbedtls_sha256( const unsigned char *input,
size_t ilen,
unsigned char *output,
int is224 )
@@ -427,13 +427,13 @@
mbedtls_sha256_init( &ctx );
- if( ( ret = mbedtls_sha256_starts_ret( &ctx, is224 ) ) != 0 )
+ if( ( ret = mbedtls_sha256_starts( &ctx, is224 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha256_update_ret( &ctx, input, ilen ) ) != 0 )
+ if( ( ret = mbedtls_sha256_update( &ctx, input, ilen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha256_finish_ret( &ctx, output ) ) != 0 )
+ if( ( ret = mbedtls_sha256_finish( &ctx, output ) ) != 0 )
goto exit;
exit:
@@ -522,7 +522,7 @@
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
- if( ( ret = mbedtls_sha256_starts_ret( &ctx, k ) ) != 0 )
+ if( ( ret = mbedtls_sha256_starts( &ctx, k ) ) != 0 )
goto fail;
if( j == 2 )
@@ -531,7 +531,7 @@
for( j = 0; j < 1000; j++ )
{
- ret = mbedtls_sha256_update_ret( &ctx, buf, buflen );
+ ret = mbedtls_sha256_update( &ctx, buf, buflen );
if( ret != 0 )
goto fail;
}
@@ -539,13 +539,13 @@
}
else
{
- ret = mbedtls_sha256_update_ret( &ctx, sha256_test_buf[j],
+ ret = mbedtls_sha256_update( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] );
if( ret != 0 )
goto fail;
}
- if( ( ret = mbedtls_sha256_finish_ret( &ctx, sha256sum ) ) != 0 )
+ if( ( ret = mbedtls_sha256_finish( &ctx, sha256sum ) ) != 0 )
goto fail;
diff --git a/library/sha512.c b/library/sha512.c
index 315e516..6511c6e 100644
--- a/library/sha512.c
+++ b/library/sha512.c
@@ -123,7 +123,7 @@
/*
* SHA-512 context setup
*/
-int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 )
+int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
{
SHA512_VALIDATE_RET( ctx != NULL );
#if defined(MBEDTLS_SHA384_C)
@@ -327,7 +327,7 @@
/*
* SHA-512 process buffer
*/
-int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx,
+int mbedtls_sha512_update( mbedtls_sha512_context *ctx,
const unsigned char *input,
size_t ilen )
{
@@ -379,7 +379,7 @@
/*
* SHA-512 final digest
*/
-int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
+int mbedtls_sha512_finish( mbedtls_sha512_context *ctx,
unsigned char *output )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -451,7 +451,7 @@
/*
* output = SHA-512( input buffer )
*/
-int mbedtls_sha512_ret( const unsigned char *input,
+int mbedtls_sha512( const unsigned char *input,
size_t ilen,
unsigned char *output,
int is384 )
@@ -469,13 +469,13 @@
mbedtls_sha512_init( &ctx );
- if( ( ret = mbedtls_sha512_starts_ret( &ctx, is384 ) ) != 0 )
+ if( ( ret = mbedtls_sha512_starts( &ctx, is384 ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha512_update_ret( &ctx, input, ilen ) ) != 0 )
+ if( ( ret = mbedtls_sha512_update( &ctx, input, ilen ) ) != 0 )
goto exit;
- if( ( ret = mbedtls_sha512_finish_ret( &ctx, output ) ) != 0 )
+ if( ( ret = mbedtls_sha512_finish( &ctx, output ) ) != 0 )
goto exit;
exit:
@@ -591,7 +591,7 @@
if( verbose != 0 )
mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
- if( ( ret = mbedtls_sha512_starts_ret( &ctx, k ) ) != 0 )
+ if( ( ret = mbedtls_sha512_starts( &ctx, k ) ) != 0 )
goto fail;
if( j == 2 )
@@ -600,20 +600,20 @@
for( j = 0; j < 1000; j++ )
{
- ret = mbedtls_sha512_update_ret( &ctx, buf, buflen );
+ ret = mbedtls_sha512_update( &ctx, buf, buflen );
if( ret != 0 )
goto fail;
}
}
else
{
- ret = mbedtls_sha512_update_ret( &ctx, sha512_test_buf[j],
+ ret = mbedtls_sha512_update( &ctx, sha512_test_buf[j],
sha512_test_buflen[j] );
if( ret != 0 )
goto fail;
}
- if( ( ret = mbedtls_sha512_finish_ret( &ctx, sha512sum ) ) != 0 )
+ if( ( ret = mbedtls_sha512_finish( &ctx, sha512sum ) ) != 0 )
goto fail;
if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index 1bda9c0..be0acb7 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -38,7 +38,7 @@
/*
* Ordered from most preferred to least preferred in terms of security.
*
- * Current rule (except RC4 and 3DES, weak and null which come last):
+ * Current rule (except weak and null which come last):
* 1. By key exchange:
* Forward-secure non-PSK > forward-secure PSK > ECJPAKE > other non-PSK > other PSK
* 2. By key length and cipher:
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 9a44138..30e64c4 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -559,36 +559,6 @@
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static int ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
- unsigned char *buf,
- const unsigned char *end,
- size_t *olen )
-{
- unsigned char *p = buf;
-
- *olen = 0;
-
- if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED )
- return( 0 );
-
- MBEDTLS_SSL_DEBUG_MSG( 3,
- ( "client hello, adding truncated_hmac extension" ) );
-
- MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 );
-
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
-
- *p++ = 0x00;
- *p++ = 0x00;
-
- *olen = 4;
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
static int ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
@@ -1304,16 +1274,6 @@
ext_len += olen;
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- if( ( ret = ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len,
- end, &olen ) ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_truncated_hmac_ext", ret );
- return( ret );
- }
- ext_len += olen;
-#endif
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( ( ret = ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len,
end, &olen ) ) != 0 )
@@ -1479,31 +1439,6 @@
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- size_t len )
-{
- if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED ||
- len != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1,
- ( "non-matching truncated HMAC extension" ) );
- mbedtls_ssl_send_alert_message(
- ssl,
- MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
- return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
- }
-
- ((void) buf);
-
- ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
@@ -2346,19 +2281,6 @@
break;
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) );
-
- if( ( ret = ssl_parse_truncated_hmac_ext( ssl,
- ext + 4, ext_size ) ) != 0 )
- {
- return( ret );
- }
-
- break;
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
case MBEDTLS_TLS_EXT_CID:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 29569d1..4715129 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -543,28 +543,6 @@
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- size_t len )
-{
- if( len != 0 )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
- mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
- MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR );
- return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
- }
-
- ((void) buf);
-
- if( ssl->conf->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED )
- ssl->session_negotiate->trunc_hmac = MBEDTLS_SSL_TRUNC_HMAC_ENABLED;
-
- return( 0 );
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl,
const unsigned char *buf,
@@ -1703,16 +1681,6 @@
break;
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- case MBEDTLS_TLS_EXT_TRUNCATED_HMAC:
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) );
-
- ret = ssl_parse_truncated_hmac_ext( ssl, ext + 4, ext_size );
- if( ret != 0 )
- return( ret );
- break;
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
case MBEDTLS_TLS_EXT_CID:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) );
@@ -1721,7 +1689,7 @@
if( ret != 0 )
return( ret );
break;
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC:
@@ -1967,31 +1935,6 @@
return( 0 );
}
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl,
- unsigned char *buf,
- size_t *olen )
-{
- unsigned char *p = buf;
-
- if( ssl->session_negotiate->trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_DISABLED )
- {
- *olen = 0;
- return;
- }
-
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding truncated hmac extension" ) );
-
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC >> 8 ) & 0xFF );
- *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_TRUNCATED_HMAC ) & 0xFF );
-
- *p++ = 0x00;
- *p++ = 0x00;
-
- *olen = 4;
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
static void ssl_write_cid_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,
@@ -2654,11 +2597,6 @@
ext_len += olen;
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen );
- ext_len += olen;
-#endif
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen );
ext_len += olen;
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1677ef8..1396400 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -672,9 +672,6 @@
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int encrypt_then_mac,
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- int trunc_hmac,
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl_tls_prf_t tls_prf,
const unsigned char randbytes[64],
@@ -845,18 +842,6 @@
mac_key_len = mbedtls_md_get_size( md_info );
transform->maclen = mac_key_len;
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- /*
- * If HMAC is to be truncated, we shall keep the leftmost bytes,
- * (rfc 6066 page 13 or rfc 2104 section 4),
- * so we only need to adjust the length here.
- */
- if( trunc_hmac == MBEDTLS_SSL_TRUNC_HMAC_ENABLED )
- {
- transform->maclen = MBEDTLS_SSL_TRUNCATED_HMAC_LEN;
- }
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
/* IV length */
transform->ivlen = cipher_info->iv_size;
@@ -986,23 +971,14 @@
((void) mac_enc);
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
- if( ssl->conf->f_export_keys != NULL )
+ if( ssl->f_export_keys != NULL )
{
- ssl->conf->f_export_keys( ssl->conf->p_export_keys,
- master, keyblk,
- mac_key_len, keylen,
- iv_copy_len );
- }
-
- if( ssl->conf->f_export_keys_ext != NULL )
- {
- ssl->conf->f_export_keys_ext( ssl->conf->p_export_keys,
- master, keyblk,
- mac_key_len, keylen,
- iv_copy_len,
- randbytes + 32,
- randbytes,
- tls_prf_get_type( tls_prf ) );
+ ssl->f_export_keys( ssl->p_export_keys,
+ MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET,
+ master, 48,
+ randbytes + 32,
+ randbytes,
+ tls_prf_get_type( tls_prf ) );
}
#endif
@@ -1368,9 +1344,6 @@
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
ssl->session_negotiate->encrypt_then_mac,
#endif /* MBEDTLS_SSL_ENCRYPT_THEN_MAC */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- ssl->session_negotiate->trunc_hmac,
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl->handshake->tls_prf,
ssl->handshake->randbytes,
@@ -1429,7 +1402,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) );
mbedtls_sha256_clone( &sha256, &ssl->handshake->fin_sha256 );
- mbedtls_sha256_finish_ret( &sha256, hash );
+ mbedtls_sha256_finish( &sha256, hash );
*hlen = 32;
@@ -1478,7 +1451,7 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) );
mbedtls_sha512_clone( &sha512, &ssl->handshake->fin_sha512 );
- mbedtls_sha512_finish_ret( &sha512, hash );
+ mbedtls_sha512_finish( &sha512, hash );
*hlen = 48;
@@ -2490,7 +2463,7 @@
psa_hash_abort( &ssl->handshake->fin_sha256_psa );
psa_hash_setup( &ssl->handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
#else
- mbedtls_sha256_starts_ret( &ssl->handshake->fin_sha256, 0 );
+ mbedtls_sha256_starts( &ssl->handshake->fin_sha256, 0 );
#endif
#endif
#if defined(MBEDTLS_SHA384_C)
@@ -2498,7 +2471,7 @@
psa_hash_abort( &ssl->handshake->fin_sha384_psa );
psa_hash_setup( &ssl->handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
#else
- mbedtls_sha512_starts_ret( &ssl->handshake->fin_sha512, 1 );
+ mbedtls_sha512_starts( &ssl->handshake->fin_sha512, 1 );
#endif
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -2512,14 +2485,14 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len );
#else
- mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
+ mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len );
#endif
#endif
#if defined(MBEDTLS_SHA384_C)
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
#else
- mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
+ mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len );
#endif
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -2533,7 +2506,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_update( &ssl->handshake->fin_sha256_psa, buf, len );
#else
- mbedtls_sha256_update_ret( &ssl->handshake->fin_sha256, buf, len );
+ mbedtls_sha256_update( &ssl->handshake->fin_sha256, buf, len );
#endif
}
#endif
@@ -2545,7 +2518,7 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_hash_update( &ssl->handshake->fin_sha384_psa, buf, len );
#else
- mbedtls_sha512_update_ret( &ssl->handshake->fin_sha512, buf, len );
+ mbedtls_sha512_update( &ssl->handshake->fin_sha512, buf, len );
#endif
}
#endif
@@ -2613,7 +2586,7 @@
sha256.state, sizeof( sha256.state ) );
#endif
- mbedtls_sha256_finish_ret( &sha256, padbuf );
+ mbedtls_sha256_finish( &sha256, padbuf );
mbedtls_sha256_free( &sha256 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -2688,7 +2661,7 @@
MBEDTLS_SSL_DEBUG_BUF( 4, "finished sha512 state", (unsigned char *)
sha512.state, sizeof( sha512.state ) );
#endif
- mbedtls_sha512_finish_ret( &sha512, padbuf );
+ mbedtls_sha512_finish( &sha512, padbuf );
mbedtls_sha512_free( &sha512 );
#endif
@@ -2988,7 +2961,7 @@
psa_hash_setup( &handshake->fin_sha256_psa, PSA_ALG_SHA_256 );
#else
mbedtls_sha256_init( &handshake->fin_sha256 );
- mbedtls_sha256_starts_ret( &handshake->fin_sha256, 0 );
+ mbedtls_sha256_starts( &handshake->fin_sha256, 0 );
#endif
#endif
#if defined(MBEDTLS_SHA384_C)
@@ -2997,7 +2970,7 @@
psa_hash_setup( &handshake->fin_sha384_psa, PSA_ALG_SHA_384 );
#else
mbedtls_sha512_init( &handshake->fin_sha512 );
- mbedtls_sha512_starts_ret( &handshake->fin_sha512, 1 );
+ mbedtls_sha512_starts( &handshake->fin_sha512, 1 );
#endif
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
@@ -3504,6 +3477,9 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
+ if( ssl->handshake->resume == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+
if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate,
session ) ) != 0 )
return( ret );
@@ -4138,13 +4114,6 @@
}
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-void mbedtls_ssl_conf_truncated_hmac( mbedtls_ssl_config *conf, int truncate )
-{
- conf->trunc_hmac = truncate;
-}
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
void mbedtls_ssl_conf_legacy_renegotiation( mbedtls_ssl_config *conf, int allow_legacy )
{
conf->allow_legacy_renegotiation = allow_legacy;
@@ -4190,20 +4159,12 @@
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-void mbedtls_ssl_conf_export_keys_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_export_keys_t *f_export_keys,
- void *p_export_keys )
+void mbedtls_ssl_set_export_keys_cb( mbedtls_ssl_context *ssl,
+ mbedtls_ssl_export_keys_t *f_export_keys,
+ void *p_export_keys )
{
- conf->f_export_keys = f_export_keys;
- conf->p_export_keys = p_export_keys;
-}
-
-void mbedtls_ssl_conf_export_keys_ext_cb( mbedtls_ssl_config *conf,
- mbedtls_ssl_export_keys_ext_t *f_export_keys_ext,
- void *p_export_keys )
-{
- conf->f_export_keys_ext = f_export_keys_ext;
- conf->p_export_keys = p_export_keys;
+ ssl->f_export_keys = f_export_keys;
+ ssl->p_export_keys = p_export_keys;
}
#endif
@@ -4465,6 +4426,8 @@
int mbedtls_ssl_get_session( const mbedtls_ssl_context *ssl,
mbedtls_ssl_session *dst )
{
+ int ret;
+
if( ssl == NULL ||
dst == NULL ||
ssl->session == NULL ||
@@ -4473,18 +4436,30 @@
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
- return( mbedtls_ssl_session_copy( dst, ssl->session ) );
+ /* Since Mbed TLS 3.0, mbedtls_ssl_get_session() is no longer
+ * idempotent: Each session can only be exported once.
+ *
+ * (This is in preparation for TLS 1.3 support where we will
+ * need the ability to export multiple sessions (aka tickets),
+ * which will be achieved by calling mbedtls_ssl_get_session()
+ * multiple times until it fails.)
+ *
+ * Check whether we have already exported the current session,
+ * and fail if so.
+ */
+ if( ssl->session->exported == 1 )
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+
+ ret = mbedtls_ssl_session_copy( dst, ssl->session );
+ if( ret != 0 )
+ return( ret );
+
+ /* Remember that we've exported the session. */
+ ssl->session->exported = 1;
+ return( 0 );
}
#endif /* MBEDTLS_SSL_CLI_C */
-const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl )
-{
- if( ssl == NULL )
- return( NULL );
-
- return( ssl->session );
-}
-
/*
* Define ticket header determining Mbed TLS version
* and structure of the ticket.
@@ -4519,11 +4494,7 @@
#define SSL_SERIALIZED_SESSION_CONFIG_MFL 0
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 1
-#else
#define SSL_SERIALIZED_SESSION_CONFIG_TRUNC_HMAC 0
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
#define SSL_SERIALIZED_SESSION_CONFIG_ETM 1
@@ -4766,13 +4737,6 @@
*p++ = session->mfl_code;
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- used += 1;
-
- if( used <= buf_len )
- *p++ = (unsigned char)( ( session->trunc_hmac ) & 0xFF );
-#endif
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
used += 1;
@@ -5008,13 +4972,6 @@
session->mfl_code = *p++;
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- if( 1 > (size_t)( end - p ) )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
-
- session->trunc_hmac = *p++;
-#endif
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
if( 1 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -5831,9 +5788,6 @@
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
ssl->session->encrypt_then_mac,
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- ssl->session->trunc_hmac,
-#endif
#endif /* MBEDTLS_SSL_SOME_SUITES_USE_MAC */
ssl_tls12prf_from_cs( ssl->session->ciphersuite ),
p, /* currently pointing to randbytes */
@@ -6098,6 +6052,11 @@
}
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+/* The selection should be the same as mbedtls_x509_crt_profile_default in
+ * x509_crt.c. Here, the order matters. Currently we favor stronger hashes,
+ * for no fundamental reason.
+ * See the documentation of mbedtls_ssl_conf_curves() for what we promise
+ * about this list. */
static int ssl_preset_default_hashes[] = {
#if defined(MBEDTLS_SHA512_C)
MBEDTLS_MD_SHA512,
@@ -6108,16 +6067,46 @@
#if defined(MBEDTLS_SHA256_C)
MBEDTLS_MD_SHA256,
#endif
-#if defined(MBEDTLS_SHA224_C)
- MBEDTLS_MD_SHA224,
-#endif
-#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE)
- MBEDTLS_MD_SHA1,
-#endif
MBEDTLS_MD_NONE
};
#endif
+#if defined(MBEDTLS_ECP_C)
+/* The selection should be the same as mbedtls_x509_crt_profile_default in
+ * x509_crt.c, plus Montgomery curves for ECDHE. Here, the order matters:
+ * curves with a lower resource usage come first.
+ * See the documentation of mbedtls_ssl_conf_curves() for what we promise
+ * about this list.
+ */
+static mbedtls_ecp_group_id ssl_preset_default_curves[] = {
+#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+ MBEDTLS_ECP_DP_CURVE25519,
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+ MBEDTLS_ECP_DP_SECP256R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+ MBEDTLS_ECP_DP_SECP384R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+ MBEDTLS_ECP_DP_CURVE448,
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+ MBEDTLS_ECP_DP_SECP521R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+ MBEDTLS_ECP_DP_BP256R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+ MBEDTLS_ECP_DP_BP384R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+ MBEDTLS_ECP_DP_BP512R1,
+#endif
+ MBEDTLS_ECP_DP_NONE
+};
+#endif
+
static int ssl_preset_suiteb_ciphersuites[] = {
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
@@ -6281,7 +6270,7 @@
#endif
#if defined(MBEDTLS_ECP_C)
- conf->curve_list = mbedtls_ecp_grp_id_list();
+ conf->curve_list = ssl_preset_default_curves;
#endif
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
diff --git a/library/timing.c b/library/timing.c
index 664fde0..a85ce67 100644
--- a/library/timing.c
+++ b/library/timing.c
@@ -19,13 +19,6 @@
#include "common.h"
-#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif
-
#if defined(MBEDTLS_TIMING_C)
#include "mbedtls/timing.h"
@@ -38,10 +31,6 @@
#error "This module only works on Unix and Windows, see MBEDTLS_TIMING_C in config.h"
#endif
-#ifndef asm
-#define asm __asm
-#endif
-
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
#include <windows.h>
@@ -67,174 +56,25 @@
#endif /* _WIN32 && !EFIX64 && !EFI32 */
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tsc;
- __asm rdtsc
- __asm mov [tsc], eax
- return( tsc );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
-
-/* some versions of mingw-64 have 32-bit longs even on x84_64 */
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && ( defined(__i386__) || ( \
- ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long lo, hi;
- asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
- return( lo );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __i386__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long lo, hi;
- asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
- return( lo | ( hi << 32 ) );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && ( __amd64__ || __x86_64__ ) */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tbl, tbu0, tbu1;
-
- do
- {
- asm volatile( "mftbu %0" : "=r" (tbu0) );
- asm volatile( "mftb %0" : "=r" (tbl ) );
- asm volatile( "mftbu %0" : "=r" (tbu1) );
- }
- while( tbu0 != tbu1 );
-
- return( tbl );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && ( __powerpc__ || __ppc__ ) */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__sparc64__)
-
-#if defined(__OpenBSD__)
-#warning OpenBSD does not allow access to tick register using software version instead
-#else
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tick;
- asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
- return( tick );
-}
-#endif /* __OpenBSD__ */
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __sparc64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long tick;
- asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
- asm volatile( "mov %%g1, %0" : "=r" (tick) );
- return( tick );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __sparc__ && !__sparc64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__alpha__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long cc;
- asm volatile( "rpcc %0" : "=r" (cc) );
- return( cc & 0xFFFFFFFF );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __alpha__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
- defined(__GNUC__) && defined(__ia64__)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- unsigned long itc;
- asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
- return( itc );
-}
-#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
- __GNUC__ && __ia64__ */
-
-#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
- !defined(EFIX64) && !defined(EFI32)
-
-#define HAVE_HARDCLOCK
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- LARGE_INTEGER offset;
-
- QueryPerformanceCounter( &offset );
-
- return( (unsigned long)( offset.QuadPart ) );
-}
-#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
-
-#if !defined(HAVE_HARDCLOCK)
-
-#define HAVE_HARDCLOCK
-
-static int hardclock_init = 0;
-static struct timeval tv_init;
-
-unsigned long mbedtls_timing_hardclock( void )
-{
- struct timeval tv_cur;
-
- if( hardclock_init == 0 )
- {
- gettimeofday( &tv_init, NULL );
- hardclock_init = 1;
- }
-
- gettimeofday( &tv_cur, NULL );
- return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000
- + ( tv_cur.tv_usec - tv_init.tv_usec ) );
-}
-#endif /* !HAVE_HARDCLOCK */
-
-volatile int mbedtls_timing_alarmed = 0;
-
+/**
+ * \brief Return the elapsed time in milliseconds
+ *
+ * \warning May change without notice
+ *
+ * \param val points to a timer structure
+ * \param reset If 0, query the elapsed time. Otherwise (re)start the timer.
+ *
+ * \return Elapsed time since the previous reset in ms. When
+ * restarting, this is always 0.
+ *
+ * \note To initialize a timer, call this function with reset=1.
+ *
+ * Determining the elapsed time and resetting the timer is not
+ * atomic on all platforms, so after the sequence
+ * `{ get_timer(1); ...; time1 = get_timer(1); ...; time2 =
+ * get_timer(0) }` the value time1+time2 is only approximately
+ * the delay since the first reset.
+ */
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
@@ -258,33 +98,6 @@
}
}
-/* It's OK to use a global because alarm() is supposed to be global anyway */
-static DWORD alarmMs;
-
-static void TimerProc( void *TimerContext )
-{
- (void) TimerContext;
- Sleep( alarmMs );
- mbedtls_timing_alarmed = 1;
- /* _endthread will be called implicitly on return
- * That ensures execution of thread funcition's epilogue */
-}
-
-void mbedtls_set_alarm( int seconds )
-{
- if( seconds == 0 )
- {
- /* No need to create a thread for this simple case.
- * Also, this shorcut is more reliable at least on MinGW32 */
- mbedtls_timing_alarmed = 1;
- return;
- }
-
- mbedtls_timing_alarmed = 0;
- alarmMs = seconds * 1000;
- (void) _beginthread( TimerProc, 0, NULL );
-}
-
#else /* _WIN32 && !EFIX64 && !EFI32 */
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
@@ -307,25 +120,6 @@
}
}
-static void sighandler( int signum )
-{
- mbedtls_timing_alarmed = 1;
- signal( signum, sighandler );
-}
-
-void mbedtls_set_alarm( int seconds )
-{
- mbedtls_timing_alarmed = 0;
- signal( SIGALRM, sighandler );
- alarm( seconds );
- if( seconds == 0 )
- {
- /* alarm(0) cancelled any previous pending alarm, but the
- handler won't fire, so raise the flag straight away. */
- mbedtls_timing_alarmed = 1;
- }
-}
-
#endif /* _WIN32 && !EFIX64 && !EFI32 */
/*
@@ -365,178 +159,4 @@
}
#endif /* !MBEDTLS_TIMING_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * Busy-waits for the given number of milliseconds.
- * Used for testing mbedtls_timing_hardclock.
- */
-static void busy_msleep( unsigned long msec )
-{
- struct mbedtls_timing_hr_time hires;
- unsigned long i = 0; /* for busy-waiting */
- volatile unsigned long j; /* to prevent optimisation */
-
- (void) mbedtls_timing_get_timer( &hires, 1 );
-
- while( mbedtls_timing_get_timer( &hires, 0 ) < msec )
- i++;
-
- j = i;
- (void) j;
-}
-
-static void print_timers( struct mbedtls_timing_hr_time *hires,
- mbedtls_timing_delay_context *ctx )
-{
-#if defined(MBEDTLS_TIMING_ALT)
- mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=?? status(ctx)=%d\n",
- mbedtls_timing_get_timer( hires, 0 ),
- mbedtls_timing_get_delay( ctx ) );
-#else
- mbedtls_printf( " elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n",
- mbedtls_timing_get_timer( hires, 0 ),
- mbedtls_timing_get_timer( &ctx->timer, 0 ),
- mbedtls_timing_get_delay( ctx ) );
-#endif
-}
-
-#define FAIL do \
- { \
- if( verbose != 0 ) \
- { \
- mbedtls_printf( "failed at line %d\n", __LINE__ ); \
- mbedtls_printf( " cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \
- cycles, ratio, millisecs, secs, hardfail, \
- (unsigned long) a, (unsigned long) b ); \
- print_timers( &hires, &ctx ); \
- } \
- return( 1 ); \
- } while( 0 )
-
-/*
- * Checkup routine
- *
- * Warning: this is work in progress, some tests may not be reliable enough
- * yet! False positives may happen.
- */
-int mbedtls_timing_self_test( int verbose )
-{
- unsigned long cycles = 0, ratio = 0;
- unsigned long millisecs = 0, secs = 0;
- int hardfail = 0;
- struct mbedtls_timing_hr_time hires;
- uint32_t a = 0, b = 0;
- mbedtls_timing_delay_context ctx;
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING tests note: will take some time!\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING test #1 (set_alarm / get_timer): " );
-
- {
- secs = 1;
-
- (void) mbedtls_timing_get_timer( &hires, 1 );
-
- mbedtls_set_alarm( (int) secs );
- while( !mbedtls_timing_alarmed )
- ;
-
- millisecs = mbedtls_timing_get_timer( &hires, 0 );
-
- /* For some reason on Windows it looks like alarm has an extra delay
- * (maybe related to creating a new thread). Allow some room here. */
- if( millisecs < 800 * secs || millisecs > 1200 * secs + 300 )
- FAIL;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING test #2 (set/get_delay ): " );
-
- {
- a = 800;
- b = 400;
- mbedtls_timing_set_delay( &ctx, a, a + b ); /* T = 0 */
-
- busy_msleep( a - a / 4 ); /* T = a - a/4 */
- if( mbedtls_timing_get_delay( &ctx ) != 0 )
- FAIL;
-
- busy_msleep( a / 4 + b / 4 ); /* T = a + b/4 */
- if( mbedtls_timing_get_delay( &ctx ) != 1 )
- FAIL;
-
- busy_msleep( b ); /* T = a + b + b/4 */
- if( mbedtls_timing_get_delay( &ctx ) != 2 )
- FAIL;
- }
-
- mbedtls_timing_set_delay( &ctx, 0, 0 );
- busy_msleep( 200 );
- if( mbedtls_timing_get_delay( &ctx ) != -1 )
- FAIL;
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
- if( verbose != 0 )
- mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " );
-
- /*
- * Allow one failure for possible counter wrapping.
- * On a 4Ghz 32-bit machine the cycle counter wraps about once per second;
- * since the whole test is about 10ms, it shouldn't happen twice in a row.
- */
-
-hard_test:
- if( hardfail > 1 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed (ignored)\n" );
-
- goto hard_test_done;
- }
-
- /* Get a reference ratio cycles/ms */
- millisecs = 1;
- cycles = mbedtls_timing_hardclock();
- busy_msleep( millisecs );
- cycles = mbedtls_timing_hardclock() - cycles;
- ratio = cycles / millisecs;
-
- /* Check that the ratio is mostly constant */
- for( millisecs = 2; millisecs <= 4; millisecs++ )
- {
- cycles = mbedtls_timing_hardclock();
- busy_msleep( millisecs );
- cycles = mbedtls_timing_hardclock() - cycles;
-
- /* Allow variation up to 20% */
- if( cycles / millisecs < ratio - ratio / 5 ||
- cycles / millisecs > ratio + ratio / 5 )
- {
- hardfail++;
- goto hard_test;
- }
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
-
-hard_test_done:
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
- return( 0 );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
#endif /* MBEDTLS_TIMING_C */
diff --git a/library/x509_crt.c b/library/x509_crt.c
index d4e0ffd..c865444 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -95,33 +95,43 @@
*/
#define X509_MAX_VERIFY_CHAIN_SIZE ( MBEDTLS_X509_MAX_INTERMEDIATE_CA + 2 )
-/*
- * Default profile
- */
+/* Default profile. Do not remove items unless there are serious security
+ * concerns. */
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
{
- /* Only SHA-2 hashes */
- MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
- MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
- MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
- MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
- 0xFFFFFFF, /* Any PK alg */
- 0xFFFFFFF, /* Any curve */
- 2048,
-};
-
-/*
- * Next-default profile
- */
-const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
-{
- /* Hashes from SHA-256 and above */
+ /* Hashes from SHA-256 and above. Note that this selection
+ * should be aligned with ssl_preset_default_hashes in ssl_tls.c. */
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
0xFFFFFFF, /* Any PK alg */
#if defined(MBEDTLS_ECP_C)
- /* Curves at or above 128-bit security level */
+ /* Curves at or above 128-bit security level. Note that this selection
+ * should be aligned with ssl_preset_default_curves in ssl_tls.c. */
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) |
+ 0,
+#else
+ 0,
+#endif
+ 2048,
+};
+
+/* Next-generation profile. Currently identical to the default, but may
+ * be tightened at any time. */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
+{
+ /* Hashes from SHA-256 and above. */
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
+ MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
+ 0xFFFFFFF, /* Any PK alg */
+#if defined(MBEDTLS_ECP_C)
+ /* Curves at or above 128-bit security level. */
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) |
@@ -157,6 +167,17 @@
};
/*
+ * Empty / all-forbidden profile
+ */
+const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_none =
+{
+ 0,
+ 0,
+ 0,
+ (uint32_t) -1,
+};
+
+/*
* Check md_alg against profile
* Return 0 if md_alg is acceptable for this profile, -1 otherwise
*/
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 8f4a4f5..c90f8bc 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -178,7 +178,7 @@
MBEDTLS_ASN1_CHK_ADD( len,
mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
- ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
+ ret = mbedtls_sha1( buf + sizeof( buf ) - len, len,
buf + sizeof( buf ) - 20 );
if( ret != 0 )
return( ret );
@@ -206,7 +206,7 @@
MBEDTLS_ASN1_CHK_ADD( len,
mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
- ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
+ ret = mbedtls_sha1( buf + sizeof( buf ) - len, len,
buf + sizeof( buf ) - 20 );
if( ret != 0 )
return( ret );
diff --git a/library/xtea.c b/library/xtea.c
deleted file mode 100644
index 4b8c9c0..0000000
--- a/library/xtea.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/*
- * An 32-bit implementation of the XTEA algorithm
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "common.h"
-
-#if defined(MBEDTLS_XTEA_C)
-
-#include "mbedtls/xtea.h"
-#include "mbedtls/platform_util.h"
-
-#include <string.h>
-
-#if defined(MBEDTLS_SELF_TEST)
-#if defined(MBEDTLS_PLATFORM_C)
-#include "mbedtls/platform.h"
-#else
-#include <stdio.h>
-#define mbedtls_printf printf
-#endif /* MBEDTLS_PLATFORM_C */
-#endif /* MBEDTLS_SELF_TEST */
-
-#if !defined(MBEDTLS_XTEA_ALT)
-
-/*
- * 32-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT32_BE
-#define GET_UINT32_BE(n,b,i) \
-{ \
- (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
- | ( (uint32_t) (b)[(i) + 1] << 16 ) \
- | ( (uint32_t) (b)[(i) + 2] << 8 ) \
- | ( (uint32_t) (b)[(i) + 3] ); \
-}
-#endif
-
-#ifndef PUT_UINT32_BE
-#define PUT_UINT32_BE(n,b,i) \
-{ \
- (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
- (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
- (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
- (b)[(i) + 3] = (unsigned char) ( (n) ); \
-}
-#endif
-
-void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
-{
- memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
-}
-
-void mbedtls_xtea_free( mbedtls_xtea_context *ctx )
-{
- if( ctx == NULL )
- return;
-
- mbedtls_platform_zeroize( ctx, sizeof( mbedtls_xtea_context ) );
-}
-
-/*
- * XTEA key schedule
- */
-void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] )
-{
- int i;
-
- memset( ctx, 0, sizeof(mbedtls_xtea_context) );
-
- for( i = 0; i < 4; i++ )
- {
- GET_UINT32_BE( ctx->k[i], key, i << 2 );
- }
-}
-
-/*
- * XTEA encrypt function
- */
-int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode,
- const unsigned char input[8], unsigned char output[8])
-{
- uint32_t *k, v0, v1, i;
-
- k = ctx->k;
-
- GET_UINT32_BE( v0, input, 0 );
- GET_UINT32_BE( v1, input, 4 );
-
- if( mode == MBEDTLS_XTEA_ENCRYPT )
- {
- uint32_t sum = 0, delta = 0x9E3779B9;
-
- for( i = 0; i < 32; i++ )
- {
- v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- sum += delta;
- v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- }
- }
- else /* MBEDTLS_XTEA_DECRYPT */
- {
- uint32_t delta = 0x9E3779B9, sum = delta * 32;
-
- for( i = 0; i < 32; i++ )
- {
- v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
- sum -= delta;
- v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
- }
- }
-
- PUT_UINT32_BE( v0, output, 0 );
- PUT_UINT32_BE( v1, output, 4 );
-
- return( 0 );
-}
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
-/*
- * XTEA-CBC buffer encryption/decryption
- */
-int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length,
- unsigned char iv[8], const unsigned char *input,
- unsigned char *output)
-{
- int i;
- unsigned char temp[8];
-
- if( length % 8 )
- return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH );
-
- if( mode == MBEDTLS_XTEA_DECRYPT )
- {
- while( length > 0 )
- {
- memcpy( temp, input, 8 );
- mbedtls_xtea_crypt_ecb( ctx, mode, input, output );
-
- for( i = 0; i < 8; i++ )
- output[i] = (unsigned char)( output[i] ^ iv[i] );
-
- memcpy( iv, temp, 8 );
-
- input += 8;
- output += 8;
- length -= 8;
- }
- }
- else
- {
- while( length > 0 )
- {
- for( i = 0; i < 8; i++ )
- output[i] = (unsigned char)( input[i] ^ iv[i] );
-
- mbedtls_xtea_crypt_ecb( ctx, mode, output, output );
- memcpy( iv, output, 8 );
-
- input += 8;
- output += 8;
- length -= 8;
- }
- }
-
- return( 0 );
-}
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-#endif /* !MBEDTLS_XTEA_ALT */
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * XTEA tests vectors (non-official)
- */
-
-static const unsigned char xtea_test_key[6][16] =
-{
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f },
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f },
- { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
- 0x0c, 0x0d, 0x0e, 0x0f },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00 },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00 },
- { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00 }
-};
-
-static const unsigned char xtea_test_pt[6][8] =
-{
- { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
- { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f },
- { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
- { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 }
-};
-
-static const unsigned char xtea_test_ct[6][8] =
-{
- { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 },
- { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 },
- { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 },
- { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d },
- { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_xtea_self_test( int verbose )
-{
- int i, ret = 0;
- unsigned char buf[8];
- mbedtls_xtea_context ctx;
-
- mbedtls_xtea_init( &ctx );
- for( i = 0; i < 6; i++ )
- {
- if( verbose != 0 )
- mbedtls_printf( " XTEA test #%d: ", i + 1 );
-
- memcpy( buf, xtea_test_pt[i], 8 );
-
- mbedtls_xtea_setup( &ctx, xtea_test_key[i] );
- mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
-
- if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
- {
- if( verbose != 0 )
- mbedtls_printf( "failed\n" );
-
- ret = 1;
- goto exit;
- }
-
- if( verbose != 0 )
- mbedtls_printf( "passed\n" );
- }
-
- if( verbose != 0 )
- mbedtls_printf( "\n" );
-
-exit:
- mbedtls_xtea_free( &ctx );
-
- return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
-
-#endif /* MBEDTLS_XTEA_C */
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 62a54c7..85bcd5f 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -5,6 +5,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index 4f35d76..c7fcd35 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -8,7 +8,6 @@
endif()
set(executables_no_common_c
- fuzz_privkey
fuzz_pubkey
fuzz_x509crl
fuzz_x509crt
@@ -16,6 +15,7 @@
)
set(executables_with_common_c
+ fuzz_privkey
fuzz_client
fuzz_dtlsclient
fuzz_dtlsserver
diff --git a/programs/fuzz/fuzz_client.c b/programs/fuzz/fuzz_client.c
index cbd9483..ab2d134 100644
--- a/programs/fuzz/fuzz_client.c
+++ b/programs/fuzz/fuzz_client.c
@@ -102,9 +102,6 @@
{
mbedtls_ssl_conf_authmode( &conf, MBEDTLS_SSL_VERIFY_NONE );
}
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- mbedtls_ssl_conf_truncated_hmac( &conf, (options & 8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
#endif
diff --git a/programs/fuzz/fuzz_dtlsserver.c b/programs/fuzz/fuzz_dtlsserver.c
index 34ff63e..9a6e894 100644
--- a/programs/fuzz/fuzz_dtlsserver.c
+++ b/programs/fuzz/fuzz_dtlsserver.c
@@ -55,7 +55,8 @@
mbedtls_test_cas_pem_len ) != 0)
return 1;
if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+ mbedtls_test_srv_key_len, NULL, 0,
+ dummy_random, NULL ) != 0)
return 1;
#endif
dummy_init();
diff --git a/programs/fuzz/fuzz_privkey.c b/programs/fuzz/fuzz_privkey.c
index f76afd1..b9a160e 100644
--- a/programs/fuzz/fuzz_privkey.c
+++ b/programs/fuzz/fuzz_privkey.c
@@ -3,6 +3,7 @@
#include <stdint.h>
#include <stdlib.h>
#include "mbedtls/pk.h"
+#include "common.h"
//4 Kb should be enough for every bug ;-)
#define MAX_LEN 0x1000
@@ -19,7 +20,8 @@
}
mbedtls_pk_init( &pk );
- ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
+ ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0,
+ dummy_random, NULL );
if (ret == 0) {
#if defined(MBEDTLS_RSA_C)
if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
diff --git a/programs/fuzz/fuzz_server.c b/programs/fuzz/fuzz_server.c
index 5480e3e..e6eb5a7 100644
--- a/programs/fuzz/fuzz_server.c
+++ b/programs/fuzz/fuzz_server.c
@@ -56,6 +56,13 @@
options = Data[Size - 1];
if (initialized == 0) {
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+ mbedtls_entropy_init( &entropy );
+
+ if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
+ (const unsigned char *) pers, strlen( pers ) ) != 0 )
+ return 1;
+
#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_PEM_PARSE_C)
mbedtls_x509_crt_init( &srvcert );
mbedtls_pk_init( &pkey );
@@ -66,7 +73,8 @@
mbedtls_test_cas_pem_len ) != 0)
return 1;
if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+ mbedtls_test_srv_key_len, NULL, 0,
+ dummy_random, &ctr_drbg ) != 0)
return 1;
#endif
@@ -80,17 +88,10 @@
}
mbedtls_ssl_init( &ssl );
mbedtls_ssl_config_init( &conf );
- mbedtls_ctr_drbg_init( &ctr_drbg );
- mbedtls_entropy_init( &entropy );
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
mbedtls_ssl_ticket_init( &ticket_ctx );
#endif
- if( mbedtls_ctr_drbg_seed( &ctr_drbg, dummy_entropy, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) != 0 )
- goto exit;
-
-
if( mbedtls_ssl_config_defaults( &conf,
MBEDTLS_SSL_IS_SERVER,
MBEDTLS_SSL_TRANSPORT_STREAM,
@@ -127,9 +128,6 @@
&ticket_ctx );
}
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- mbedtls_ssl_conf_truncated_hmac( &conf, (options & 0x8) ? MBEDTLS_SSL_TRUNC_HMAC_ENABLED : MBEDTLS_SSL_TRUNC_HMAC_DISABLED);
-#endif
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
mbedtls_ssl_conf_extended_master_secret( &conf, (options & 0x10) ? MBEDTLS_SSL_EXTENDED_MS_DISABLED : MBEDTLS_SSL_EXTENDED_MS_ENABLED);
#endif
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index b2f2a1f..729474c 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -6,6 +6,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/hash/hello.c b/programs/hash/hello.c
index 70bea42..18beb69 100644
--- a/programs/hash/hello.c
+++ b/programs/hash/hello.c
@@ -55,7 +55,7 @@
mbedtls_printf( "\n MD5('%s') = ", str );
- if( ( ret = mbedtls_md5_ret( (unsigned char *) str, 13, digest ) ) != 0 )
+ if( ( ret = mbedtls_md5( (unsigned char *) str, 13, digest ) ) != 0 )
mbedtls_exit( MBEDTLS_EXIT_FAILURE );
for( i = 0; i < 16; i++ )
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index 9c6fe7d..3ad5643 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -6,6 +6,7 @@
foreach(exe IN LISTS executables_mbedtls)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedtls_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
set(executables_mbedcrypto
@@ -32,6 +33,7 @@
foreach(exe IN LISTS executables_mbedcrypto)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 88e817e..28bfb89 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -214,9 +214,9 @@
goto exit;
}
- if( ( ret = mbedtls_sha1_ret( buf, (int)( p - 2 - buf ), hash ) ) != 0 )
+ if( ( ret = mbedtls_sha1( buf, (int)( p - 2 - buf ), hash ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_sha1 returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/pkey/dh_server.c b/programs/pkey/dh_server.c
index e469bbc..79c313c 100644
--- a/programs/pkey/dh_server.c
+++ b/programs/pkey/dh_server.c
@@ -219,9 +219,9 @@
/*
* 5. Sign the parameters and send them
*/
- if( ( ret = mbedtls_sha1_ret( buf, n, hash ) ) != 0 )
+ if( ( ret = mbedtls_sha1( buf, n, hash ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_sha1_ret returned %d\n\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_sha1 returned %d\n\n", ret );
goto exit;
}
diff --git a/programs/pkey/ecdsa.c b/programs/pkey/ecdsa.c
index 3dd85bf..31b4584 100644
--- a/programs/pkey/ecdsa.c
+++ b/programs/pkey/ecdsa.c
@@ -166,9 +166,9 @@
mbedtls_printf( " . Computing message hash..." );
fflush( stdout );
- if( ( ret = mbedtls_sha256_ret( message, sizeof( message ), hash, 0 ) ) != 0 )
+ if( ( ret = mbedtls_sha256( message, sizeof( message ), hash, 0 ) ) != 0 )
{
- mbedtls_printf( " failed\n ! mbedtls_sha256_ret returned %d\n", ret );
+ mbedtls_printf( " failed\n ! mbedtls_sha256 returned %d\n", ret );
goto exit;
}
diff --git a/programs/pkey/key_app.c b/programs/pkey/key_app.c
index 7bd93c7..2145e07 100644
--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@@ -35,10 +35,13 @@
#endif /* MBEDTLS_PLATFORM_C */
#if defined(MBEDTLS_BIGNUM_C) && \
- defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
+ defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
+ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/error.h"
#include "mbedtls/rsa.h"
#include "mbedtls/pk.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
#include <string.h>
#endif
@@ -63,11 +66,13 @@
"\n"
#if !defined(MBEDTLS_BIGNUM_C) || \
- !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
+ !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO) || \
+ !defined(MBEDTLS_ENTROPY_C) || !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
- "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
+ "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO and/or "
+ "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C not defined.\n");
mbedtls_exit( 0 );
}
#else
@@ -92,12 +97,19 @@
int i;
char *p, *q;
+ const char *pers = "pkey/key_app";
+ mbedtls_entropy_context entropy;
+ mbedtls_ctr_drbg_context ctr_drbg;
+
mbedtls_pk_context pk;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
/*
* Set to sane values
*/
+ mbedtls_entropy_init( &entropy );
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+
mbedtls_pk_init( &pk );
memset( buf, 0, sizeof(buf) );
@@ -181,7 +193,16 @@
mbedtls_printf( "\n . Loading the private key ..." );
fflush( stdout );
- ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password );
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
+ goto cleanup;
+ }
+
+ ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
@@ -299,6 +320,9 @@
}
#endif
+ mbedtls_ctr_drbg_free( &ctr_drbg );
+ mbedtls_entropy_free( &entropy );
+
mbedtls_pk_free( &pk );
mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
@@ -311,4 +335,5 @@
mbedtls_exit( exit_code );
}
-#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */
+#endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO &&
+ MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/key_app_writer.c b/programs/pkey/key_app_writer.c
index 4b65262..89c67ed 100644
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@@ -34,11 +34,16 @@
#define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
#endif /* MBEDTLS_PLATFORM_C */
-#if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO)
+#if defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \
+ defined(MBEDTLS_FS_IO) && \
+ defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/error.h"
#include "mbedtls/pk.h"
#include "mbedtls/error.h"
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+
#include <stdio.h>
#include <string.h>
#endif
@@ -88,10 +93,14 @@
#if !defined(MBEDTLS_PK_PARSE_C) || \
!defined(MBEDTLS_PK_WRITE_C) || \
- !defined(MBEDTLS_FS_IO)
+ !defined(MBEDTLS_FS_IO) || \
+ !defined(MBEDTLS_ENTROPY_C) || \
+ !defined(MBEDTLS_CTR_DRBG_C)
int main( void )
{
- mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO not defined.\n" );
+ mbedtls_printf( "MBEDTLS_PK_PARSE_C and/or MBEDTLS_PK_WRITE_C and/or "
+ "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
+ "MBEDTLS_FS_IO not defined.\n" );
mbedtls_exit( 0 );
}
#else
@@ -201,12 +210,19 @@
int i;
char *p, *q;
+ const char *pers = "pkey/key_app";
+ mbedtls_entropy_context entropy;
+ mbedtls_ctr_drbg_context ctr_drbg;
+
mbedtls_pk_context key;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
/*
* Set to sane values
*/
+ mbedtls_entropy_init( &entropy );
+ mbedtls_ctr_drbg_init( &ctr_drbg );
+
mbedtls_pk_init( &key );
memset( buf, 0, sizeof( buf ) );
@@ -292,8 +308,16 @@
mbedtls_printf( "\n . Loading the private key ..." );
fflush( stdout );
- ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int) -ret );
+ goto exit;
+ }
+ ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
@@ -429,6 +453,9 @@
mbedtls_pk_free( &key );
+ mbedtls_ctr_drbg_free( &ctr_drbg );
+ mbedtls_entropy_free( &entropy );
+
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
@@ -436,4 +463,5 @@
mbedtls_exit( exit_code );
}
-#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO */
+#endif /* MBEDTLS_PK_PARSE_C && MBEDTLS_PK_WRITE_C && MBEDTLS_FS_IO &&
+ MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
diff --git a/programs/pkey/pk_decrypt.c b/programs/pkey/pk_decrypt.c
index 810d6fb..e01f5d5 100644
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@@ -106,7 +106,8 @@
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+ if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+ mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
goto exit;
diff --git a/programs/pkey/pk_sign.c b/programs/pkey/pk_sign.c
index 451e3de..422fa25 100644
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@@ -101,7 +101,8 @@
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+ if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+ mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! Could not parse '%s'\n", argv[1] );
goto exit;
diff --git a/programs/pkey/rsa_sign_pss.c b/programs/pkey/rsa_sign_pss.c
index 26056dd..bbbe0a9 100644
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@@ -102,7 +102,8 @@
mbedtls_printf( "\n . Reading private key from '%s'", argv[1] );
fflush( stdout );
- if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+ if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+ mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
mbedtls_printf( " failed\n ! Could not read key from '%s'\n", argv[1] );
mbedtls_printf( " ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index f32dc31..e5edf7b 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -6,6 +6,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${mbedcrypto_target})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/ssl/dtls_server.c b/programs/ssl/dtls_server.c
index de47aab..d2cc450 100644
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@@ -79,6 +79,7 @@
#include "mbedtls/error.h"
#include "mbedtls/debug.h"
#include "mbedtls/timing.h"
+
#include "test/certs.h"
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -138,7 +139,23 @@
#endif
/*
- * 1. Load the certificates and private RSA key
+ * 1. Seed the RNG
+ */
+ printf( " . Seeding the random number generator..." );
+ fflush( stdout );
+
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+ goto exit;
+ }
+
+ printf( " ok\n" );
+
+ /*
+ * 2. Load the certificates and private RSA key
*/
printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
@@ -165,7 +182,7 @@
}
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
@@ -175,7 +192,7 @@
printf( " ok\n" );
/*
- * 2. Setup the "listening" UDP socket
+ * 3. Setup the "listening" UDP socket
*/
printf( " . Bind on udp/*/4433 ..." );
fflush( stdout );
@@ -189,22 +206,6 @@
printf( " ok\n" );
/*
- * 3. Seed the RNG
- */
- printf( " . Seeding the random number generator..." );
- fflush( stdout );
-
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
- goto exit;
- }
-
- printf( " ok\n" );
-
- /*
* 4. Setup stuff
*/
printf( " . Setting up the DTLS data..." );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 98a3048..25fe21b 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -235,13 +235,6 @@
#define USAGE_SRTP ""
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-#define USAGE_TRUNC_HMAC \
- " trunc_hmac=%%d default: library default\n"
-#else
-#define USAGE_TRUNC_HMAC ""
-#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
-
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
#define USAGE_MAX_FRAG_LEN \
" max_frag_len=%%d default: 16384 (tls default)\n" \
@@ -394,7 +387,6 @@
USAGE_TICKETS \
USAGE_EAP_TLS \
USAGE_MAX_FRAG_LEN \
- USAGE_TRUNC_HMAC \
USAGE_CONTEXT_CRT_CB \
USAGE_ALPN \
USAGE_EMS \
@@ -1548,12 +1540,12 @@
else
#if defined(MBEDTLS_FS_IO)
if( strlen( opt.key_file ) )
- ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd );
+ ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd, rng_get, &rng );
else
#endif
ret = mbedtls_pk_parse_key( &pkey,
(const unsigned char *) mbedtls_test_cli_key,
- mbedtls_test_cli_key_len, NULL, 0 );
+ mbedtls_test_cli_key_len, NULL, 0, rng_get, &rng );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
@@ -1721,11 +1713,6 @@
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- if( opt.trunc_hmac != DFL_TRUNC_HMAC )
- mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
-#endif
-
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
@@ -1736,27 +1723,6 @@
mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
#endif
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
- if( opt.eap_tls != 0 )
- {
- mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation,
- &eap_tls_keying );
- }
- else if( opt.nss_keylog != 0 )
- {
- mbedtls_ssl_conf_export_keys_ext_cb( &conf,
- nss_keylog_export,
- NULL );
- }
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
- else if( opt.use_srtp != 0 )
- {
- mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation,
- &dtls_srtp_keying );
- }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
#if defined(MBEDTLS_DHM_C)
if( opt.dhmlen != DFL_DHMLEN )
mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen );
@@ -1886,6 +1852,27 @@
goto exit;
}
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+ if( opt.eap_tls != 0 )
+ {
+ mbedtls_ssl_set_export_keys_cb( &ssl, eap_tls_key_derivation,
+ &eap_tls_keying );
+ }
+ else if( opt.nss_keylog != 0 )
+ {
+ mbedtls_ssl_set_export_keys_cb( &ssl,
+ nss_keylog_export,
+ NULL );
+ }
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ else if( opt.use_srtp != 0 )
+ {
+ mbedtls_ssl_set_export_keys_cb( &ssl, dtls_srtp_key_derivation,
+ &dtls_srtp_keying );
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( ( ret = mbedtls_ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
@@ -2163,6 +2150,8 @@
if( opt.reco_mode == 1 )
{
+ mbedtls_ssl_session exported_session;
+
/* free any previously saved data */
if( session_data != NULL )
{
@@ -2171,27 +2160,40 @@
session_data = NULL;
}
+ mbedtls_ssl_session_init( &exported_session );
+ ret = mbedtls_ssl_get_session( &ssl, &exported_session );
+ if( ret != 0 )
+ {
+ mbedtls_printf(
+ "failed\n ! mbedtls_ssl_get_session() returned -%#02x\n",
+ (unsigned) -ret );
+ goto exit;
+ }
+
/* get size of the buffer needed */
- mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
- NULL, 0, &session_data_len );
+ mbedtls_ssl_session_save( &exported_session, NULL, 0, &session_data_len );
session_data = mbedtls_calloc( 1, session_data_len );
if( session_data == NULL )
{
mbedtls_printf( " failed\n ! alloc %u bytes for session data\n",
(unsigned) session_data_len );
+ mbedtls_ssl_session_free( &exported_session );
ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
goto exit;
}
/* actually save session data */
- if( ( ret = mbedtls_ssl_session_save( mbedtls_ssl_get_session_pointer( &ssl ),
+ if( ( ret = mbedtls_ssl_session_save( &exported_session,
session_data, session_data_len,
&session_data_len ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_saved returned -0x%04x\n\n",
(unsigned int) -ret );
+ mbedtls_ssl_session_free( &exported_session );
goto exit;
}
+
+ mbedtls_ssl_session_free( &exported_session );
}
else
{
diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index b360991..b04d4b5 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -700,12 +700,6 @@
case MBEDTLS_MD_NONE:
printf( "none\n" );
break;
- case MBEDTLS_MD_MD2:
- printf( "MD2\n" );
- break;
- case MBEDTLS_MD_MD4:
- printf( "MD4\n" );
- break;
case MBEDTLS_MD_MD5:
printf( "MD5\n" );
break;
@@ -868,7 +862,6 @@
print_if_bit( "MBEDTLS_HAVE_TIME", SESSION_CONFIG_TIME_BIT, session_cfg_flag );
print_if_bit( "MBEDTLS_X509_CRT_PARSE_C", SESSION_CONFIG_CRT_BIT, session_cfg_flag );
print_if_bit( "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH", SESSION_CONFIG_MFL_BIT, session_cfg_flag );
- print_if_bit( "MBEDTLS_SSL_TRUNCATED_HMAC", SESSION_CONFIG_TRUNC_HMAC_BIT, session_cfg_flag );
print_if_bit( "MBEDTLS_SSL_ENCRYPT_THEN_MAC", SESSION_CONFIG_ETM_BIT, session_cfg_flag );
print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS", SESSION_CONFIG_TICKET_BIT, session_cfg_flag );
print_if_bit( "MBEDTLS_SSL_SESSION_TICKETS and client", SESSION_CONFIG_CLIENT_TICKET_BIT, session_cfg_flag );
diff --git a/programs/ssl/ssl_fork_server.c b/programs/ssl/ssl_fork_server.c
index 5732108..7419010 100644
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@@ -166,7 +166,8 @@
}
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed! mbedtls_pk_parse_key returned %d\n\n", ret );
diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c
index 09bbc3d..f223977 100644
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@@ -556,12 +556,17 @@
#if defined(MBEDTLS_FS_IO)
if( strlen( opt.key_file ) )
- ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
+ {
+ ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "",
+ mbedtls_ctr_drbg_random, &ctr_drbg );
+ }
else
#endif
#if defined(MBEDTLS_PEM_PARSE_C)
+ {
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
- mbedtls_test_cli_key_len, NULL, 0 );
+ mbedtls_test_cli_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg );
+ }
#else
{
mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
index 93eab46..a083e4b 100644
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@@ -360,7 +360,23 @@
mbedtls_entropy_init( &entropy );
/*
- * 1. Load the certificates and private RSA key
+ * 1a. Seed the random number generator
+ */
+ mbedtls_printf( " . Seeding the random number generator..." );
+
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
+ ( unsigned int ) -ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " ok\n" );
+
+ /*
+ * 1b. Load the certificates and private RSA key
*/
mbedtls_printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
@@ -388,7 +404,8 @@
mbedtls_pk_init( &pkey );
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
@@ -398,22 +415,6 @@
mbedtls_printf( " ok\n" );
/*
- * 1b. Seed the random number generator
- */
- mbedtls_printf( " . Seeding the random number generator..." );
-
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
- ( unsigned int ) -ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
-
- /*
* 1c. Prepare SSL configuration
*/
mbedtls_printf( " . Setting up the SSL data...." );
diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c
index 42196ff..aaccb58 100644
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@@ -125,7 +125,23 @@
#endif
/*
- * 1. Load the certificates and private RSA key
+ * 1. Seed the RNG
+ */
+ mbedtls_printf( " . Seeding the random number generator..." );
+ fflush( stdout );
+
+ if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *) pers,
+ strlen( pers ) ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " ok\n" );
+
+ /*
+ * 2. Load the certificates and private RSA key
*/
mbedtls_printf( "\n . Loading the server cert. and key..." );
fflush( stdout );
@@ -152,7 +168,8 @@
}
ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
- mbedtls_test_srv_key_len, NULL, 0 );
+ mbedtls_test_srv_key_len, NULL, 0,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned %d\n\n", ret );
@@ -162,7 +179,7 @@
mbedtls_printf( " ok\n" );
/*
- * 2. Setup the listening TCP socket
+ * 3. Setup the listening TCP socket
*/
mbedtls_printf( " . Bind on https://localhost:4433/ ..." );
fflush( stdout );
@@ -176,22 +193,6 @@
mbedtls_printf( " ok\n" );
/*
- * 3. Seed the RNG
- */
- mbedtls_printf( " . Seeding the random number generator..." );
- fflush( stdout );
-
- if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) pers,
- strlen( pers ) ) ) != 0 )
- {
- mbedtls_printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
- goto exit;
- }
-
- mbedtls_printf( " ok\n" );
-
- /*
* 4. Setup stuff
*/
mbedtls_printf( " . Setting up the SSL data...." );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index de4eb6d..cf608b9 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -334,13 +334,6 @@
#define USAGE_MAX_FRAG_LEN ""
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
-#define USAGE_TRUNC_HMAC \
- " trunc_hmac=%%d default: library default\n"
-#else
-#define USAGE_TRUNC_HMAC ""
-#endif
-
#if defined(MBEDTLS_SSL_ALPN)
#define USAGE_ALPN \
" alpn=%%s default: \"\" (disabled)\n" \
@@ -487,7 +480,6 @@
USAGE_NSS_KEYLOG_FILE \
USAGE_CACHE \
USAGE_MAX_FRAG_LEN \
- USAGE_TRUNC_HMAC \
USAGE_ALPN \
USAGE_EMS \
USAGE_ETM \
@@ -525,6 +517,8 @@
(out_be)[(i) + 7] = (unsigned char)( ( (in_le) >> 0 ) & 0xFF ); \
}
+/* This is global so it can be easily accessed by callback functions */
+rng_context_t rng;
/*
* global options
@@ -727,7 +721,7 @@
mbedtls_pk_init( new->key );
if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 ||
- mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 )
+ mbedtls_pk_parse_keyfile( new->key, key_file, "", rng_get, &rng ) != 0 )
goto error;
if( strcmp( ca_file, "-" ) != 0 )
@@ -1045,7 +1039,8 @@
for( slot = 0; slot < config_data->slots_used; slot++ )
{
if( mbedtls_pk_check_pair( &cert->pk,
- config_data->slots[slot].pk ) == 0 )
+ config_data->slots[slot].pk,
+ rng_get, &rng ) == 0 )
break;
}
if( slot == config_data->slots_used )
@@ -1271,7 +1266,6 @@
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_x509_crt_profile crt_profile_for_test = mbedtls_x509_crt_profile_default;
#endif
- rng_context_t rng;
mbedtls_ssl_context ssl;
mbedtls_ssl_config conf;
#if defined(MBEDTLS_TIMING_C)
@@ -2257,7 +2251,7 @@
{
key_cert_init++;
if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file,
- opt.key_pwd ) ) != 0 )
+ opt.key_pwd, rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret );
goto exit;
@@ -2283,7 +2277,7 @@
{
key_cert_init2++;
if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2,
- opt.key_pwd2 ) ) != 0 )
+ opt.key_pwd2, rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
(unsigned int) -ret );
@@ -2314,7 +2308,8 @@
}
if( ( ret = mbedtls_pk_parse_key( &pkey,
(const unsigned char *) mbedtls_test_srv_key_rsa,
- mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
+ mbedtls_test_srv_key_rsa_len, NULL, 0,
+ rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_pk_parse_key returned -0x%x\n\n",
(unsigned int) -ret );
@@ -2333,7 +2328,8 @@
}
if( ( ret = mbedtls_pk_parse_key( &pkey2,
(const unsigned char *) mbedtls_test_srv_key_ec,
- mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 )
+ mbedtls_test_srv_key_ec_len, NULL, 0,
+ rng_get, &rng ) ) != 0 )
{
mbedtls_printf( " failed\n ! pk_parse_key2 returned -0x%x\n\n",
(unsigned int) -ret );
@@ -2506,11 +2502,6 @@
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- if( opt.trunc_hmac != DFL_TRUNC_HMAC )
- mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
-#endif
-
#if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET)
if( opt.extended_ms != DFL_EXTENDED_MS )
mbedtls_ssl_conf_extended_master_secret( &conf, opt.extended_ms );
@@ -2521,27 +2512,6 @@
mbedtls_ssl_conf_encrypt_then_mac( &conf, opt.etm );
#endif
-#if defined(MBEDTLS_SSL_EXPORT_KEYS)
- if( opt.eap_tls != 0 )
- {
- mbedtls_ssl_conf_export_keys_ext_cb( &conf, eap_tls_key_derivation,
- &eap_tls_keying );
- }
- else if( opt.nss_keylog != 0 )
- {
- mbedtls_ssl_conf_export_keys_ext_cb( &conf,
- nss_keylog_export,
- NULL );
- }
-#if defined( MBEDTLS_SSL_DTLS_SRTP )
- else if( opt.use_srtp != 0 )
- {
- mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation,
- &dtls_srtp_keying );
- }
-#endif /* MBEDTLS_SSL_DTLS_SRTP */
-#endif /* MBEDTLS_SSL_EXPORT_KEYS */
-
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
@@ -2868,6 +2838,27 @@
goto exit;
}
+#if defined(MBEDTLS_SSL_EXPORT_KEYS)
+ if( opt.eap_tls != 0 )
+ {
+ mbedtls_ssl_set_export_keys_cb( &ssl, eap_tls_key_derivation,
+ &eap_tls_keying );
+ }
+ else if( opt.nss_keylog != 0 )
+ {
+ mbedtls_ssl_set_export_keys_cb( &ssl,
+ nss_keylog_export,
+ NULL );
+ }
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ else if( opt.use_srtp != 0 )
+ {
+ mbedtls_ssl_set_export_keys_cb( &ssl, dtls_srtp_key_derivation,
+ &dtls_srtp_keying );
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
+
io_ctx.ssl = &ssl;
io_ctx.net = &client_fd;
mbedtls_ssl_set_bio( &ssl, &io_ctx, send_cb, recv_cb,
diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c
index fa2c606..d30c36e 100644
--- a/programs/ssl/ssl_test_common_source.c
+++ b/programs/ssl/ssl_test_common_source.c
@@ -25,55 +25,46 @@
*/
#if defined(MBEDTLS_SSL_EXPORT_KEYS)
-int eap_tls_key_derivation( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
+void eap_tls_key_derivation( void *p_expkey,
+ mbedtls_ssl_key_export_type secret_type,
+ const unsigned char *secret,
+ size_t secret_len,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
{
eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ /* We're only interested in the TLS 1.2 master secret */
+ if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET )
+ return;
+ if( secret_len != sizeof( keys->master_secret ) )
+ return;
+
+ memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) );
memcpy( keys->randbytes, client_random, 32 );
memcpy( keys->randbytes + 32, server_random, 32 );
keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf("exported maclen is %u\n", (unsigned)maclen);
- mbedtls_printf("exported keylen is %u\n", (unsigned)keylen);
- mbedtls_printf("exported ivlen is %u\n", (unsigned)ivlen);
- }
- return( 0 );
}
-int nss_keylog_export( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
+void nss_keylog_export( void *p_expkey,
+ mbedtls_ssl_key_export_type secret_type,
+ const unsigned char *secret,
+ size_t secret_len,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
{
char nss_keylog_line[ 200 ];
size_t const client_random_len = 32;
- size_t const master_secret_len = 48;
size_t len = 0;
size_t j;
- int ret = 0;
+
+ /* We're only interested in the TLS 1.2 master secret */
+ if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET )
+ return;
((void) p_expkey);
- ((void) kb);
- ((void) maclen);
- ((void) keylen);
- ((void) ivlen);
((void) server_random);
((void) tls_prf_type);
@@ -88,10 +79,10 @@
len += sprintf( nss_keylog_line + len, " " );
- for( j = 0; j < master_secret_len; j++ )
+ for( j = 0; j < secret_len; j++ )
{
len += sprintf( nss_keylog_line + len,
- "%02x", ms[j] );
+ "%02x", secret[j] );
}
len += sprintf( nss_keylog_line + len, "\n" );
@@ -108,13 +99,11 @@
if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
{
- ret = -1;
goto exit;
}
if( fwrite( nss_keylog_line, 1, len, f ) != len )
{
- ret = -1;
fclose( f );
goto exit;
}
@@ -125,35 +114,29 @@
exit:
mbedtls_platform_zeroize( nss_keylog_line,
sizeof( nss_keylog_line ) );
- return( ret );
}
#if defined( MBEDTLS_SSL_DTLS_SRTP )
-int dtls_srtp_key_derivation( void *p_expkey,
- const unsigned char *ms,
- const unsigned char *kb,
- size_t maclen,
- size_t keylen,
- size_t ivlen,
- const unsigned char client_random[32],
- const unsigned char server_random[32],
- mbedtls_tls_prf_types tls_prf_type )
+void dtls_srtp_key_derivation( void *p_expkey,
+ mbedtls_ssl_key_export_type secret_type,
+ const unsigned char *secret,
+ size_t secret_len,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
{
dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
- ( ( void ) kb );
- memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ /* We're only interested in the TLS 1.2 master secret */
+ if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET )
+ return;
+ if( secret_len != sizeof( keys->master_secret ) )
+ return;
+
+ memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) );
memcpy( keys->randbytes, client_random, 32 );
memcpy( keys->randbytes + 32, server_random, 32 );
keys->tls_prf_type = tls_prf_type;
-
- if( opt.debug_level > 2 )
- {
- mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
- mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
- mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
- }
- return( 0 );
}
#endif /* MBEDTLS_SSL_DTLS_SRTP */
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index 148e6da..6a53647 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -47,18 +47,15 @@
#include "mbedtls/timing.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/des.h"
#include "mbedtls/aes.h"
#include "mbedtls/aria.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/chacha20.h"
#include "mbedtls/gcm.h"
@@ -77,10 +74,41 @@
#include "mbedtls/error.h"
+#ifndef asm
+#define asm __asm
+#endif
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+#include <windows.h>
+#include <process.h>
+
+struct _hr_time
+{
+ LARGE_INTEGER start;
+};
+
+#else
+
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <signal.h>
+#include <time.h>
+
+struct _hr_time
+{
+ struct timeval start;
+};
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#include "mbedtls/memory_buffer_alloc.h"
#endif
+static void mbedtls_set_alarm( int seconds );
+
/*
* For heap usage estimates, we need an estimate of the overhead per allocated
* block. ptmalloc2/3 (used in gnu libc for instance) uses 2 size_t per block,
@@ -98,8 +126,8 @@
#define TITLE_LEN 25
#define OPTIONS \
- "md4, md5, ripemd160, sha1, sha256, sha512,\n" \
- "arc4, des3, des, camellia, blowfish, chacha20,\n" \
+ "md5, ripemd160, sha1, sha256, sha512,\n" \
+ "des3, des, camellia, chacha20,\n" \
"aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,\n" \
"aes_cmac, des3_cmac, poly1305\n" \
"ctr_drbg, hmac_drbg\n" \
@@ -212,6 +240,226 @@
} \
} while( 0 )
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ ( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tsc;
+ __asm rdtsc
+ __asm mov [tsc], eax
+ return( tsc );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ ( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
+
+/* some versions of mingw-64 have 32-bit longs even on x84_64 */
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && ( defined(__i386__) || ( \
+ ( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long lo, hi;
+ asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
+ return( lo );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __i386__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long lo, hi;
+ asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
+ return( lo | ( hi << 32 ) );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && ( __amd64__ || __x86_64__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tbl, tbu0, tbu1;
+
+ do
+ {
+ asm volatile( "mftbu %0" : "=r" (tbu0) );
+ asm volatile( "mftb %0" : "=r" (tbl ) );
+ asm volatile( "mftbu %0" : "=r" (tbu1) );
+ }
+ while( tbu0 != tbu1 );
+
+ return( tbl );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && ( __powerpc__ || __ppc__ ) */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__sparc64__)
+
+#if defined(__OpenBSD__)
+#warning OpenBSD does not allow access to tick register using software version instead
+#else
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tick;
+ asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
+ return( tick );
+}
+#endif /* __OpenBSD__ */
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long tick;
+ asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
+ asm volatile( "mov %%g1, %0" : "=r" (tick) );
+ return( tick );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __sparc__ && !__sparc64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__alpha__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long cc;
+ asm volatile( "rpcc %0" : "=r" (cc) );
+ return( cc & 0xFFFFFFFF );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __alpha__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
+ defined(__GNUC__) && defined(__ia64__)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ unsigned long itc;
+ asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
+ return( itc );
+}
+#endif /* !HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
+ __GNUC__ && __ia64__ */
+
+#if !defined(HAVE_HARDCLOCK) && defined(_MSC_VER) && \
+ !defined(EFIX64) && !defined(EFI32)
+
+#define HAVE_HARDCLOCK
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ LARGE_INTEGER offset;
+
+ QueryPerformanceCounter( &offset );
+
+ return( (unsigned long)( offset.QuadPart ) );
+}
+#endif /* !HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
+
+#if !defined(HAVE_HARDCLOCK)
+
+#define HAVE_HARDCLOCK
+
+static int hardclock_init = 0;
+static struct timeval tv_init;
+
+static unsigned long mbedtls_timing_hardclock( void )
+{
+ struct timeval tv_cur;
+
+ if( hardclock_init == 0 )
+ {
+ gettimeofday( &tv_init, NULL );
+ hardclock_init = 1;
+ }
+
+ gettimeofday( &tv_cur, NULL );
+ return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000
+ + ( tv_cur.tv_usec - tv_init.tv_usec ) );
+}
+#endif /* !HAVE_HARDCLOCK */
+
+volatile int mbedtls_timing_alarmed = 0;
+
+#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
+
+/* It's OK to use a global because alarm() is supposed to be global anyway */
+static DWORD alarmMs;
+
+static void TimerProc( void *TimerContext )
+{
+ (void) TimerContext;
+ Sleep( alarmMs );
+ mbedtls_timing_alarmed = 1;
+ /* _endthread will be called implicitly on return
+ * That ensures execution of thread funcition's epilogue */
+}
+
+static void mbedtls_set_alarm( int seconds )
+{
+ if( seconds == 0 )
+ {
+ /* No need to create a thread for this simple case.
+ * Also, this shorcut is more reliable at least on MinGW32 */
+ mbedtls_timing_alarmed = 1;
+ return;
+ }
+
+ mbedtls_timing_alarmed = 0;
+ alarmMs = seconds * 1000;
+ (void) _beginthread( TimerProc, 0, NULL );
+}
+
+#else /* _WIN32 && !EFIX64 && !EFI32 */
+
+static void sighandler( int signum )
+{
+ mbedtls_timing_alarmed = 1;
+ signal( signum, sighandler );
+}
+
+static void mbedtls_set_alarm( int seconds )
+{
+ mbedtls_timing_alarmed = 0;
+ signal( SIGALRM, sighandler );
+ alarm( seconds );
+ if( seconds == 0 )
+ {
+ /* alarm(0) cancelled any previous pending alarm, but the
+ handler won't fire, so raise the flag straight away. */
+ mbedtls_timing_alarmed = 1;
+ }
+}
+
+#endif /* _WIN32 && !EFIX64 && !EFI32 */
+
static int myrand( void *rng_state, unsigned char *output, size_t len )
{
size_t use_len;
@@ -289,11 +537,11 @@
unsigned char buf[BUFSIZE];
typedef struct {
- char md4, md5, ripemd160, sha1, sha256, sha512,
- arc4, des3, des,
+ char md5, ripemd160, sha1, sha256, sha512,
+ des3, des,
aes_cbc, aes_gcm, aes_ccm, aes_xts, chachapoly,
aes_cmac, des3_cmac,
- aria, camellia, blowfish, chacha20,
+ aria, camellia, chacha20,
poly1305,
ctr_drbg, hmac_drbg,
rsa, dhm, ecdsa, ecdh;
@@ -331,9 +579,7 @@
for( i = 1; i < argc; i++ )
{
- if( strcmp( argv[i], "md4" ) == 0 )
- todo.md4 = 1;
- else if( strcmp( argv[i], "md5" ) == 0 )
+ if( strcmp( argv[i], "md5" ) == 0 )
todo.md5 = 1;
else if( strcmp( argv[i], "ripemd160" ) == 0 )
todo.ripemd160 = 1;
@@ -343,8 +589,6 @@
todo.sha256 = 1;
else if( strcmp( argv[i], "sha512" ) == 0 )
todo.sha512 = 1;
- else if( strcmp( argv[i], "arc4" ) == 0 )
- todo.arc4 = 1;
else if( strcmp( argv[i], "des3" ) == 0 )
todo.des3 = 1;
else if( strcmp( argv[i], "des" ) == 0 )
@@ -367,8 +611,6 @@
todo.aria = 1;
else if( strcmp( argv[i], "camellia" ) == 0 )
todo.camellia = 1;
- else if( strcmp( argv[i], "blowfish" ) == 0 )
- todo.blowfish = 1;
else if( strcmp( argv[i], "chacha20" ) == 0 )
todo.chacha20 = 1;
else if( strcmp( argv[i], "poly1305" ) == 0 )
@@ -405,45 +647,29 @@
memset( buf, 0xAA, sizeof( buf ) );
memset( tmp, 0xBB, sizeof( tmp ) );
-#if defined(MBEDTLS_MD4_C)
- if( todo.md4 )
- TIME_AND_TSC( "MD4", mbedtls_md4_ret( buf, BUFSIZE, tmp ) );
-#endif
-
#if defined(MBEDTLS_MD5_C)
if( todo.md5 )
- TIME_AND_TSC( "MD5", mbedtls_md5_ret( buf, BUFSIZE, tmp ) );
+ TIME_AND_TSC( "MD5", mbedtls_md5( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
if( todo.ripemd160 )
- TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160_ret( buf, BUFSIZE, tmp ) );
+ TIME_AND_TSC( "RIPEMD160", mbedtls_ripemd160( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_SHA1_C)
if( todo.sha1 )
- TIME_AND_TSC( "SHA-1", mbedtls_sha1_ret( buf, BUFSIZE, tmp ) );
+ TIME_AND_TSC( "SHA-1", mbedtls_sha1( buf, BUFSIZE, tmp ) );
#endif
#if defined(MBEDTLS_SHA256_C)
if( todo.sha256 )
- TIME_AND_TSC( "SHA-256", mbedtls_sha256_ret( buf, BUFSIZE, tmp, 0 ) );
+ TIME_AND_TSC( "SHA-256", mbedtls_sha256( buf, BUFSIZE, tmp, 0 ) );
#endif
#if defined(MBEDTLS_SHA512_C)
if( todo.sha512 )
- TIME_AND_TSC( "SHA-512", mbedtls_sha512_ret( buf, BUFSIZE, tmp, 0 ) );
-#endif
-
-#if defined(MBEDTLS_ARC4_C)
- if( todo.arc4 )
- {
- mbedtls_arc4_context arc4;
- mbedtls_arc4_init( &arc4 );
- mbedtls_arc4_setup( &arc4, tmp, 32 );
- TIME_AND_TSC( "ARC4", mbedtls_arc4_crypt( &arc4, BUFSIZE, buf, buf ) );
- mbedtls_arc4_free( &arc4 );
- }
+ TIME_AND_TSC( "SHA-512", mbedtls_sha512( buf, BUFSIZE, tmp, 0 ) );
#endif
#if defined(MBEDTLS_DES_C)
@@ -688,30 +914,6 @@
}
#endif
-#if defined(MBEDTLS_BLOWFISH_C) && defined(MBEDTLS_CIPHER_MODE_CBC)
- if( todo.blowfish )
- {
- int keysize;
- mbedtls_blowfish_context blowfish;
- mbedtls_blowfish_init( &blowfish );
-
- for( keysize = 128; keysize <= 256; keysize += 64 )
- {
- mbedtls_snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize );
-
- memset( buf, 0, sizeof( buf ) );
- memset( tmp, 0, sizeof( tmp ) );
- mbedtls_blowfish_setkey( &blowfish, tmp, keysize );
-
- TIME_AND_TSC( title,
- mbedtls_blowfish_crypt_cbc( &blowfish, MBEDTLS_BLOWFISH_ENCRYPT, BUFSIZE,
- tmp, buf, buf ) );
- }
-
- mbedtls_blowfish_free( &blowfish );
- }
-#endif
-
#if defined(MBEDTLS_CTR_DRBG_C)
if( todo.ctr_drbg )
{
diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp
index ea345a3..61a7e89 100644
--- a/programs/test/cpp_dummy_build.cpp
+++ b/programs/test/cpp_dummy_build.cpp
@@ -25,13 +25,11 @@
#endif
#include "mbedtls/aes.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/aria.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/base64.h"
#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/ccm.h"
#include "mbedtls/chacha20.h"
@@ -54,8 +52,6 @@
#include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/net_sockets.h"
#include "mbedtls/nist_kw.h"
@@ -85,7 +81,6 @@
#include "mbedtls/x509_crl.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h"
-#include "mbedtls/xtea.h"
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
diff --git a/programs/test/selftest.c b/programs/test/selftest.c
index a3e306c..87d8a13 100644
--- a/programs/test/selftest.c
+++ b/programs/test/selftest.c
@@ -32,14 +32,11 @@
#include "mbedtls/gcm.h"
#include "mbedtls/ccm.h"
#include "mbedtls/cmac.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
#include "mbedtls/sha512.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/des.h"
#include "mbedtls/aes.h"
#include "mbedtls/camellia.h"
@@ -51,7 +48,6 @@
#include "mbedtls/bignum.h"
#include "mbedtls/rsa.h"
#include "mbedtls/x509.h"
-#include "mbedtls/xtea.h"
#include "mbedtls/pkcs5.h"
#include "mbedtls/ecp.h"
#include "mbedtls/ecjpake.h"
@@ -256,12 +252,6 @@
const selftest_t selftests[] =
{
{"calloc", calloc_self_test},
-#if defined(MBEDTLS_MD2_C)
- {"md2", mbedtls_md2_self_test},
-#endif
-#if defined(MBEDTLS_MD4_C)
- {"md4", mbedtls_md4_self_test},
-#endif
#if defined(MBEDTLS_MD5_C)
{"md5", mbedtls_md5_self_test},
#endif
@@ -277,9 +267,6 @@
#if defined(MBEDTLS_SHA512_C)
{"sha512", mbedtls_sha512_self_test},
#endif
-#if defined(MBEDTLS_ARC4_C)
- {"arc4", mbedtls_arc4_self_test},
-#endif
#if defined(MBEDTLS_DES_C)
{"des", mbedtls_des_self_test},
#endif
@@ -316,9 +303,6 @@
#if defined(MBEDTLS_RSA_C)
{"rsa", mbedtls_rsa_self_test},
#endif
-#if defined(MBEDTLS_XTEA_C)
- {"xtea", mbedtls_xtea_self_test},
-#endif
#if defined(MBEDTLS_CAMELLIA_C)
{"camellia", mbedtls_camellia_self_test},
#endif
@@ -346,10 +330,6 @@
#if defined(MBEDTLS_PKCS5_C)
{"pkcs5", mbedtls_pkcs5_self_test},
#endif
-/* Slower test after the faster ones */
-#if defined(MBEDTLS_TIMING_C)
- {"timing", mbedtls_timing_self_test},
-#endif
/* Heap test comes last */
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
{"memory_buffer_alloc", mbedtls_memory_buffer_alloc_free_and_self_test},
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index 2a11212..7fc58cb 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -10,6 +10,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${libs})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
install(TARGETS ${executables}
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index cf57ca4..a04fa8b 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -13,6 +13,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
target_link_libraries(${exe} ${libs})
+ target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
target_link_libraries(cert_app ${mbedtls_target})
diff --git a/programs/x509/cert_req.c b/programs/x509/cert_req.c
index e8241a3..0ea2607 100644
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@@ -100,7 +100,7 @@
" Add NsCertType even if it is empty\n" \
" md=%%s default: SHA256\n" \
" possible values:\n" \
- " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
+ " MD5, RIPEMD160, SHA1,\n" \
" SHA224, SHA256, SHA384, SHA512\n" \
"\n"
@@ -346,7 +346,8 @@
mbedtls_printf( " . Loading the private key ..." );
fflush( stdout );
- ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password );
+ ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password,
+ mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
diff --git a/programs/x509/cert_write.c b/programs/x509/cert_write.c
index ff7cf98..f1e5c6b 100644
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@@ -119,7 +119,7 @@
" max_pathlen=%%d default: -1 (none)\n" \
" md=%%s default: SHA256\n" \
" Supported values (if enabled):\n" \
- " MD2, MD4, MD5, RIPEMD160, SHA1,\n" \
+ " MD5, RIPEMD160, SHA1,\n" \
" SHA224, SHA256, SHA384, SHA512\n" \
" version=%%d default: 3\n" \
" Possible values: 1, 2, 3\n"\
@@ -577,7 +577,7 @@
fflush( stdout );
ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
- opt.subject_pwd );
+ opt.subject_pwd, mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_strerror( ret, buf, 1024 );
@@ -593,7 +593,7 @@
fflush( stdout );
ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
- opt.issuer_pwd );
+ opt.issuer_pwd, mbedtls_ctr_drbg_random, &ctr_drbg );
if( ret != 0 )
{
mbedtls_strerror( ret, buf, 1024 );
@@ -606,7 +606,8 @@
//
if( strlen( opt.issuer_crt ) )
{
- if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key ) != 0 )
+ if( mbedtls_pk_check_pair( &issuer_crt.MBEDTLS_PRIVATE(pk), issuer_key,
+ mbedtls_ctr_drbg_random, &ctr_drbg ) != 0 )
{
mbedtls_printf( " failed\n ! issuer_key does not match "
"issuer certificate\n\n" );
diff --git a/scripts/config.py b/scripts/config.py
index e27f322..cbce1eb 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -181,7 +181,6 @@
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
'MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED', # influences the use of ECDH in TLS
'MBEDTLS_ECP_NO_FALLBACK', # removes internal ECP implementation
- 'MBEDTLS_ECP_NO_INTERNAL_RNG', # removes a feature
'MBEDTLS_ECP_RESTARTABLE', # incompatible with USE_PSA_CRYPTO
'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_HAVE_SSE2', # hardware dependency
diff --git a/scripts/data_files/query_config.fmt b/scripts/data_files/query_config.fmt
index 6199c62..c707e4c 100644
--- a/scripts/data_files/query_config.fmt
+++ b/scripts/data_files/query_config.fmt
@@ -37,13 +37,11 @@
* default value when that configuration is not set in the config.h.
*/
#include "mbedtls/aes.h"
-#include "mbedtls/arc4.h"
#include "mbedtls/aria.h"
#include "mbedtls/asn1.h"
#include "mbedtls/asn1write.h"
#include "mbedtls/base64.h"
#include "mbedtls/bignum.h"
-#include "mbedtls/blowfish.h"
#include "mbedtls/camellia.h"
#include "mbedtls/ccm.h"
#include "mbedtls/chacha20.h"
@@ -64,8 +62,6 @@
#include "mbedtls/hkdf.h"
#include "mbedtls/hmac_drbg.h"
#include "mbedtls/md.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/memory_buffer_alloc.h"
#include "mbedtls/net_sockets.h"
@@ -95,7 +91,6 @@
#include "mbedtls/x509_crl.h"
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h"
-#include "mbedtls/xtea.h"
#include <string.h>
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 606714f..7822384 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -44,11 +44,11 @@
my $error_format_file = $data_dir.'/error.fmt';
-my @low_level_modules = qw( AES ARC4 ARIA ASN1 BASE64 BIGNUM BLOWFISH
+my @low_level_modules = qw( AES ARIA ASN1 BASE64 BIGNUM
CAMELLIA CCM CHACHA20 CHACHAPOLY CMAC CTR_DRBG DES
- ENTROPY ERROR GCM HKDF HMAC_DRBG MD2 MD4 MD5
+ ENTROPY ERROR GCM HKDF HMAC_DRBG MD5
NET OID PADLOCK PBKDF2 PLATFORM POLY1305 RIPEMD160
- SHA1 SHA256 SHA512 THREADING XTEA );
+ SHA1 SHA256 SHA512 THREADING );
my @high_level_modules = qw( CIPHER DHM ECP MD
PEM PK PKCS12 PKCS5
RSA SSL X509 );
diff --git a/scripts/mbedtls_dev/crypto_knowledge.py b/scripts/mbedtls_dev/crypto_knowledge.py
index 94a97e7..4b4e2df 100644
--- a/scripts/mbedtls_dev/crypto_knowledge.py
+++ b/scripts/mbedtls_dev/crypto_knowledge.py
@@ -82,7 +82,6 @@
}
KEY_TYPE_SIZES = {
'PSA_KEY_TYPE_AES': (128, 192, 256), # exhaustive
- 'PSA_KEY_TYPE_ARC4': (8, 128, 2048), # extremes + sensible
'PSA_KEY_TYPE_ARIA': (128, 192, 256), # exhaustive
'PSA_KEY_TYPE_CAMELLIA': (128, 192, 256), # exhaustive
'PSA_KEY_TYPE_CHACHA20': (256,), # exhaustive
diff --git a/scripts/mbedtls_dev/macro_collector.py b/scripts/mbedtls_dev/macro_collector.py
index 395e038..6eb0d00 100644
--- a/scripts/mbedtls_dev/macro_collector.py
+++ b/scripts/mbedtls_dev/macro_collector.py
@@ -81,11 +81,15 @@
`self.arguments_for` for arguments that are not of a kind that is
enumerated here.
"""
+ #pylint: disable=too-many-instance-attributes
def __init__(self) -> None:
"""Set up an empty set of known constructor macros.
"""
self.statuses = set() #type: Set[str]
+ self.lifetimes = set() #type: Set[str]
+ self.locations = set() #type: Set[str]
+ self.persistence_levels = set() #type: Set[str]
self.algorithms = set() #type: Set[str]
self.ecc_curves = set() #type: Set[str]
self.dh_groups = set() #type: Set[str]
@@ -133,6 +137,9 @@
self.arguments_for['aead_alg'] = sorted(self.aead_algorithms)
self.arguments_for['curve'] = sorted(self.ecc_curves)
self.arguments_for['group'] = sorted(self.dh_groups)
+ self.arguments_for['persistence'] = sorted(self.persistence_levels)
+ self.arguments_for['location'] = sorted(self.locations)
+ self.arguments_for['lifetime'] = sorted(self.lifetimes)
@staticmethod
def _format_arguments(name: str, arguments: Iterable[str]) -> str:
@@ -341,6 +348,9 @@
'ALG': self.algorithms,
'ECC_CURVE': self.ecc_curves,
'DH_GROUP': self.dh_groups,
+ 'KEY_LIFETIME': self.lifetimes,
+ 'KEY_LOCATION': self.locations,
+ 'KEY_PERSISTENCE': self.persistence_levels,
'KEY_TYPE': self.key_types,
'KEY_USAGE': self.key_usage_flags,
} #type: Dict[str, Set[str]]
@@ -367,6 +377,7 @@
'asymmetric_encryption_algorithm': [],
'pake_algorithm': [self.pake_algorithms],
'other_algorithm': [],
+ 'lifetime': [self.lifetimes],
} #type: Dict[str, List[Set[str]]]
self.arguments_for['mac_length'] += ['1', '63']
self.arguments_for['min_mac_length'] += ['1', '63']
diff --git a/scripts/mbedtls_dev/psa_storage.py b/scripts/mbedtls_dev/psa_storage.py
index 3a74007..45f0380 100644
--- a/scripts/mbedtls_dev/psa_storage.py
+++ b/scripts/mbedtls_dev/psa_storage.py
@@ -164,6 +164,10 @@
"""
return self.bytes().hex()
+ def location_value(self) -> int:
+ """The numerical value of the location encoded in the key's lifetime."""
+ return self.lifetime.value() >> 8
+
class TestKey(unittest.TestCase):
# pylint: disable=line-too-long
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 7898004..fbd746e 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -75,19 +75,15 @@
add_test_suite(aes aes.ofb)
add_test_suite(aes aes.rest)
add_test_suite(aes aes.xts)
-add_test_suite(arc4)
add_test_suite(aria)
add_test_suite(asn1parse)
add_test_suite(asn1write)
add_test_suite(base64)
-add_test_suite(blowfish)
add_test_suite(camellia)
add_test_suite(ccm)
add_test_suite(chacha20)
add_test_suite(chachapoly)
add_test_suite(cipher cipher.aes)
-add_test_suite(cipher cipher.arc4)
-add_test_suite(cipher cipher.blowfish)
add_test_suite(cipher cipher.camellia)
add_test_suite(cipher cipher.ccm)
add_test_suite(cipher cipher.chacha20)
@@ -162,7 +158,6 @@
add_test_suite(version)
add_test_suite(x509parse)
add_test_suite(x509write)
-add_test_suite(xtea)
# Make scripts and data files needed for testing available in an
# out-of-source build.
diff --git a/tests/context-info.sh b/tests/context-info.sh
index e02d330..88dfcaa 100755
--- a/tests/context-info.sh
+++ b/tests/context-info.sh
@@ -210,7 +210,6 @@
-u "MBEDTLS_HAVE_TIME$" \
-u "MBEDTLS_X509_CRT_PARSE_C$" \
-u "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \
- -u "MBEDTLS_SSL_TRUNCATED_HMAC$" \
-u "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \
-u "MBEDTLS_SSL_SESSION_TICKETS$" \
-u "MBEDTLS_SSL_SESSION_TICKETS and client$" \
@@ -233,7 +232,6 @@
-u "MBEDTLS_HAVE_TIME$" \
-u "MBEDTLS_X509_CRT_PARSE_C$" \
-u "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \
- -u "MBEDTLS_SSL_TRUNCATED_HMAC$" \
-u "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \
-u "MBEDTLS_SSL_SESSION_TICKETS$" \
-u "MBEDTLS_SSL_SESSION_TICKETS and client$" \
@@ -339,7 +337,6 @@
"srv_min_cfg.txt" \
-n "ERROR" \
-n "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \
- -n "MBEDTLS_SSL_TRUNCATED_HMAC$" \
-n "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \
-n "MBEDTLS_SSL_SESSION_TICKETS$" \
-n "MBEDTLS_SSL_SESSION_TICKETS and client$" \
@@ -350,7 +347,6 @@
"cli_min_cfg.txt" \
-n "ERROR" \
-n "MBEDTLS_SSL_MAX_FRAGMENT_LENGTH$" \
- -n "MBEDTLS_SSL_TRUNCATED_HMAC$" \
-n "MBEDTLS_SSL_ENCRYPT_THEN_MAC$" \
-n "MBEDTLS_SSL_SESSION_TICKETS$" \
-n "MBEDTLS_SSL_SESSION_TICKETS and client$" \
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index f3cba5a..e86706c 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -416,15 +416,7 @@
all_final += rsa_pkcs8_pbe_sha1_1024_2des.pem
keys_rsa_enc_pkcs8_v1_1024_2des: rsa_pkcs8_pbe_sha1_1024_2des.pem rsa_pkcs8_pbe_sha1_1024_2des.der
-rsa_pkcs8_pbe_sha1_1024_rc4_128.der: rsa_pkcs1_1024_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.der
-rsa_pkcs8_pbe_sha1_1024_rc4_128.pem: rsa_pkcs1_1024_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_1024_rc4_128: rsa_pkcs8_pbe_sha1_1024_rc4_128.pem rsa_pkcs8_pbe_sha1_1024_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des keys_rsa_enc_pkcs8_v1_1024_rc4_128
+keys_rsa_enc_pkcs8_v1_1024: keys_rsa_enc_pkcs8_v1_1024_3des keys_rsa_enc_pkcs8_v1_1024_2des
### 2048-bit
rsa_pkcs8_pbe_sha1_2048_3des.der: rsa_pkcs1_2048_clear.pem
@@ -443,15 +435,7 @@
all_final += rsa_pkcs8_pbe_sha1_2048_2des.pem
keys_rsa_enc_pkcs8_v1_2048_2des: rsa_pkcs8_pbe_sha1_2048_2des.pem rsa_pkcs8_pbe_sha1_2048_2des.der
-rsa_pkcs8_pbe_sha1_2048_rc4_128.der: rsa_pkcs1_2048_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.der
-rsa_pkcs8_pbe_sha1_2048_rc4_128.pem: rsa_pkcs1_2048_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_2048_rc4_128: rsa_pkcs8_pbe_sha1_2048_rc4_128.pem rsa_pkcs8_pbe_sha1_2048_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des keys_rsa_enc_pkcs8_v1_2048_rc4_128
+keys_rsa_enc_pkcs8_v1_2048: keys_rsa_enc_pkcs8_v1_2048_3des keys_rsa_enc_pkcs8_v1_2048_2des
### 4096-bit
rsa_pkcs8_pbe_sha1_4096_3des.der: rsa_pkcs1_4096_clear.pem
@@ -470,15 +454,7 @@
all_final += rsa_pkcs8_pbe_sha1_4096_2des.pem
keys_rsa_enc_pkcs8_v1_4096_2des: rsa_pkcs8_pbe_sha1_4096_2des.pem rsa_pkcs8_pbe_sha1_4096_2des.der
-rsa_pkcs8_pbe_sha1_4096_rc4_128.der: rsa_pkcs1_4096_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform DER -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.der
-rsa_pkcs8_pbe_sha1_4096_rc4_128.pem: rsa_pkcs1_4096_clear.pem
- $(OPENSSL) pkcs8 -inform PEM -in $< -outform PEM -out $@ -passout "pass:$(keys_rsa_pkcs8_pwd)" -topk8 -v1 PBE-SHA1-RC4-128
-all_final += rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
-keys_rsa_enc_pkcs8_v1_4096_rc4_128: rsa_pkcs8_pbe_sha1_4096_rc4_128.pem rsa_pkcs8_pbe_sha1_4096_rc4_128.der
-
-keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des keys_rsa_enc_pkcs8_v1_4096_rc4_128
+keys_rsa_enc_pkcs8_v1_4096: keys_rsa_enc_pkcs8_v1_4096_3des keys_rsa_enc_pkcs8_v1_4096_2des
###
### PKCS8-v2 encoded, encrypted RSA keys, no PRF specified (default for OpenSSL1.0: hmacWithSHA1)
@@ -893,10 +869,6 @@
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
all_final += server1.req.sha1
-server1.req.md4: server1.key
- $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD4
-all_final += server1.req.md4
-
server1.req.md5: server1.key
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=MD5
all_final += server1.req.md5
@@ -1103,26 +1075,10 @@
$(MBEDTLS_CERT_WRITE) request_file=server2.req.sha256 serial=2 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=SHA256 version=3 output_file=$@
all_final += server2-sha256.crt
-# MD2, MD4, MD5 test certificates
+# MD5 test certificate
cert_md_test_key = $(cli_crt_key_file_rsa)
-cert_md2.csr: $(cert_md_test_key)
- $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD2" md=MD2
-all_intermediate += cert_md2.csr
-
-cert_md2.crt: cert_md2.csr
- $(MBEDTLS_CERT_WRITE) request_file=$< serial=9 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD2 version=3 output_file=$@
-all_final += cert_md2.crt
-
-cert_md4.csr: $(cert_md_test_key)
- $(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD4" md=MD4
-all_intermediate += cert_md4.csr
-
-cert_md4.crt: cert_md4.csr
- $(MBEDTLS_CERT_WRITE) request_file=$< serial=5 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20000101121212 not_after=20300101121212 md=MD4 version=3 output_file=$@
-all_final += cert_md4.crt
-
cert_md5.csr: $(cert_md_test_key)
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< subject_name="C=NL,O=PolarSSL,CN=PolarSSL Cert MD5" md=MD5
all_intermediate += cert_md5.csr
diff --git a/tests/data_files/cert_md2.crt b/tests/data_files/cert_md2.crt
deleted file mode 100644
index 94b89af..0000000
--- a/tests/data_files/cert_md2.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDPzCCAiegAwIBAgIBCTANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQyMIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
-M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
-1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
-MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
-4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
-/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
-o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
-BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQIFAAOC
-AQEAXLWqy34iaZ2YV+5eE1QMV/9m9nQI2X/yumRH1MT1R3oYde/YDV7+HSOM6qLs
-qSgH1DSyXv1YnJww2OyTtAVhPalICLjVjUQCyeUCiFpAIO6Xz1VE6v4GMFLqhlV1
-Nox9dDtR5Go2zwPaH64Ze9GxuDZfW+VnPRNgYOrqqCBnuhnp2uPRfOewus2AAo50
-dx1XTooCEqElQlB9EIPWbvPdJZjRjruCUtDbz+oxG4J4Ml4KCYm+/MyXNPqxV9+H
-5A9oQltuHMWasMWSfXeimQI5PPpdjndmJOhfT4RGmvTw/uNC/Xuy1kPxXQKoocz6
-93U8RQvyJxdIPtQuARNMRZ7G+Q==
------END CERTIFICATE-----
diff --git a/tests/data_files/cert_md2.csr b/tests/data_files/cert_md2.csr
deleted file mode 100644
index a8c39bd..0000000
--- a/tests/data_files/cert_md2.csr
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
-GAYDVQQDDBFQb2xhclNTTCBDZXJ0IE1EMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAMh0xMy5+bV56UXZFGCwfbuT8msenzOtDY+KPFZl5dxE2cxmhQfV
-+CewSjXQY54Kbhu32vB+q+4MEJOGSRg086gq0lf1LtQvdymEYU2CUI+nlUhw9W5N
-stUTw9Ia7eZD6kIU63TqwO0f1FdOqfOo7dLgwTBxMDIw1dP2CNBWT0aO8l/5PWeR
-iDAuQrLfffvlDHf/7DHAeI+/wn/KrWwh1o3Zi2qOb+Cb+BBWzLOOExXmNARmx+75
-Ng5qlfYJmgZn9GVx+MqksSXg/jyLNQRnuuBPdoX8f/w2a7XpzS0DYk6zPQDPr3ag
-aVaDatKo1OdQcea1NgV3BW17yOTE/UzVIV8CAwEAAaAAMA0GCSqGSIb3DQEBAgUA
-A4IBAQBPUqodRcH2ZUa8A3fQX/nxrIwWiLmQ9BaOI6G7vzEWVE1sxmkrHP+pXgi9
-1eFceN9xUBKEd+LmUPmHpObZ4nwRSprFj3DeIXpn9aSBr+jGY8RaaC9cMkaSq5Mb
-q65THEJ1xemIfZvbhjvNi/ycXXu/v1Gpj62dpIFGbm+o4AXQF2ocYGEM+X1u2eVn
-mnuuvPAHTllGjB0daTSYoQtMy3luPUEj0Yct3iVR1pUeTrHchOs9p5ACDZcf6D3x
-sm9atH2ZIaXo1c9SqHzdk/uLt/CwxQrn1WU1inwOkzjim2Yq9vWgpQypfGZdScXV
-oHOmuGG901WMMemzZXjoLi+8ZpVL
------END CERTIFICATE REQUEST-----
diff --git a/tests/data_files/cert_md4.crt b/tests/data_files/cert_md4.crt
deleted file mode 100644
index 7d0f7cb..0000000
--- a/tests/data_files/cert_md4.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDPzCCAiegAwIBAgIBBTANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDER
-MA8GA1UECgwIUG9sYXJTU0wxGTAXBgNVBAMMEFBvbGFyU1NMIFRlc3QgQ0EwHhcN
-MDAwMTAxMTIxMjEyWhcNMzAwMTAxMTIxMjEyWjA8MQswCQYDVQQGEwJOTDERMA8G
-A1UECgwIUG9sYXJTU0wxGjAYBgNVBAMMEVBvbGFyU1NMIENlcnQgTUQ0MIIBIjAN
-BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f
-M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu
-1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw
-MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v
-4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/
-/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB
-o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf
-BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQMFAAOC
-AQEArXIW7Dy1hBXMKY8/TAfACqkFZzbGDJdD5ohQknENk6FzUHVw9SVibhi5J+nh
-/mhUhoczFg78T8ZopDcsPHKQTuy0LNcLWhZDD4S4CJCibmsf+8BWmPcSp1tsS9Zj
-etO5qNuUarL74W+rRa3qQcCXcglYTubv/PcCV+LGVqZ4XDlO5EBFJJREAREzG+iK
-Epm2y0mi1WTwjy7m7rxYHs5i5ybDHDDwU55H5wh50Vs4/vDx2kZab2K9gx6V2ggY
-CCYmRWKQHdI4XZBkpYFbbREZxMY4Y5c2PUMlr8GUq6s6eu9/GvmnIx/+EySSfxgv
-9GpN+gnyx03hjYNGO7iX8nPnXA==
------END CERTIFICATE-----
diff --git a/tests/data_files/cert_md4.csr b/tests/data_files/cert_md4.csr
deleted file mode 100644
index d8a3dbf..0000000
--- a/tests/data_files/cert_md4.csr
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
-GAYDVQQDDBFQb2xhclNTTCBDZXJ0IE1ENDCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAMh0xMy5+bV56UXZFGCwfbuT8msenzOtDY+KPFZl5dxE2cxmhQfV
-+CewSjXQY54Kbhu32vB+q+4MEJOGSRg086gq0lf1LtQvdymEYU2CUI+nlUhw9W5N
-stUTw9Ia7eZD6kIU63TqwO0f1FdOqfOo7dLgwTBxMDIw1dP2CNBWT0aO8l/5PWeR
-iDAuQrLfffvlDHf/7DHAeI+/wn/KrWwh1o3Zi2qOb+Cb+BBWzLOOExXmNARmx+75
-Ng5qlfYJmgZn9GVx+MqksSXg/jyLNQRnuuBPdoX8f/w2a7XpzS0DYk6zPQDPr3ag
-aVaDatKo1OdQcea1NgV3BW17yOTE/UzVIV8CAwEAAaAAMA0GCSqGSIb3DQEBAwUA
-A4IBAQAztRb+vAecvhelhszzCctzmhGs4TGmr9h4zddZoQ8dTdy1OCsnmU+yz3oh
-oiQjy7UPLt8DS2ZKhGhvwPvtwFh5icMWQVnv2kE4Evz8xJT12VRw+U6L5rfKmf/L
-mVNxsuk17MDyBcMlwuNk+CHrYVdrXhSWUH3UCQQUH1iqqBMKmNiPa1UGU0budZ9X
-HZjn9uqyyOGy8l3hffqjDxsDjZyBDf5aqKIdnvukdrUiacPdUYVF0fwK8d1/1PA9
-dA4JjTvz+tTK6mL9Ic9Pv+64v1vwMU4Qu8IJHk5x3I0e7KuK2A/lK6az2Vb6FAh6
-MkGpWB68T8FRBoVrWLOh+a9yNwyp
------END CERTIFICATE REQUEST-----
diff --git a/tests/data_files/crl_md2.pem b/tests/data_files/crl_md2.pem
deleted file mode 100644
index e273795..0000000
--- a/tests/data_files/crl_md2.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQIFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTA5MDcxOTE5NTYz
-N1oXDTA5MDkxNzE5NTYzN1owKDASAgEBFw0wOTAyMDkyMTEyMzZaMBICAQMXDTA5
-MDIwOTIxMTIzNlowDQYJKoZIhvcNAQECBQADggEBAF8F5y82zgtxcwQ4aFvrkanT
-ygyd5+RW/Y//vpck44V+CYx1d1r+QkauaXel9qUKBPsg2dUwQ+jwV/m+Sp2MHaX5
-NfW7XUb7Ji4yhwgh9/9vFPqqnKBf9esLJuJoQ4mLhcGB5J1yCcavLrynvB4PJEnG
-graTbbyizelXBmk3ApvNYxczJZxt7EzpVbrFaev7myGmOffdDkIMc2WDpDkyLTlU
-kITjB7fMJhD/dgNskKZ4fgkKKKPCMJrJPO67Wzwqx/6vsrZcACB9X+143WZr4GVO
-Fw2SaMnqfVLlUEndoOpbLCU4ugcc82kQQF3TsovXJYW7XqoWl2u/ENCwShl9rl4=
------END X509 CRL-----
diff --git a/tests/data_files/crl_md4.pem b/tests/data_files/crl_md4.pem
deleted file mode 100644
index 1f77dab..0000000
--- a/tests/data_files/crl_md4.pem
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN X509 CRL-----
-MIIBqzCBlDANBgkqhkiG9w0BAQMFADA7MQswCQYDVQQGEwJOTDERMA8GA1UEChMI
-UG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EXDTExMDIxMjE0NDQw
-N1oXDTExMDQxMzE0NDQwN1owKDASAgEBFw0xMTAyMTIxNDQ0MDdaMBICAQMXDTEx
-MDIxMjE0NDQwN1owDQYJKoZIhvcNAQEDBQADggEBAIJtYXy3uwIpmSGfi9muS8xv
-36FT6g3s1V/xicdPa54juJgBI6sxHKzQtbSNIbqadEWwUtvQ8k1EMRo9UGObhRV8
-i+UWm5qi0GFV7nMi4E2p2Ji/sFKtgdxkzhCfn+p3MoGgx/nC7YtwpnNdF+kuCV1M
-JTPqfm+taZkYADOafP/hRaPx3TI+HNE3ux4Cb7hNpWdfWzt48ZPMuhCMzItLd/UK
-xxjJam9XAGUTKi7+eWtma9XzmYOIElQv2KFPVMcx5nvg039rrWK6tObGL67kCfTH
-v+nIx7rAOW6UNU8aj1kfJHYjEKMBH1I9wjMSHUpkxBLQOKlPNRksiEVsIhmEVss=
------END X509 CRL-----
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
deleted file mode 100644
index e7e32b0..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der
+++ /dev/null
Binary files differ
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
deleted file mode 100644
index 089945b..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIICnjAcBgoqhkiG9w0BDAEBMA4ECHgR0/cyo14UAgIIAASCAnzDfJIvSkRQKqrV
-lAzAMnhd42XlhqWAJLh6aB76LIWVmepDkNnXRNX0W1R+XE27/uzgs4lcovW5hU40
-2HZlv3R0u9MEvMhadjL4ZWS94143p9y7P4vnYembOcc2WnlhFaGSMLFSwMI5vgnL
-8xz2P9+d8IuxGpFSgw8S8zchg4Ewzk+0nSdG0px4T5K21uhsFzjvZRLrG7XXuIee
-tKluUauy4diqA5jrJ1ShmrFmNTvtzAPfMX+QohuY8nhRUeH6bx9dEWpbIq/1K/25
-1uIdInZff850YKRQpK1IkinW0YfFxoA+sUGvxs+aDecbq8w3noaRIjJN7r7ipFEK
-dhdehOxD21Mq7iqsujV9RJxAbqkuoTfECHJP6N/Dmp9CY0wpnE1lnHOTZwCWqDPh
-aumtaFsMxJdNPZ3M5xmGInPWnT3JpW2hwtoOF0Vb0pP9VSfo+3yCm9b5ipFvcs8C
-+c2MdK87zSqFvKc19cuv9tggguCzNjAcECHN7pgY4VId7cWMK/y3k4mk2C8hPQDw
-S7gm/n76BSxjZFjs9ZQn9n5meO/47ohgV1ua2WICPMuPmzz+IPJpT6mQrcPTbzm+
-nNGrBVRooPYwnHPYKGlPJWkfFzsWnQ6dRgEOcM3DJMfU29QLHmNHu0ucz2k2f2C2
-AHB1EFEIC5Rw2BxH1x/gqYlZAB7TCHZ86XWIzbYdJlyNjb+poXNczLvghpvoIBC6
-dxEEsxVVzRYCRbmLtNTdXa7XfQfEaRs5GR3qrKoNNDzms11btQWo8eiZUNIMA6sA
-i3Qhs73feJ5P3hup8Kl2P9N29MuAjYsS2oeZApjdiXAzf5IeFaqTQRHR6Vumvn65
-TLE=
------END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
deleted file mode 100644
index 7ebca11..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der
+++ /dev/null
Binary files differ
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
deleted file mode 100644
index ad926ad..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIE5DAcBgoqhkiG9w0BDAEBMA4ECLSMnow3PFQjAgIIAASCBMKuiZ+kNidmdRCN
-EYHL8FVAAPRY3RFrjZfqNK8XHSxaZzLWjaCQj5Yv14ALjs2k34Ru/xvqRfamN4NY
-M1MrPt7sUSS2jnDwm/IQ80vYYgmH9zKexVTMsZQ2CoLEM3ZMLm6wCkEHuuFZkQX4
-Z0EbnXiWs8PpfrYxed8BMT5o8cW+yiixxMesyj1x8Bgp7r82ZpVZshhDXlnzpbnc
-IiSaqe0obzGZnNu5I+/bXTbyXiAccLj2BuNqX67Om9LBqh/igwNpHQpNIaxmvxqL
-MlqdPDjRYN0qe4d6JqqnFx1YzdTiRLlAnHDnK4G5mZwb50Nixy5mrgI6IhCrsTHQ
-09/yfo1jHR9ido41Sbu7PcVxn6/gzpNVXgwDOw8ia6Bxq0dDnLH8/1IawB69DiSD
-wuNSdQcBtJy8hCZN7wa6uNCzTclvXLwOtTJ6D//UmpFRv46ZYsK6uySwFwDOeDrW
-AyuSoKd9C9cedG30XAyVHFMffkZYCxT8RnQuLrouUwMdEd+7qeApQMBw3InyII+9
-ykhoO1qiH5wyehNFmxEjQUTIdOs8hcOic71FggJ/+bMTnji4ukdPPKHBSdwPjbnc
-qe/ch/KDfIUNyy/51uNMjSdOweJqG9SIIlfDG6Pd2bMFkao1Y7VsG4AM89mGYIWo
-AJDuBrl7AEsm0WSVENyDa+7qjKsS06pcFG0JsmeZb62SSds5+/Nq1Kn5//2ShpHd
-SA1NabnMn1fpCI02tc66igk5isjqp49o3MKguXwiIjo8nGM5dSy/qYSkVhLxVTzz
-ovYhOjMoHRFYqfK1wxT9CExLz9+CI8sWawh1/hDKha2tPlhm2S1OabPTIk3Qn36W
-aCbhGXYWchILReK0d9W6SJZ2v4uNuDjbye6qrSmCHBurCw17l84kBx0vFTDDW80q
-VB3PFUOL2+XYgk17qagMVJHJa5s8ER//MZ3QDO09RJktusaKClR4kE9xkZFUQHF/
-+U4L7DyCtGr1ajdvudNXXYtlD3QoZukrsI1v9XGXPWloVRCU0+x8VCcIKLbwLmGD
-NCkeaQbOypRiPc0WRdJnwsjBlDC2Icd9zWLH8qnVBA0b2TGh3amalsUkEy9NSuGT
-yDIt05uQP0rX1T1rohMNOWHkColtcc6ZxlJuBReHWhF+9RJXPBtA3TmVgC6x0GVF
-FND8DKWHGG+7h/0DKD9r5lRNqhagmQnqwoUVtn56KtazUtrscAt6O3RsTU09Ys5A
-jsuzR+O7uTT0SHr/24YtrqNnXumJZZHayF6T0xpn8xIhWULoAjm1e4EQh/THcMYJ
-PwriuoXZVWZKLeSlomlaV6BD285eTjmjfT5SKv+Aqji3XA5PJXhUtEA7x4kue45G
-4sFWW9eCMpxXecJhO4Dwhk8/dP/3iOFTY5tHtT4OO0c3klI53O2U98D7781QIEkn
-dE3qsTXurM4arvsu7EYMM9ihrqeQbb1pEySfkdT15I4bCTFRykYI9ZIZ8iUgFtAg
-TUP66e7bkv8sxZLHKGpfOSUR+jbQLyahtWz7+EonSUYc9AbErXnnXmZH6mgQw4qd
-Dgi9i5PGWr8I2xz8l7+H9G2TbueSqLLH9ecMRfey70W0D/nX5k3B+SmpTSqQ3zvk
-k+pM9bWevlc=
------END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der b/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
deleted file mode 100644
index f3bda63..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der
+++ /dev/null
Binary files differ
diff --git a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem b/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
deleted file mode 100644
index 53867ac..0000000
--- a/tests/data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem
+++ /dev/null
@@ -1,53 +0,0 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIJaDAcBgoqhkiG9w0BDAEBMA4ECOJxEWpN/HEEAgIIAASCCUYouEt15A4DUZoG
-aJvr19vCKfGPErYDkh1fI9u04hDEKCdb+Z7oxaqXQ34rr0H1t8/SPdhpvqms9Bsz
-3nMIlgzEPnppyiRLCa4Ycev0jtA66xkxgGGXnA5uxZQcTOFsGDR4gpTn2hi7//BO
-gHhKVDbCd6nShZkNgNUe++tclNg65Fmazm2pwpnCPfY9TGnou8bynMrJrau0CPB+
-v+pI3NR39yxDcq6MNII542Ma8bZWE++WmqmSXjsnXyEV850Dw4j7khbevXlKIh3C
-fsf1mb1/lUc+8HtsjFLgBS3Iag2D/AfAbCDCY3wWG5KcMJk2CtNayOAmMetL7P1t
-S+i/zTmqAeNVaUF/6ciwY8JNA9YHnjV/0LH04I1Dn1emQVltcqKJahDSoxwGeLD0
-lv0EMQ9CBRHqdKKVaDjBJSqLkwQzLuiqye6ZREnoeIL2cYXDqWoxZzjtxr5t261F
-jl+gGBvAX5RRKz3+Vj7hb8y4n7npYJYXk+CanrsTblsBhOMaFhgup+Vd+UhHGQku
-FqHR28bHlJzxgUvlhYV/WdMUtHlGHvpax1Zo57ToC0JxlX/o+lPHiZvvpGZegYOe
-Mta5f4xI8PcfVrVbfpHaEnt+ffZPtDVZUfhfZwlMniUKX/kJgKGdtpnrgm0wefUR
-ymKmn4af2tY/nT828+pOBcRY8WV5G5EPthkA/EemXTor04bb9mglX9ZJ78vrv0n9
-XaOXkMGYuj698Rqkx5BtaVX8EjWKnknHn/GOLSINu38UelRDV+xf5GQyDQREHsuu
-Mkj6AcygD5eP0p4AZZaHw9H6nytoZ9SX/vhUmRTk2vbrgnAPwRBFnZy6S4mipfFc
-m82EyC4RHklbIriMRRY7EHamBrUTg+8axCqBWY1jtSvTXwm40ybpigsiphtbcaCN
-9hT13VfVkglyQIbmxvxeoo9McgKv2BoP+0i5xIdmstu63bcHxO/DaMXw9WPOGgdm
-kyFU4MwJZhvk57H4HwleIPXXJd93OJ0NNunDgBWxh3mnKqnM9hpit6ljjl8y41RC
-QvJTO5cR3cKuzPpzTqfpC8eYeXiYChuFDgXKXubGE/PSSzSmU7cnKUrHAOyrXlD0
-EdCZkQBFF0gnLksVSjaF/owORlc1KualcD9ahOgWoaup4MqlyW7A+BHJ+f3Iz22z
-oezU/B/FGPTcRc+kEpPyIHG+98nNeh2N5nmY1+piXkJCsq0WdcjB13t8MHLLGqQ8
-shUpiKtkwtO45DIP3xVykntZsPb2gHuj2JoHjXYnxmZ7MRVbTe+s1F3xpITNa+G2
-2Yorp0zqVrhNfvtsLG1i0XdOwockHo5k+dAFkNngJvQVTwsBUw/gqcDwgkoG0yKZ
-NZTZDRJDv3yfopbIvGxmXBj723/OcR0prKLHUc5qaCvK5y0rvM7G+Dg2/W1rzRGx
-9IjCOyZzkUVwE9vKZO+mdsa1zeVja1DtU1sjh3k3+Lw6P2+LcVZKWI7IjJ7vcNxt
-XRI6+jlaR3/ht++3+ADgBpZUVAzBwiKeaneanFoiu0kbXv+G74bVDXvKLTXXbynv
-0mabkp8cszm2wMehp9WuqnBKtAot5Q6sPg4i6E0si3LrdDzKgENgMAF8+ShG5r4w
-ULHQBwMpvNS6LnrY69TqAQp7MNS5JoCCHnQqXSgUQN53Zmcnmaz9qysHvbJLK/On
-Rp0akU5A+WHFNPvGqkF8ou5OZRrN9XQMk75RRgi1YYY+UddiaBAsxqFQBKq5ooxN
-0sE65WM76WU2/v10va4iCNPTFjB0MhGLrq08sgSNfHhePpBK+WANuzjWDUWS+ekC
-VCTNBAARzlPoxuF0YsUUhwYxqFw/VC4PW9WeT0kx8pvaIwhf7Xk++4TKbdayQehK
-ImH5vmvpeWxNa1O7nVyvaJfNvSoj49X1zNg4PKDAOm+kEAjGvWeWKEOiHTLIXbzu
-HztTw/pjNJ5NaCNVWeThYYduFuRZaqap5khpqP4s07zvDvkTyKiJj3MSFel/K7UV
-uy1e0HPymTFToeinLW0x3YaJnLcOKDmF0DSJB1gVwl55B3rEYb8tODF6BLjz149J
-BT91EXgj/Futj3YpPTcIjJXsBDElP/KaBtB6uZGkmXgnz8OvRgg7wJR3n1uHU6r+
-S+19ugY5I5hAFFMLAIg+zO2IqSXW1B+CiE94tr5z96VTyIckO2Ov6p5fcGpI1VkB
-KtcuXGUVuF9pqFRKkFChu90OiqxdcdKYqgjHy1z1jovuYm2pfCB4kvPLn57XVsmB
-T0ZcdHFBf+SwxuKdr8KsK2k4er5c4jTTIflWWktrD9JLcWLc1WUecL18lFByOOWh
-5fF7zX+NNsbMBES3F6TG+06NfgC6z24/h29zfnps75usEExBc7YHJsmWl3Aef6bF
-vcoS2ug8ZXaiefhlFkyx/frGpRnD57ZOvLCi/TUVf2G0cynEKvfsb21LN50eMKD2
-HiIBGoNj9f3vJdIhLTDFurf42ocY5EQzLGleIQ0Zpv6285LqwqKKl5v28o+A4qnp
-Xhkt/3pqZ6aJeSCNQd9Zg5tOd1tXpcTdzl/BmFIvmE+SIsYydLxrX1UEWfJfEL41
-J6qXTzebh7N16bGfxU09OT7puztuK+/vAHEvCGINddDaOJFayVdEaMVUux9nDkoz
-b1U/5UxzpzFdNUZBHg1JjkUWK8oTGmkJTlI1aKJKKA1RfmnzwOd4PeHI1hIuT8YQ
-8qwKY72mCCb4Sr+Xiw43CqJ9NgWCxYr0ua+hqm2xv43QMhSCNd7v1Dg0bi3ZgOi8
-1eSns5VZFww2JkYo7rrKz21EiFXjhZ4u8MF45M5/cbDqbaPVb6FMx7MqaKmnkpQ8
-xT4BC2M4xCiXnYrrjhugw2/FMkMchIN9jG47IQiACQ8pNqoTd2tLFCFpTZeeRCaP
-Dgd8rvaMXjY/Uu9zB+LgRlQ/c01hGL+/d8cNEFzTU9jajOLobi3pKQqLdvlo40Dl
-qH6eLTnYusrZnZySBuZD5c57BBW4GMuetvtqr2l8iV4BJnMvLZ9tB69eA1PhKXwq
-tHY7a0YkhLUUqKFyPvYcnHjU9Bvg9PnciXnoDFMP1Obkou27vpI6NVmIFKMX1OxQ
-A2IJ5YWaN6h8nJOV/THzKjMDmPbXLmtQDuaDPpDaNE+oDwto/UlSQPV8KtW/MR+s
-k3rLyN3KXoVl95gT
------END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/data_files/server1.req.md4 b/tests/data_files/server1.req.md4
deleted file mode 100644
index 1558549..0000000
--- a/tests/data_files/server1.req.md4
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIICgTCCAWkCAQAwPDELMAkGA1UEBhMCTkwxETAPBgNVBAoMCFBvbGFyU1NMMRow
-GAYDVQQDDBFQb2xhclNTTCBTZXJ2ZXIgMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
-ADCCAQoCggEBAKkCHz1AatVVU4v9Nu6CZS4VYV6Jv7joRZDb7ogWUtPxQ1BHlhJZ
-ZIdr/SvgRvlzvt3PkuGRW+1moG+JKXlFgNCDatVBQ3dfOXwJBEeCsFc5cO2j7BUZ
-HqgzCEfBBUKp/UzDtN/dBh9NEFFAZ3MTD0D4bYElXwqxU8YwfhU5rPla7n+SnqYF
-W+cTl4W1I5LZ1CQG1QkliXUH3aYajz8JGb6tZSxk65Wb3P5BXhem2mxbacwCuhQs
-FiScStzN0PdSZ3PxLaAj/X70McotcMqJCwTbLqZPcG6ezr1YieJTWZ5uWpJl4og/
-DJQZo93l6J2VE+0p26twEtxaymsXq1KCVLECAwEAAaAAMA0GCSqGSIb3DQEBAwUA
-A4IBAQAu8SbWDi5udXrs/lljV+jdHky2BFuVFNxZgj5QvLslffdx2/Tj4MVCsqkY
-tAcy5g/urW1WwHcnJ20PRgt60m3BSUJffdKF/kgRyTN1oBFpApHGAJEHPahR/3Mz
-hMBk4D/r6lga60iUhIfky8o8KU+ovHXROHzGfYaVySatpyJW6tkJOz/1ZKLI4s4K
-HGLFxKBd6bvyuMSCpV31J7ZHPQfSH38VEEaTLJ2QOltWDX5k4DlL/F3I5K4VFWOm
-DMndMXkb7LhL9jcaJJRzEmbX3aMdt2aXhQt2LDFMnMCeSHI014URnQd6IzRQYZPp
-qGZf2UmuJdLeIMzSNX2rZ+SVDX9o
------END CERTIFICATE REQUEST-----
diff --git a/tests/include/alt-dummy/arc4_alt.h b/tests/include/alt-dummy/arc4_alt.h
deleted file mode 100644
index b8c2e86..0000000
--- a/tests/include/alt-dummy/arc4_alt.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* arc4_alt.h with dummy types for MBEDTLS_ARC4_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef ARC4_ALT_H
-#define ARC4_ALT_H
-
-typedef struct mbedtls_arc4_context
-{
- int dummy;
-}
-mbedtls_arc4_context;
-
-
-#endif /* arc4_alt.h */
diff --git a/tests/include/alt-dummy/blowfish_alt.h b/tests/include/alt-dummy/blowfish_alt.h
deleted file mode 100644
index 5a4f739..0000000
--- a/tests/include/alt-dummy/blowfish_alt.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* blowfish_alt.h with dummy types for MBEDTLS_BLOWFISH_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef BLOWFISH_ALT_H
-#define BLOWFISH_ALT_H
-
-typedef struct mbedtls_blowfish_context
-{
- int dummy;
-}
-mbedtls_blowfish_context;
-
-
-#endif /* blowfish_alt.h */
diff --git a/tests/include/alt-dummy/md2_alt.h b/tests/include/alt-dummy/md2_alt.h
deleted file mode 100644
index 70c7f15..0000000
--- a/tests/include/alt-dummy/md2_alt.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* md2_alt.h with dummy types for MBEDTLS_MD2_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef MD2_ALT_H
-#define MD2_ALT_H
-
-typedef struct mbedtls_md2_context
-{
- int dummy;
-}
-mbedtls_md2_context;
-
-
-#endif /* md2_alt.h */
diff --git a/tests/include/alt-dummy/md4_alt.h b/tests/include/alt-dummy/md4_alt.h
deleted file mode 100644
index db13f3d..0000000
--- a/tests/include/alt-dummy/md4_alt.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/* md4_alt.h with dummy types for MBEDTLS_MD4_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-#ifndef MD4_ALT_H
-#define MD4_ALT_H
-
-typedef struct mbedtls_md4_context
-{
- int dummy;
-}
-mbedtls_md4_context;
-
-
-#endif /* md4_alt.h */
diff --git a/tests/include/alt-dummy/xtea_alt.h b/tests/include/alt-dummy/xtea_alt.h
deleted file mode 100644
index cb21a3a..0000000
--- a/tests/include/alt-dummy/xtea_alt.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* xtea_alt.h with dummy types for MBEDTLS_XTEA_ALT */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef XTEA_ALT_H
-#define XTEA_ALT_H
-
-typedef struct mbedtls_xtea_context
-{
- int dummy;
-}
-mbedtls_xtea_context;
-
-
-#endif /* xtea_alt.h */
diff --git a/tests/include/test/helpers.h b/tests/include/test/helpers.h
index ab9a0c3..c0d2c00 100644
--- a/tests/include/test/helpers.h
+++ b/tests/include/test/helpers.h
@@ -59,6 +59,10 @@
#include <stddef.h>
#include <stdint.h>
+#if defined(MBEDTLS_BIGNUM_C)
+#include "mbedtls/bignum.h"
+#endif
+
typedef enum
{
MBEDTLS_TEST_RESULT_SUCCESS = 0,
@@ -210,4 +214,25 @@
const char *file, int line);
#endif
+#if defined(MBEDTLS_BIGNUM_C)
+/** Read an MPI from a string.
+ *
+ * Like mbedtls_mpi_read_string(), but size the resulting bignum based
+ * on the number of digits in the string. In particular, construct a
+ * bignum with 0 limbs for an empty string, and a bignum with leading 0
+ * limbs if the string has sufficiently many leading 0 digits.
+ *
+ * This is important so that the "0 (null)" and "0 (1 limb)" and
+ * "leading zeros" test cases do what they claim.
+ *
+ * \param[out] X The MPI object to populate. It must be initialized.
+ * \param radix The radix (2 to 16).
+ * \param[in] s The null-terminated string to read from.
+ *
+ * \return \c 0 on success, an \c MBEDTLS_ERR_MPI_xxx error code otherwise.
+ */
+/* Since the library has exactly the desired behavior, this is trivial. */
+int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s );
+#endif /* MBEDTLS_BIGNUM_C */
+
#endif /* TEST_HELPERS_H */
diff --git a/tests/include/test/psa_exercise_key.h b/tests/include/test/psa_exercise_key.h
index 57eae58..aa0aeb5 100644
--- a/tests/include/test/psa_exercise_key.h
+++ b/tests/include/test/psa_exercise_key.h
@@ -32,11 +32,7 @@
*
* This is used in some smoke tests.
*/
-#if defined(PSA_WANT_ALG_MD2)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD2
-#elif defined(PSA_WANT_ALG_MD4)
-#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD4
-#elif defined(PSA_WANT_ALG_MD5)
+#if defined(PSA_WANT_ALG_MD5)
#define KNOWN_SUPPORTED_HASH_ALG PSA_ALG_MD5
/* MBEDTLS_RIPEMD160_C omitted. This is necessary for the sake of
* exercise_signature_key() because Mbed TLS doesn't support RIPEMD160
@@ -111,9 +107,6 @@
#if defined(KNOWN_SUPPORTED_BLOCK_CIPHER_ALG)
#define KNOWN_SUPPORTED_CIPHER_ALG KNOWN_SUPPORTED_BLOCK_CIPHER_ALG
#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE KNOWN_SUPPORTED_BLOCK_CIPHER
-#elif defined(MBEDTLS_RC4_C)
-#define KNOWN_SUPPORTED_CIPHER_ALG PSA_ALG_RC4
-#define KNOWN_SUPPORTED_CIPHER_KEY_TYPE PSA_KEY_TYPE_RC4
#else
#undef KNOWN_SUPPORTED_CIPHER_ALG
#undef KNOWN_SUPPORTED_CIPHER_KEY_TYPE
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 1423099..fe53669 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -651,6 +651,9 @@
}
pre_generate_files() {
+ # since make doesn't have proper dependencies, remove any possibly outdate
+ # file that might be around before generating fresh ones
+ make neat
make generated_files
}
@@ -1000,7 +1003,6 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
# When MBEDTLS_USE_PSA_CRYPTO is disabled and there is no DRBG,
# the SSL test programs don't have an RNG and can't work. Explicitly
# make them use the PSA RNG with -DMBEDTLS_TEST_USE_PSA_CRYPTO_RNG.
@@ -1023,7 +1025,6 @@
scripts/config.py unset MBEDTLS_CTR_DRBG_C
scripts/config.py unset MBEDTLS_HMAC_DRBG_C
scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
make CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
msg "test: PSA_CRYPTO_EXTERNAL_RNG minus *_DRBG, PSA crypto - main suites"
@@ -1048,43 +1049,6 @@
if_build_succeeded tests/ssl-opt.sh -f 'Default\|opaque'
}
-component_test_ecp_no_internal_rng () {
- msg "build: Default plus ECP_NO_INTERNAL_RNG minus DRBG modules"
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
- scripts/config.py unset MBEDTLS_CTR_DRBG_C
- scripts/config.py unset MBEDTLS_HMAC_DRBG_C
- scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires a DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
- make
-
- msg "test: ECP_NO_INTERNAL_RNG, no DRBG module"
- make test
-
- # no SSL tests as they all depend on having a DRBG
-}
-
-component_test_ecp_restartable_no_internal_rng () {
- msg "build: Default plus ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG"
- scripts/config.py set MBEDTLS_ECP_NO_INTERNAL_RNG
- scripts/config.py set MBEDTLS_ECP_RESTARTABLE
- scripts/config.py unset MBEDTLS_CTR_DRBG_C
- scripts/config.py unset MBEDTLS_HMAC_DRBG_C
- scripts/config.py unset MBEDTLS_ECDSA_DETERMINISTIC # requires HMAC_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_C # requires CTR_DRBG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C # requires PSA Crypto
-
- CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
- make
-
- msg "test: ECP_RESTARTABLE and ECP_NO_INTERNAL_RNG, no DRBG module"
- make test
-
- # no SSL tests as they all depend on having a DRBG
-}
-
component_test_everest () {
msg "build: Everest ECDH context (ASan build)" # ~ 6 min
scripts/config.py set MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
@@ -1099,7 +1063,7 @@
msg "test: Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
# Exclude some symmetric ciphers that are redundant here to gain time.
- if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+ if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES'
}
component_test_everest_curve25519_only () {
@@ -1187,8 +1151,8 @@
msg "test: ssl-opt.sh default, ECJPAKE, SSL async (full config)" # ~ 1s
if_build_succeeded tests/ssl-opt.sh -f 'Default\|ECJPAKE\|SSL async private'
- msg "test: compat.sh RC4, DES, 3DES & NULL (full config)" # ~ 2 min
- if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ msg "test: compat.sh DES, 3DES & NULL (full config)" # ~ 2 min
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '^$' -f 'NULL\|DES'
msg "test: compat.sh ARIA + ChachaPoly"
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
@@ -1418,8 +1382,8 @@
msg "test: compat.sh default (full minus MBEDTLS_USE_PSA_CRYPTO)"
if_build_succeeded tests/compat.sh
- msg "test: compat.sh RC4, DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)"
- if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ msg "test: compat.sh DES & NULL (full minus MBEDTLS_USE_PSA_CRYPTO)"
+ if_build_succeeded env OPENSSL_CMD="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" tests/compat.sh -e '3DES\|DES-CBC3' -f 'NULL\|DES'
msg "test: compat.sh ARIA + ChachaPoly (full minus MBEDTLS_USE_PSA_CRYPTO)"
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
@@ -1466,8 +1430,6 @@
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160"
@@ -1596,46 +1558,6 @@
make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_HKDF -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
}
-# This should be renamed to test and updated once the accelerator MD2 code is in place and ready to test.
-component_build_psa_accel_alg_md2() {
- # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD2 without other hashes
- msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD2 - other hashes"
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
- # Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD2 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
-# This should be renamed to test and updated once the accelerator MD4 code is in place and ready to test.
-component_build_psa_accel_alg_md4() {
- # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD4 without other hashes
- msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD4 - other hashes"
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_256
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_384
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_512
- # Need to define the correct symbol and include the test driver header path in order to build with the test driver
- make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_MD4 -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
-}
-
# This should be renamed to test and updated once the accelerator MD5 code is in place and ready to test.
component_build_psa_accel_alg_md5() {
# full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_MD5 without other hashes
@@ -1644,8 +1566,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
@@ -1664,8 +1584,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
@@ -1684,8 +1602,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_224
@@ -1704,8 +1620,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -1723,8 +1637,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -1743,8 +1655,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -1762,8 +1672,6 @@
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD2
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD4
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_SHA_1
@@ -2053,7 +1961,6 @@
component_test_when_no_ciphersuites_have_mac () {
msg "build: when no ciphersuites have MAC"
scripts/config.py unset MBEDTLS_CIPHER_NULL_CIPHER
- scripts/config.py unset MBEDTLS_ARC4_C
scripts/config.py unset MBEDTLS_CIPHER_MODE_CBC
scripts/config.py unset MBEDTLS_CMAC_C
make
@@ -2200,8 +2107,6 @@
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_CFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_ECDSA"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD2"
- loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD4"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_MD5"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_OFB"
loc_cflags="${loc_cflags} -DMBEDTLS_PSA_ACCEL_ALG_RIPEMD160"
@@ -2318,7 +2223,7 @@
msg "test: i386, Everest ECDH context - compat.sh with some ECDH ciphersuites (ASan build)" # ~ 3 min
# Exclude some symmetric ciphers that are redundant here to gain time.
- if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARCFOUR\|ARIA\|CAMELLIA\|CHACHA\|DES\|RC4'
+ if_build_succeeded tests/compat.sh -f ECDH -V NO -e 'ARIA\|CAMELLIA\|CHACHA\|DES'
}
support_test_m32_everest () {
support_test_m32_o0 "$@"
diff --git a/tests/scripts/basic-build-test.sh b/tests/scripts/basic-build-test.sh
index 93b7e1d..8fcde6f 100755
--- a/tests/scripts/basic-build-test.sh
+++ b/tests/scripts/basic-build-test.sh
@@ -118,10 +118,10 @@
sh compat.sh -m 'tls1_2 dtls1_2'
echo
- echo '#### compat.sh: legacy (null, DES, RC4)'
+ echo '#### compat.sh: legacy (null, DES)'
OPENSSL_CMD="$OPENSSL_LEGACY" \
GNUTLS_CLI="$GNUTLS_LEGACY_CLI" GNUTLS_SERV="$GNUTLS_LEGACY_SERV" \
- sh compat.sh -e '^$' -f 'NULL\|DES\|RC4\|ARCFOUR'
+ sh compat.sh -e '^$' -f 'NULL\|DES'
echo
echo '#### compat.sh: next (ARIA, ChaCha)'
diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index 9492896..2a06adc 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -90,7 +90,7 @@
printf "Likely typos: "
sort -u actual-macros enum-consts > _caps
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h | egrep -v 'compat-2\.x\.h' )
HEADERS="$HEADERS library/*.h"
HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
LIBRARY="$( ls library/*.c )"
diff --git a/tests/scripts/depends-hashes.pl b/tests/scripts/depends-hashes.pl
index 0778481..c5f1521 100755
--- a/tests/scripts/depends-hashes.pl
+++ b/tests/scripts/depends-hashes.pl
@@ -54,8 +54,6 @@
# should be tested together. Certain options depend on eachother and
# separating them would generate invalid configurations.
my @hash_configs = (
- ['unset MBEDTLS_MD2_C'],
- ['unset MBEDTLS_MD4_C'],
['unset MBEDTLS_MD5_C'],
['unset MBEDTLS_SHA512_C', 'unset MBEDTLS_SHA384_C '],
['unset MBEDTLS_SHA384_C'],
diff --git a/tests/scripts/generate_psa_tests.py b/tests/scripts/generate_psa_tests.py
index 8c53414..9615c29 100755
--- a/tests/scripts/generate_psa_tests.py
+++ b/tests/scripts/generate_psa_tests.py
@@ -295,6 +295,38 @@
*extra_arguments])
return tc
+ def key_for_lifetime(
+ self,
+ lifetime: str,
+ ) -> StorageKey:
+ """Construct a test key for the given lifetime."""
+ short = lifetime
+ short = re.sub(r'PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION',
+ r'', short)
+ short = re.sub(r'PSA_KEY_[A-Z]+_', r'', short)
+ description = 'lifetime: ' + short
+ key = StorageKey(version=self.version,
+ id=1, lifetime=lifetime,
+ type='PSA_KEY_TYPE_RAW_DATA', bits=8,
+ usage='PSA_KEY_USAGE_EXPORT', alg=0, alg2=0,
+ material=b'L',
+ description=description)
+ return key
+
+ def all_keys_for_lifetimes(self) -> Iterator[StorageKey]:
+ """Generate test keys covering lifetimes."""
+ lifetimes = sorted(self.constructors.lifetimes)
+ expressions = self.constructors.generate_expressions(lifetimes)
+ for lifetime in expressions:
+ # Don't attempt to create or load a volatile key in storage
+ if 'VOLATILE' in lifetime:
+ continue
+ # Don't attempt to create a read-only key in storage,
+ # but do attempt to load one.
+ if 'READ_ONLY' in lifetime and self.forward:
+ continue
+ yield self.key_for_lifetime(lifetime)
+
def key_for_usage_flags(
self,
usage_flags: List[str],
@@ -395,12 +427,17 @@
# one go, which is a significant performance gain as the information
# includes numerical values obtained by compiling a C program.
keys = [] #type: List[StorageKey]
+ keys += self.all_keys_for_lifetimes()
keys += self.all_keys_for_usage_flags()
keys += self.all_keys_for_types()
keys += self.all_keys_for_algorithms()
for key in keys:
+ if key.location_value() != 0:
+ # Skip keys with a non-default location, because they
+ # require a driver and we currently have no mechanism to
+ # determine whether a driver is available.
+ continue
yield self.make_test_case(key)
- # To do: vary id, lifetime
class TestGenerator:
diff --git a/tests/scripts/list-enum-consts.pl b/tests/scripts/list-enum-consts.pl
index 225612f..6d93693 100755
--- a/tests/scripts/list-enum-consts.pl
+++ b/tests/scripts/list-enum-consts.pl
@@ -23,8 +23,7 @@
-d 'include/mbedtls' or die "$0: must be run from root\n";
-@ARGV = <include/mbedtls/*.h>;
-push @ARGV, <library/*.h>;
+@ARGV = grep { ! /compat-2\.x\.h/ } <include/mbedtls/*.h>;
push @ARGV, "3rdparty/everest/include/everest/everest.h";
push @ARGV, "3rdparty/everest/include/everest/x25519.h";
push @ARGV, glob("library/*.h");
diff --git a/tests/scripts/list-identifiers.sh b/tests/scripts/list-identifiers.sh
index b8a6d53..9698fc8 100755
--- a/tests/scripts/list-identifiers.sh
+++ b/tests/scripts/list-identifiers.sh
@@ -47,9 +47,9 @@
if [ $INTERNAL ]
then
- HEADERS=$( ls library/*.h )
+ HEADERS=$( ls include/mbedtls/*_internal.h library/*.h | egrep -v 'compat-2\.x\.h' )
else
- HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h )
+ HEADERS=$( ls include/mbedtls/*.h include/psa/*.h library/*.h | egrep -v 'compat-2\.x\.h' )
HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
fi
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index fd19c47..2e62359 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -22,7 +22,7 @@
exit 1
fi
-HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h )
+HEADERS=$( ls include/mbedtls/*.h include/psa/*.h tests/include/test/drivers/*.h | egrep -v 'compat-2\.x\.h' )
HEADERS="$HEADERS library/*.h"
HEADERS="$HEADERS 3rdparty/everest/include/everest/everest.h 3rdparty/everest/include/everest/x25519.h"
diff --git a/tests/scripts/set_psa_test_dependencies.py b/tests/scripts/set_psa_test_dependencies.py
index 8690f22..2705f06 100755
--- a/tests/scripts/set_psa_test_dependencies.py
+++ b/tests/scripts/set_psa_test_dependencies.py
@@ -61,9 +61,7 @@
# Only modules that provide cryptographic mechanisms are listed here.
# Platform, data formatting, X.509 or TLS modules are omitted.
'MBEDTLS_AES_C',
- 'MBEDTLS_ARC4_C',
'MBEDTLS_BIGNUM_C',
- #cipher#'MBEDTLS_BLOWFISH_C',
'MBEDTLS_CAMELLIA_C',
'MBEDTLS_ARIA_C',
'MBEDTLS_CCM_C',
@@ -82,8 +80,6 @@
'MBEDTLS_HKDF_C',
'MBEDTLS_HMAC_DRBG_C',
'MBEDTLS_NIST_KW_C',
- 'MBEDTLS_MD2_C',
- 'MBEDTLS_MD4_C',
'MBEDTLS_MD5_C',
'MBEDTLS_PKCS5_C',
'MBEDTLS_PKCS12_C',
@@ -93,7 +89,6 @@
'MBEDTLS_SHA1_C',
'MBEDTLS_SHA256_C',
'MBEDTLS_SHA512_C',
- 'MBEDTLS_XTEA_C',
])
def is_classic_dependency(dep):
diff --git a/tests/src/helpers.c b/tests/src/helpers.c
index cac6d4c..4d3d53d 100644
--- a/tests/src/helpers.c
+++ b/tests/src/helpers.c
@@ -259,3 +259,18 @@
}
}
#endif /* MBEDTLS_TEST_HOOKS */
+
+#if defined(MBEDTLS_BIGNUM_C)
+int mbedtls_test_read_mpi( mbedtls_mpi *X, int radix, const char *s )
+{
+ /* mbedtls_mpi_read_string() currently retains leading zeros.
+ * It always allocates at least one limb for the value 0. */
+ if( s[0] == 0 )
+ {
+ mbedtls_mpi_free( X );
+ return( 0 );
+ }
+ else
+ return( mbedtls_mpi_read_string( X, radix, s ) );
+}
+#endif
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index d122111..c8e4985 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -1008,7 +1008,7 @@
run_test_psa_force_curve() {
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
run_test "PSA - ECDH with $1" \
- "$P_SRV debug_level=4 force_version=tls1_2" \
+ "$P_SRV debug_level=4 force_version=tls1_2 curves=$1" \
"$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
0 \
-c "Successfully setup PSA-based decryption cipher context" \
@@ -1233,7 +1233,7 @@
# Checks that:
# - things work with all ciphersuites active (used with config-full in all.sh)
-# - the expected (highest security) parameters are selected
+# - the expected parameters are selected
# ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
run_test "Default" \
"$P_SRV debug_level=3" \
@@ -1242,7 +1242,7 @@
-s "Protocol is TLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
-s "client hello v3, signature_algorithm ext: 6" \
- -s "ECDHE curve: secp521r1" \
+ -s "ECDHE curve: x25519" \
-S "error" \
-C "error"
@@ -1464,102 +1464,6 @@
-S "next record in same datagram" \
-C "next record in same datagram"
-# Tests for Truncated HMAC extension
-
-run_test "Truncated HMAC: client default, server default" \
- "$P_SRV debug_level=4" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC: client disabled, server default" \
- "$P_SRV debug_level=4" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC: client enabled, server default" \
- "$P_SRV debug_level=4" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC: client enabled, server disabled" \
- "$P_SRV debug_level=4 trunc_hmac=0" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC: client disabled, server enabled" \
- "$P_SRV debug_level=4 trunc_hmac=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC: client enabled, server enabled" \
- "$P_SRV debug_level=4 trunc_hmac=1" \
- "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
- 0 \
- -S "dumping 'expected mac' (20 bytes)" \
- -s "dumping 'expected mac' (10 bytes)"
-
-run_test "Truncated HMAC, DTLS: client default, server default" \
- "$P_SRV dtls=1 debug_level=4" \
- "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC, DTLS: client disabled, server default" \
- "$P_SRV dtls=1 debug_level=4" \
- "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC, DTLS: client enabled, server default" \
- "$P_SRV dtls=1 debug_level=4" \
- "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC, DTLS: client enabled, server disabled" \
- "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \
- "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC, DTLS: client disabled, server enabled" \
- "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
- "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
- 0 \
- -s "dumping 'expected mac' (20 bytes)" \
- -S "dumping 'expected mac' (10 bytes)"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
- "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
- "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
- 0 \
- -S "dumping 'expected mac' (20 bytes)" \
- -s "dumping 'expected mac' (10 bytes)"
-
# Tests for Context serialization
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
@@ -5660,22 +5564,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
- "$P_SRV trunc_hmac=1" \
- "$P_CLI request_size=1 force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "Read from client: 1 bytes read"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
- "$P_SRV trunc_hmac=1" \
- "$P_CLI request_size=1 force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
- 0 \
- -s "Read from client: 1 bytes read"
-
run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV" \
"$P_CLI request_size=1 force_version=tls1_2 \
@@ -5708,24 +5596,6 @@
0 \
-s "Read from client: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small client packet DTLS 1.2, truncated hmac" \
- "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
- "$P_CLI dtls=1 request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "Read from client: 1 bytes read"
-
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
- "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
- "$P_CLI dtls=1 request_size=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
- 0 \
- -s "Read from client: 1 bytes read"
-
# Tests for small server packets
run_test "Small server packet TLS 1.2 BlockCipher" \
@@ -5749,22 +5619,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
- "$P_SRV response_size=1 trunc_hmac=1" \
- "$P_CLI force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
- 0 \
- -c "Read from server: 1 bytes read"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
- "$P_SRV response_size=1 trunc_hmac=1" \
- "$P_CLI force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
- 0 \
- -c "Read from server: 1 bytes read"
-
run_test "Small server packet TLS 1.2 AEAD" \
"$P_SRV response_size=1" \
"$P_CLI force_version=tls1_2 \
@@ -5797,24 +5651,6 @@
0 \
-c "Read from server: 1 bytes read"
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small server packet DTLS 1.2, truncated hmac" \
- "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
- "$P_CLI dtls=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
- 0 \
- -c "Read from server: 1 bytes read"
-
-requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
- "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
- "$P_CLI dtls=1 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
- 0 \
- -c "Read from server: 1 bytes read"
-
# Test for large client packets
# How many fragments do we expect to write $1 bytes?
@@ -5845,23 +5681,6 @@
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
- "$P_SRV trunc_hmac=1" \
- "$P_CLI request_size=16384 force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
- 0 \
- -s "Read from client: $MAX_CONTENT_LEN bytes read"
-
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
- "$P_SRV trunc_hmac=1" \
- "$P_CLI request_size=16384 force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
- 0 \
- -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
- -s "Read from client: $MAX_CONTENT_LEN bytes read"
-
run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV" \
"$P_CLI request_size=16384 force_version=tls1_2 \
@@ -5900,15 +5719,6 @@
0 \
-c "Read from server: 16384 bytes read"
-requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
-run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \
- "$P_SRV response_size=16384" \
- "$P_CLI force_version=tls1_2 \
- force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
- trunc_hmac=1" \
- 0 \
- -c "Read from server: 16384 bytes read"
-
run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV response_size=16384 trunc_hmac=1" \
"$P_CLI force_version=tls1_2 \
@@ -5933,9 +5743,12 @@
# Tests for restartable ECC
+# Force the use of a curve that supports restartable ECC (secp256r1).
+
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, default" \
- "$P_SRV auth_mode=required" \
+ "$P_SRV curves=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1" \
@@ -5946,8 +5759,9 @@
-C "mbedtls_pk_sign.*4b00"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=0" \
- "$P_SRV auth_mode=required" \
+ "$P_SRV curves=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1 ec_max_ops=0" \
@@ -5958,8 +5772,9 @@
-C "mbedtls_pk_sign.*4b00"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=65535" \
- "$P_SRV auth_mode=required" \
+ "$P_SRV curves=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1 ec_max_ops=65535" \
@@ -5970,8 +5785,9 @@
-C "mbedtls_pk_sign.*4b00"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=1000" \
- "$P_SRV auth_mode=required" \
+ "$P_SRV curves=secp256r1 auth_mode=required" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1 ec_max_ops=1000" \
@@ -5982,8 +5798,9 @@
-c "mbedtls_pk_sign.*4b00"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=1000, badsign" \
- "$P_SRV auth_mode=required \
+ "$P_SRV curves=secp256r1 auth_mode=required \
crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
@@ -5999,8 +5816,9 @@
-c "X509 - Certificate verification failed"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
- "$P_SRV auth_mode=required \
+ "$P_SRV curves=secp256r1 auth_mode=required \
crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
@@ -6016,8 +5834,9 @@
-C "X509 - Certificate verification failed"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
- "$P_SRV auth_mode=required \
+ "$P_SRV curves=secp256r1 auth_mode=required \
crt_file=data_files/server5-badsign.crt \
key_file=data_files/server5.key" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
@@ -6033,8 +5852,9 @@
-C "X509 - Certificate verification failed"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: DTLS, max_ops=1000" \
- "$P_SRV auth_mode=required dtls=1" \
+ "$P_SRV curves=secp256r1 auth_mode=required dtls=1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt \
dtls=1 debug_level=1 ec_max_ops=1000" \
@@ -6045,8 +5865,9 @@
-c "mbedtls_pk_sign.*4b00"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=1000 no client auth" \
- "$P_SRV" \
+ "$P_SRV curves=secp256r1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
debug_level=1 ec_max_ops=1000" \
0 \
@@ -6056,8 +5877,9 @@
-C "mbedtls_pk_sign.*4b00"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
- "$P_SRV psk=abc123" \
+ "$P_SRV curves=secp256r1 psk=abc123" \
"$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
psk=abc123 debug_level=1 ec_max_ops=1000" \
0 \
@@ -8555,12 +8377,6 @@
"$P_SRV eap_tls=1 debug_level=3" \
"$P_CLI eap_tls=1 debug_level=3" \
0 \
- -s "exported maclen is " \
- -s "exported keylen is " \
- -s "exported ivlen is " \
- -c "exported maclen is " \
- -c "exported keylen is " \
- -c "exported ivlen is " \
-c "EAP-TLS key material is:"\
-s "EAP-TLS key material is:"\
-c "EAP-TLS IV is:" \
diff --git a/tests/suites/test_suite_aes.function b/tests/suites/test_suite_aes.function
index aa3df92..1892c25 100644
--- a/tests/suites/test_suite_aes.function
+++ b/tests/suites/test_suite_aes.function
@@ -207,6 +207,8 @@
memset( data_unit, 0x00, sizeof( data_unit ) );
TEST_ASSERT( mbedtls_aes_crypt_xts( &ctx, MBEDTLS_AES_ENCRYPT, length, data_unit, src, output ) == retval );
+exit:
+ mbedtls_aes_xts_free( &ctx );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_arc4.data b/tests/suites/test_suite_arc4.data
deleted file mode 100644
index cf32c85..0000000
--- a/tests/suites/test_suite_arc4.data
+++ /dev/null
@@ -1,27 +0,0 @@
-Test vector ARC4 [Cryptlib]
-mbedtls_arc4_crypt:"0000000000000000":"0123456789abcdef":"7494c2e7104b0879"
-
-Test vector ARC4 [COMMERCE]
-mbedtls_arc4_crypt:"dcee4cf92c":"618a63d2fb":"f13829c9de"
-
-Test vector ARC4 [SSH ARCFOUR]
-mbedtls_arc4_crypt:"527569736c696e6e756e206c61756c75206b6f727669737373616e692c2074e4686be470e46964656e2070e4e46c6ce42074e47973696b75752e204b6573e479f66e206f6e206f6e6e69206f6d616e616e692c206b61736b6973617675756e206c61616b736f7420766572686f75752e20456e206d6120696c6f697473652c20737572652068756f6b61612c206d75747461206d657473e46e2074756d6d757573206d756c6c652074756f6b61612e205075756e746f2070696c76656e2c206d692068756b6b75752c207369696e746f20766172616e207475756c6973656e2c206d69206e756b6b75752e2054756f6b7375742076616e616d6f6e206a61207661726a6f74207665656e2c206e69697374e420737964e46d656e69206c61756c756e207465656e2e202d2045696e6f204c65696e6f":"29041972fb42ba5fc7127712f13829c9":"358186999001e6b5daf05eceeb7eee21e0689c1f00eea81f7dd2caaee1d2763e68af0ead33d66c268bc946c484fbe94c5f5e0b86a59279e4f824e7a640bd223210b0a61160b7bce986ea65688003596b630a6b90f8e0caf6912a98eb872176e83c202caa64166d2cce57ff1bca57b213f0ed1aa72fb8ea52b0be01cd1e412867720b326eb389d011bd70d8af035fb0d8589dbce3c666f5ea8d4c7954c50c3f340b0467f81b425961c11843074df620f208404b394cf9d37ff54b5f1ad8f6ea7da3c561dfa7281f964463d2cc35a4d1b03490dec51b0711fbd6f55f79234d5b7c766622a66de92be996461d5e4dc878ef9bca030521e8351e4baed2fd04f9467368c4ad6ac186d08245b263a2666d1f6c5420f1599dfd9f438921c2f5a463938ce0982265eef70179bc553f339eb1a4c1af5f6a547f"
-
-Test Vector ARC4 [RFC6229 40-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405":"b2396305f03dc027ccc3524a0a1118a86982944f18fc82d589c403a47a0d0919"
-
-Test Vector ARC4 [RFC6229 56-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"01020304050607":"293f02d47f37c9b633f2af5285feb46be620f1390d19bd84e2e0fd752031afc1"
-
-Test Vector ARC4 [RFC6229 64-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405060708":"97ab8a1bf0afb96132f2f67258da15a88263efdb45c4a18684ef87e6b19e5b09"
-
-Test Vector ARC4 [RFC6229 128-bit]
-mbedtls_arc4_crypt:"0000000000000000000000000000000000000000000000000000000000000000":"0102030405060708090a0b0c0d0e0f10":"9ac7cc9a609d1ef7b2932899cde41b975248c4959014126a6e8a84f11d1a9e1c"
-
-TMP
-mbedtls_arc4_crypt:"1400002433c96cfa5c53a65184fcba83d9793f42522f94e49bf25edcb7a23c9eaae5ca84f6ee6da8":"5e58b1ad80":"e9a3d07ea1a3eac9fd73dcb14c409f2d434a72b6aa077e0924bcffc236f55d2d372b289707571531"
-
-ARC4 Selftest
-depends_on:MBEDTLS_SELF_TEST
-arc4_selftest:
diff --git a/tests/suites/test_suite_arc4.function b/tests/suites/test_suite_arc4.function
deleted file mode 100644
index c1e2386..0000000
--- a/tests/suites/test_suite_arc4.function
+++ /dev/null
@@ -1,37 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/arc4.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_ARC4_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void mbedtls_arc4_crypt( data_t * src_str, data_t * key_str, data_t * dst )
-{
- unsigned char dst_str[1000];
- mbedtls_arc4_context ctx;
-
- memset(dst_str, 0x00, 1000);
- mbedtls_arc4_init( &ctx );
-
-
- mbedtls_arc4_setup(&ctx, key_str->x, key_str->len);
- TEST_ASSERT( mbedtls_arc4_crypt(&ctx, src_str->len,
- src_str->x, dst_str ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( dst_str, dst->x,
- src_str->len, dst->len ) == 0 );
-
-exit:
- mbedtls_arc4_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void arc4_selftest( )
-{
- TEST_ASSERT( mbedtls_arc4_self_test( 1 ) == 0 );
-}
-/* END_CASE */
diff --git a/tests/suites/test_suite_asn1parse.function b/tests/suites/test_suite_asn1parse.function
index abcd1db..535274b 100644
--- a/tests/suites/test_suite_asn1parse.function
+++ b/tests/suites/test_suite_asn1parse.function
@@ -417,7 +417,7 @@
}
#if defined(MBEDTLS_BIGNUM_C)
- ret = mbedtls_mpi_read_string( &expected_mpi, 16, expected_hex );
+ ret = mbedtls_test_read_mpi( &expected_mpi, 16, expected_hex );
TEST_ASSERT( ret == 0 || ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
if( ret == MBEDTLS_ERR_MPI_BAD_INPUT_DATA )
{
diff --git a/tests/suites/test_suite_blowfish.data b/tests/suites/test_suite_blowfish.data
deleted file mode 100644
index 0ebb642..0000000
--- a/tests/suites/test_suite_blowfish.data
+++ /dev/null
@@ -1,311 +0,0 @@
-BLOWFISH - Invalid parameters
-blowfish_invalid_param:
-
-BLOWFISH-ECB Encrypt SSLeay reference #1
-blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #2
-blowfish_encrypt_ecb:"ffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #3
-blowfish_encrypt_ecb:"3000000000000000":"1000000000000001":"7d856f9a613063f2":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #4
-blowfish_encrypt_ecb:"1111111111111111":"1111111111111111":"2466dd878b963c9d":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #5
-blowfish_encrypt_ecb:"0123456789abcdef":"1111111111111111":"61f9c3802281b096":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #6
-blowfish_encrypt_ecb:"1111111111111111":"0123456789abcdef":"7d0cc630afda1ec7":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #7
-blowfish_encrypt_ecb:"0000000000000000":"0000000000000000":"4ef997456198dd78":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #8
-blowfish_encrypt_ecb:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #9
-blowfish_encrypt_ecb:"7ca110454a1a6e57":"01a1d6d039776742":"59c68245eb05282b":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #10
-blowfish_encrypt_ecb:"0131d9619dc1376e":"5cd54ca83def57da":"b1b8cc0b250f09a0":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #11
-blowfish_encrypt_ecb:"07a1133e4a0b2686":"0248d43806f67172":"1730e5778bea1da4":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #12
-blowfish_encrypt_ecb:"3849674c2602319e":"51454b582ddf440a":"a25e7856cf2651eb":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #13
-blowfish_encrypt_ecb:"04b915ba43feb5b6":"42fd443059577fa2":"353882b109ce8f1a":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #14
-blowfish_encrypt_ecb:"0113b970fd34f2ce":"059b5e0851cf143a":"48f4d0884c379918":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #15
-blowfish_encrypt_ecb:"0170f175468fb5e6":"0756d8e0774761d2":"432193b78951fc98":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #16
-blowfish_encrypt_ecb:"43297fad38e373fe":"762514b829bf486a":"13f04154d69d1ae5":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #17
-blowfish_encrypt_ecb:"07a7137045da2a16":"3bdd119049372802":"2eedda93ffd39c79":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #18
-blowfish_encrypt_ecb:"04689104c2fd3b2f":"26955f6835af609a":"d887e0393c2da6e3":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #19
-blowfish_encrypt_ecb:"37d06bb516cb7546":"164d5e404f275232":"5f99d04f5b163969":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #20
-blowfish_encrypt_ecb:"1f08260d1ac2465e":"6b056e18759f5cca":"4a057a3b24d3977b":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #21
-blowfish_encrypt_ecb:"584023641aba6176":"004bd6ef09176062":"452031c1e4fada8e":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #22
-blowfish_encrypt_ecb:"025816164629b007":"480d39006ee762f2":"7555ae39f59b87bd":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #23
-blowfish_encrypt_ecb:"49793ebc79b3258f":"437540c8698f3cfa":"53c55f9cb49fc019":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #24
-blowfish_encrypt_ecb:"4fb05e1515ab73a7":"072d43a077075292":"7a8e7bfa937e89a3":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #25
-blowfish_encrypt_ecb:"49e95d6d4ca229bf":"02fe55778117f12a":"cf9c5d7a4986adb5":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #26
-blowfish_encrypt_ecb:"018310dc409b26d6":"1d9d5c5018f728c2":"d1abb290658bc778":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #27
-blowfish_encrypt_ecb:"1c587f1c13924fef":"305532286d6f295a":"55cb3774d13ef201":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #28
-blowfish_encrypt_ecb:"0101010101010101":"0123456789abcdef":"fa34ec4847b268b2":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #29
-blowfish_encrypt_ecb:"1f1f1f1f0e0e0e0e":"0123456789abcdef":"a790795108ea3cae":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #30
-blowfish_encrypt_ecb:"e0fee0fef1fef1fe":"0123456789abcdef":"c39e072d9fac631d":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #31
-blowfish_encrypt_ecb:"0000000000000000":"ffffffffffffffff":"014933e0cdaff6e4":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #32
-blowfish_encrypt_ecb:"ffffffffffffffff":"0000000000000000":"f21e9a77b71c49bc":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #33
-blowfish_encrypt_ecb:"0123456789abcdef":"0000000000000000":"245946885754369a":0
-
-BLOWFISH-ECB Encrypt SSLeay reference #34
-blowfish_encrypt_ecb:"fedcba9876543210":"ffffffffffffffff":"6b5c5a9c5d9e0a5a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #1
-blowfish_decrypt_ecb:"0000000000000000":"4ef997456198dd78":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #2
-blowfish_decrypt_ecb:"ffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #3
-blowfish_decrypt_ecb:"3000000000000000":"7d856f9a613063f2":"1000000000000001":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #4
-blowfish_decrypt_ecb:"1111111111111111":"2466dd878b963c9d":"1111111111111111":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #5
-blowfish_decrypt_ecb:"0123456789abcdef":"61f9c3802281b096":"1111111111111111":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #6
-blowfish_decrypt_ecb:"1111111111111111":"7d0cc630afda1ec7":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #7
-blowfish_decrypt_ecb:"0000000000000000":"4ef997456198dd78":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #8
-blowfish_decrypt_ecb:"fedcba9876543210":"0aceab0fc6a0a28d":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #9
-blowfish_decrypt_ecb:"7ca110454a1a6e57":"59c68245eb05282b":"01a1d6d039776742":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #10
-blowfish_decrypt_ecb:"0131d9619dc1376e":"b1b8cc0b250f09a0":"5cd54ca83def57da":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #11
-blowfish_decrypt_ecb:"07a1133e4a0b2686":"1730e5778bea1da4":"0248d43806f67172":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #12
-blowfish_decrypt_ecb:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #13
-blowfish_decrypt_ecb:"04b915ba43feb5b6":"353882b109ce8f1a":"42fd443059577fa2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #14
-blowfish_decrypt_ecb:"0113b970fd34f2ce":"48f4d0884c379918":"059b5e0851cf143a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #15
-blowfish_decrypt_ecb:"0170f175468fb5e6":"432193b78951fc98":"0756d8e0774761d2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #16
-blowfish_decrypt_ecb:"43297fad38e373fe":"13f04154d69d1ae5":"762514b829bf486a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #17
-blowfish_decrypt_ecb:"07a7137045da2a16":"2eedda93ffd39c79":"3bdd119049372802":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #18
-blowfish_decrypt_ecb:"04689104c2fd3b2f":"d887e0393c2da6e3":"26955f6835af609a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #19
-blowfish_decrypt_ecb:"37d06bb516cb7546":"5f99d04f5b163969":"164d5e404f275232":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #20
-blowfish_decrypt_ecb:"1f08260d1ac2465e":"4a057a3b24d3977b":"6b056e18759f5cca":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #21
-blowfish_decrypt_ecb:"584023641aba6176":"452031c1e4fada8e":"004bd6ef09176062":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #22
-blowfish_decrypt_ecb:"025816164629b007":"7555ae39f59b87bd":"480d39006ee762f2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #23
-blowfish_decrypt_ecb:"49793ebc79b3258f":"53c55f9cb49fc019":"437540c8698f3cfa":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #24
-blowfish_decrypt_ecb:"4fb05e1515ab73a7":"7a8e7bfa937e89a3":"072d43a077075292":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #25
-blowfish_decrypt_ecb:"49e95d6d4ca229bf":"cf9c5d7a4986adb5":"02fe55778117f12a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #26
-blowfish_decrypt_ecb:"018310dc409b26d6":"d1abb290658bc778":"1d9d5c5018f728c2":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #27
-blowfish_decrypt_ecb:"1c587f1c13924fef":"55cb3774d13ef201":"305532286d6f295a":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #28
-blowfish_decrypt_ecb:"0101010101010101":"fa34ec4847b268b2":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #29
-blowfish_decrypt_ecb:"1f1f1f1f0e0e0e0e":"a790795108ea3cae":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #30
-blowfish_decrypt_ecb:"e0fee0fef1fef1fe":"c39e072d9fac631d":"0123456789abcdef":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #31
-blowfish_decrypt_ecb:"0000000000000000":"014933e0cdaff6e4":"ffffffffffffffff":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #32
-blowfish_decrypt_ecb:"ffffffffffffffff":"f21e9a77b71c49bc":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #33
-blowfish_decrypt_ecb:"0123456789abcdef":"245946885754369a":"0000000000000000":0
-
-BLOWFISH-ECB Decrypt SSLeay reference #34
-blowfish_decrypt_ecb:"fedcba9876543210":"6b5c5a9c5d9e0a5a":"ffffffffffffffff":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #1
-blowfish_encrypt_ecb:"f0":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-SETKEY Setkey SSLeay reference #2
-blowfish_encrypt_ecb:"f0e1":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-SETKEY Setkey SSLeay reference #3
-blowfish_encrypt_ecb:"f0e1d2":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-SETKEY Setkey SSLeay reference #4
-blowfish_encrypt_ecb:"f0e1d2c3":"fedcba9876543210":"be1e639408640f05":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #5
-blowfish_encrypt_ecb:"f0e1d2c3b4":"fedcba9876543210":"b39e44481bdb1e6e":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #6
-blowfish_encrypt_ecb:"f0e1d2c3b4a5":"fedcba9876543210":"9457aa83b1928c0d":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #7
-blowfish_encrypt_ecb:"f0e1d2c3b4a596":"fedcba9876543210":"8bb77032f960629d":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #8
-blowfish_encrypt_ecb:"f0e1d2c3b4a59687":"fedcba9876543210":"e87a244e2cc85e82":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #9
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778":"fedcba9876543210":"15750e7a4f4ec577":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #10
-blowfish_encrypt_ecb:"f0e1d2c3b4a596877869":"fedcba9876543210":"122ba70b3ab64ae0":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #11
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a":"fedcba9876543210":"3a833c9affc537f6":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #12
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b":"fedcba9876543210":"9409da87a90f6bf2":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #13
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c":"fedcba9876543210":"884f80625060b8b4":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #14
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d":"fedcba9876543210":"1f85031c19e11968":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #15
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e":"fedcba9876543210":"79d9373a714ca34f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #16
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f":"fedcba9876543210":"93142887ee3be15c":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #17
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00":"fedcba9876543210":"03429e838ce2d14b":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #18
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011":"fedcba9876543210":"a4299e27469ff67b":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #19
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f001122":"fedcba9876543210":"afd5aed1c1bc96a8":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #20
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233":"fedcba9876543210":"10851c0e3858da9f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #21
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011223344":"fedcba9876543210":"e6f51ed79b9db21f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #22
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f001122334455":"fedcba9876543210":"64a6e14afd36b46f":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #23
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566":"fedcba9876543210":"80c7d7d45a5479ad":0
-
-BLOWFISH-SETKEY Setkey SSLeay reference #24
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f0011223344556677":"fedcba9876543210":"05044b62fa52d080":0
-
-BLOWFISH-SETKEY Setkey 440 bits
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0f":"fedcba9876543210":"9a2ab8f1b00c73d2":0
-
-BLOWFISH-SETKEY Setkey 448 bits
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fff":"fedcba9876543210":"2fb3ab7f0ee91b69":0
-
-BLOWFISH-SETKEY Setkey 456 bits
-blowfish_encrypt_ecb:"f0e1d2c3b4a5968778695a4b3c2d1e0f00112233445566778899aabbccddeeff0123456789abcdef0102030405060708090a0b0c0d0e0fffff":"fedcba9876543210":"":MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA
-
-BLOWFISH-CBC Encrypt [#1]
-blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000000000":"6b77b4d63006dee605b156e27403979358deb9e7154616d959f1652bd5ff92cc":0
-
-BLOWFISH-CBC Decrypt [#1]
-blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC":"37363534333231204e6f77206973207468652074696d6520666f722000000000":0
-
-BLOWFISH-CBC Encrypt [#2]
-blowfish_encrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F7220000000":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
-
-BLOWFISH-CBC Decrypt [#2]
-blowfish_decrypt_cbc:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"6B77B4D63006DEE605B156E27403979358DEB9E7154616D959F1652BD5FF92CC00":"":MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
-
-BLOWFISH-CFB Encrypt
-blowfish_encrypt_cfb64:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000":"e73214a2822139caf26ecf6d2eb9e76e3da3de04d1517200519d57a6c3"
-
-BLOWFISH-CFB Decrypt
-blowfish_decrypt_cfb64:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"E73214A2822139CAF26ECF6D2EB9E76E3DA3DE04D1517200519D57A6C3":"37363534333231204e6f77206973207468652074696d6520666f722000"
-
-BLOWFISH-CTR Encrypt
-blowfish_encrypt_ctr:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"37363534333231204E6F77206973207468652074696D6520666F722000":"e73214a2822139ca60254740dd8c5b8acf5e9569c4affeb944b8fc020e"
-
-BLOWFISH-CTR Decrypt
-blowfish_encrypt_ctr:"0123456789ABCDEFF0E1D2C3B4A59687":"FEDCBA9876543210":"e73214a2822139ca60254740dd8c5b8acf5e9569c4affeb944b8fc020e":"37363534333231204e6f77206973207468652074696d6520666f722000"
diff --git a/tests/suites/test_suite_blowfish.function b/tests/suites/test_suite_blowfish.function
deleted file mode 100644
index 1fa59ee..0000000
--- a/tests/suites/test_suite_blowfish.function
+++ /dev/null
@@ -1,216 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/blowfish.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_BLOWFISH_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE depends_on:NOT_DEFINED */
-void blowfish_invalid_param( )
-{
- mbedtls_blowfish_context ctx;
- unsigned char buf[16] = { 0 };
- size_t invalid_mode = 42;
- size_t off;
- ((void) off);
-
- TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
- mbedtls_blowfish_crypt_ecb( &ctx,
- invalid_mode,
- buf, buf ) );
-
-#if defined(MBEDTLS_CIPHER_MODE_CBC)
- TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
- mbedtls_blowfish_crypt_cbc( &ctx,
- invalid_mode,
- sizeof( buf ),
- buf, buf, buf ) );
-#endif /* MBEDTLS_CIPHER_MODE_CBC */
-
-#if defined(MBEDTLS_CIPHER_MODE_CFB)
- TEST_EQUAL( MBEDTLS_ERR_BLOWFISH_BAD_INPUT_DATA,
- mbedtls_blowfish_crypt_cfb64( &ctx,
- invalid_mode,
- sizeof( buf ),
- &off, buf,
- buf, buf ) );
-#endif /* MBEDTLS_CIPHER_MODE_CFB */
-
-exit:
- return;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void blowfish_encrypt_ecb( data_t * key_str, data_t * src_str,
- data_t * dst, int setkey_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
- if( setkey_result == 0 )
- {
- TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void blowfish_decrypt_ecb( data_t * key_str, data_t * src_str,
- data_t * dst, int setkey_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- TEST_ASSERT( mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 ) == setkey_result );
- if( setkey_result == 0 )
- {
- TEST_ASSERT( mbedtls_blowfish_crypt_ecb( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_encrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst,
- int cbc_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
-
- TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
- if( cbc_result == 0 )
- {
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
- src_str->len, dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void blowfish_decrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst,
- int cbc_result )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cbc( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len , iv_str->x, src_str->x, output ) == cbc_result );
- if( cbc_result == 0)
- {
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
- }
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_encrypt_cfb64( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
- size_t iv_offset = 0;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_ENCRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CFB */
-void blowfish_decrypt_cfb64( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
- size_t iv_offset = 0;
-
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_cfb64( &ctx, MBEDTLS_BLOWFISH_DECRYPT, src_str->len, &iv_offset, iv_str->x, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CTR */
-void blowfish_encrypt_ctr( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char stream_str[100];
- unsigned char output[100];
- mbedtls_blowfish_context ctx;
- size_t iv_offset = 0;
-
- memset(stream_str, 0x00, 100);
- memset(output, 0x00, 100);
- mbedtls_blowfish_init( &ctx );
-
-
- mbedtls_blowfish_setkey( &ctx, key_str->x, key_str->len * 8 );
- TEST_ASSERT( mbedtls_blowfish_crypt_ctr( &ctx, src_str->len, &iv_offset, iv_str->x, stream_str, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, src_str->len,
- dst->len ) == 0 );
-
-exit:
- mbedtls_blowfish_free( &ctx );
-}
-/* END_CASE */
diff --git a/tests/suites/test_suite_ccm.data b/tests/suites/test_suite_ccm.data
index 459683b..a14d4be 100644
--- a/tests/suites/test_suite_ccm.data
+++ b/tests/suites/test_suite_ccm.data
@@ -13,9 +13,9 @@
depends_on:MBEDTLS_AES_C
mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_AES:224:MBEDTLS_ERR_CCM_BAD_INPUT
-CCM init #4 BLOWFISH-128: bad block size
-depends_on:MBEDTLS_BLOWFISH_C
-mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:MBEDTLS_ERR_CCM_BAD_INPUT
+CCM init #4 DES: bad block size
+depends_on:MBEDTLS_DES_C
+mbedtls_ccm_setkey:MBEDTLS_CIPHER_ID_DES:128:MBEDTLS_ERR_CCM_BAD_INPUT
CCM lengths #1 all OK
ccm_lengths:5:10:5:8:0
diff --git a/tests/suites/test_suite_cipher.arc4.data b/tests/suites/test_suite_cipher.arc4.data
deleted file mode 100644
index 7a47373..0000000
--- a/tests/suites/test_suite_cipher.arc4.data
+++ /dev/null
@@ -1,107 +0,0 @@
-ARC4 Decrypt empty buffer
-depends_on:MBEDTLS_ARC4_C
-dec_empty_buf:MBEDTLS_CIPHER_ARC4_128:0:0
-
-ARC4 Encrypt and decrypt 0 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:0:-1
-
-ARC4 Encrypt and decrypt 1 byte
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:1:-1
-
-ARC4 Encrypt and decrypt 2 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:2:-1
-
-ARC4 Encrypt and decrypt 7 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:7:-1
-
-ARC4 Encrypt and decrypt 8 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:8:-1
-
-ARC4 Encrypt and decrypt 9 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:9:-1
-
-ARC4 Encrypt and decrypt 15 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:15:-1
-
-ARC4 Encrypt and decrypt 16 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:16:-1
-
-ARC4 Encrypt and decrypt 17 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:17:-1
-
-ARC4 Encrypt and decrypt 31 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:31:-1
-
-ARC4 Encrypt and decrypt 32 bytes [#1]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:32:-1
-
-ARC4 Encrypt and decrypt 32 bytes [#2]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:33:-1
-
-ARC4 Encrypt and decrypt 47 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:47:-1
-
-ARC4 Encrypt and decrypt 48 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:48:-1
-
-ARC4 Encrypt and decrypt 49 bytes
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf:MBEDTLS_CIPHER_ARC4_128:"ARC4-128":128:49:-1
-
-ARC4 Encrypt and decrypt 0 bytes in multiple parts
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:0:-1:0:0:0:0
-
-ARC4 Encrypt and decrypt 1 bytes in multiple parts 1
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:1:0:-1:1:0:1:0
-
-ARC4 Encrypt and decrypt 1 bytes in multiple parts 2
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:1:-1:0:1:0:1
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 1
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:0:-1:16:0:16:0
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 2
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:0:16:-1:0:16:0:16
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 3
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:1:15:-1:1:15:1:15
-
-ARC4 Encrypt and decrypt 16 bytes in multiple parts 4
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:1:-1:15:1:15:1
-
-ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:15:7:-1:15:7:15:7
-
-ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:6:-1:16:6:16:6
-
-ARC4 Encrypt and decrypt 22 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:17:6:-1:17:6:17:6
-
-ARC4 Encrypt and decrypt 32 bytes in multiple parts 1
-depends_on:MBEDTLS_ARC4_C
-enc_dec_buf_multipart:MBEDTLS_CIPHER_ARC4_128:128:16:16:-1:16:16:16:16
diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data
deleted file mode 100644
index a05a4e7..0000000
--- a/tests/suites/test_suite_cipher.blowfish.data
+++ /dev/null
@@ -1,607 +0,0 @@
-BLOWFISH CBC Decrypt empty buffer
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-dec_empty_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:0:0
-
-BLOWFISH Encrypt and decrypt 0 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:-1
-
-BLOWFISH Encrypt and decrypt 1 byte [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:-1
-
-BLOWFISH Encrypt and decrypt 2 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:-1
-
-BLOWFISH Encrypt and decrypt 7 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:-1
-
-BLOWFISH Encrypt and decrypt 8 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:-1
-
-BLOWFISH Encrypt and decrypt 9 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:-1
-
-BLOWFISH Encrypt and decrypt 15 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:-1
-
-BLOWFISH Encrypt and decrypt 16 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:-1
-
-BLOWFISH Encrypt and decrypt 17 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:-1
-
-BLOWFISH Encrypt and decrypt 31 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:-1
-
-BLOWFISH Encrypt and decrypt 47 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:-1
-
-BLOWFISH Encrypt and decrypt 48 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:-1
-
-BLOWFISH Encrypt and decrypt 49 bytes [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:-1
-
-BLOWFISH Encrypt and decrypt 0 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 1 byte with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 2 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 7 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 8 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 9 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 15 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 16 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 17 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 31 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with one and zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 47 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 48 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 49 bytes with one and zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ONE_AND_ZEROS
-
-BLOWFISH Encrypt and decrypt 0 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 1 byte with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 2 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 7 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 8 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 9 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 15 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 16 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 17 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 31 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros and len padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 47 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 48 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 49 bytes with zeros and len padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS_AND_LEN
-
-BLOWFISH Encrypt and decrypt 0 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 1 byte with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:1:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 2 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:2:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 7 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:7:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 8 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 9 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:9:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 15 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:15:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 16 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 17 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:17:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 31 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:31:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 32 bytes with zeros padding [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:33:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 47 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:47:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 48 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 49 bytes with zeros padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:49:MBEDTLS_PADDING_ZEROS
-
-BLOWFISH Encrypt and decrypt 0 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:0:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 8 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:8:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 16 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:16:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 32 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:32:MBEDTLS_PADDING_NONE
-
-BLOWFISH Encrypt and decrypt 48 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":128:48:MBEDTLS_PADDING_NONE
-
-BLOWFISH Try encrypting 1 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:1:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 2 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:2:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 7 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:7:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 9 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:9:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 15 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:15:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 17 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:17:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 31 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:31:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 33 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:33:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 47 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:47:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Try encrypting 49 bytes with no padding
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_fail:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_NONE:128:49:MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
-
-BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:1:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:0:-1:16:0:8:8
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:0:16:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:1:15:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:1:-1:8:8:8:8
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:15:7:-1:8:8:8:8
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:6:-1:16:0:8:8
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:17:6:-1:16:0:16:0
-
-BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#1]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CBC:128:16:16:-1:16:16:8:24
-
-BLOWFISH Encrypt and decrypt 0 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:0:-1
-
-BLOWFISH Encrypt and decrypt 1 byte [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:1:-1
-
-BLOWFISH Encrypt and decrypt 2 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:2:-1
-
-BLOWFISH Encrypt and decrypt 7 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:7:-1
-
-BLOWFISH Encrypt and decrypt 8 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:8:-1
-
-BLOWFISH Encrypt and decrypt 9 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:9:-1
-
-BLOWFISH Encrypt and decrypt 15 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:15:-1
-
-BLOWFISH Encrypt and decrypt 16 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:16:-1
-
-BLOWFISH Encrypt and decrypt 17 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:17:-1
-
-BLOWFISH Encrypt and decrypt 31 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:31:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:32:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#4]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:33:-1
-
-BLOWFISH Encrypt and decrypt 47 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:47:-1
-
-BLOWFISH Encrypt and decrypt 48 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:48:-1
-
-BLOWFISH Encrypt and decrypt 49 bytes [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":128:49:-1
-
-BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:0:-1:1:0:1:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:1:-1:0:1:0:1
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:0:-1:16:0:16:0
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:0:16:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:1:15:-1:1:15:1:15
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:1:-1:15:1:15:1
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#4]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:15:7:-1:15:7:15:7
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#5]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:6:-1:16:6:16:6
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#6]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:17:6:-1:17:6:17:6
-
-BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#2]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CFB64:128:16:16:-1:16:16:16:16
-
-BLOWFISH Encrypt and decrypt 0 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:0:-1
-
-BLOWFISH Encrypt and decrypt 1 byte [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:1:-1
-
-BLOWFISH Encrypt and decrypt 2 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:2:-1
-
-BLOWFISH Encrypt and decrypt 7 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:7:-1
-
-BLOWFISH Encrypt and decrypt 8 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:8:-1
-
-BLOWFISH Encrypt and decrypt 9 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:9:-1
-
-BLOWFISH Encrypt and decrypt 15 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:15:-1
-
-BLOWFISH Encrypt and decrypt 16 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:16:-1
-
-BLOWFISH Encrypt and decrypt 17 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:17:-1
-
-BLOWFISH Encrypt and decrypt 31 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:31:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#5]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:32:-1
-
-BLOWFISH Encrypt and decrypt 32 bytes [#6]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:33:-1
-
-BLOWFISH Encrypt and decrypt 47 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:47:-1
-
-BLOWFISH Encrypt and decrypt 48 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:48:-1
-
-BLOWFISH Encrypt and decrypt 49 bytes [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":128:49:-1
-
-BLOWFISH Encrypt and decrypt 0 bytes in multiple parts [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:0:-1:0:0:0:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:0:-1:1:0:1:0
-
-BLOWFISH Encrypt and decrypt 1 bytes in multiple parts 2 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:1:-1:0:1:0:1
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:0:-1:16:0:16:0
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 2 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:0:16:-1:0:16:0:16
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 3 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:1:15:-1:1:15:1:15
-
-BLOWFISH Encrypt and decrypt 16 bytes in multiple parts 4 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:1:-1:15:1:15:1
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#7]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:15:7:-1:15:7:15:7
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#8]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:6:-1:16:6:16:6
-
-BLOWFISH Encrypt and decrypt 22 bytes in multiple parts 1 [#9]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:17:6:-1:17:6:17:6
-
-BLOWFISH Encrypt and decrypt 32 bytes in multiple parts 1 [#3]
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf_multipart:MBEDTLS_CIPHER_BLOWFISH_CTR:128:16:16:-1:16:16:16:16
-
-BLOWFISH CBC Encrypt and decrypt 7 bytes, 192-bits key
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CBC:"BLOWFISH-CBC":192:7:-1
-
-BLOWFISH CTR Encrypt and decrypt 7 bytes, 192-bits key
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CTR:"BLOWFISH-CTR":192:7:-1
-
-BLOWFISH CFB64 Encrypt and decrypt 7 bytes, 192-bits key
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-enc_dec_buf:MBEDTLS_CIPHER_BLOWFISH_CFB64:"BLOWFISH-CFB64":192:7:-1
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #1
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"00000000000000000000000000000000":"0000000000000000":"4ef997456198dd78":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #2
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"ffffffffffffffffffffffffffffffff":"ffffffffffffffff":"51866fd5b85ecb8a":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #3
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #3, 64-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH ECB Encrypt test vector (SSLeay) #3, 192-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_ENCRYPT:"fedcba9876543210fedcba9876543210fedcba9876543210":"0123456789abcdef":"0aceab0fc6a0a28d":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #1
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"00000000000000000000000000000000":"4ef997456198dd78":"0000000000000000":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #2
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"ffffffffffffffffffffffffffffffff":"51866fd5b85ecb8a":"ffffffffffffffff":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #3
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #3, 64-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
-
-BLOWFISH ECB Decrypt test vector (SSLeay) #3, 192-bit key
-depends_on:MBEDTLS_BLOWFISH_C
-test_vec_ecb:MBEDTLS_CIPHER_BLOWFISH_ECB:MBEDTLS_DECRYPT:"3849674c2602319e3849674c2602319e3849674c2602319e":"a25e7856cf2651eb":"51454b582ddf440a":0
diff --git a/tests/suites/test_suite_cipher.padding.data b/tests/suites/test_suite_cipher.padding.data
index dc4c9d7..0370fb3 100644
--- a/tests/suites/test_suite_cipher.padding.data
+++ b/tests/suites/test_suite_cipher.padding.data
@@ -29,18 +29,6 @@
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
set_padding:MBEDTLS_CIPHER_DES_CBC:MBEDTLS_PADDING_PKCS7:0
-Set padding with BLOWFISH-CBC
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CIPHER_PADDING_PKCS7
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_PADDING_PKCS7:0
-
-Set padding with BLOWFISH-CFB
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CFB
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CFB64:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-
-Set padding with BLOWFISH-CTR
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CTR
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CTR:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-
Set padding with NULL
depends_on:MBEDTLS_CIPHER_NULL_CIPHER
set_padding:MBEDTLS_CIPHER_NULL:MBEDTLS_PADDING_PKCS7:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
@@ -57,10 +45,6 @@
depends_on:MBEDTLS_DES_C:MBEDTLS_CIPHER_MODE_CBC
set_padding:MBEDTLS_CIPHER_DES_CBC:-1:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
-Set non-existent padding with BLOWFISH-CBC
-depends_on:MBEDTLS_BLOWFISH_C:MBEDTLS_CIPHER_MODE_CBC
-set_padding:MBEDTLS_CIPHER_BLOWFISH_CBC:-1:MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
-
Check PKCS padding #1 (correct)
depends_on:MBEDTLS_CIPHER_PADDING_PKCS7
check_padding:MBEDTLS_PADDING_PKCS7:"DABBAD0004040404":0:4
diff --git a/tests/suites/test_suite_ctr_drbg.function b/tests/suites/test_suite_ctr_drbg.function
index c3ffe3b..a46f21c 100644
--- a/tests/suites/test_suite_ctr_drbg.function
+++ b/tests/suites/test_suite_ctr_drbg.function
@@ -288,7 +288,7 @@
/* Call update with too much data (sizeof entropy > MAX(_SEED)_INPUT).
* Make sure it's detected as an error and doesn't cause memory
* corruption. */
- TEST_ASSERT( mbedtls_ctr_drbg_update_ret(
+ TEST_ASSERT( mbedtls_ctr_drbg_update(
&ctx, entropy, sizeof( entropy ) ) != 0 );
/* Now enable PR, so the next few calls should all reseed */
diff --git a/tests/suites/test_suite_debug.data b/tests/suites/test_suite_debug.data
index 0935c12..4a1a1be 100644
--- a/tests/suites/test_suite_debug.data
+++ b/tests/suites/test_suite_debug.data
@@ -37,6 +37,27 @@
Debug print buffer #5
mbedtls_debug_print_buf:"MyFile":999:"Test return value":"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30":"MyFile(0999)\: dumping 'Test return value' (49 bytes)\nMyFile(0999)\: 0000\: 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f ................\nMyFile(0999)\: 0010\: 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f ................\nMyFile(0999)\: 0020\: 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f !"#$%&'()*+,-./\nMyFile(0999)\: 0030\: 30 0\n"
+Debug print mbedtls_mpi: 0 (empty representation)
+mbedtls_debug_print_mpi:16:"":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
+
+Debug print mbedtls_mpi: 0 (non-empty representation)
+mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
+
+Debug print mbedtls_mpi #2: 3 bits
+mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n"
+
+Debug print mbedtls_mpi: 49 bits
+mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n"
+
+Debug print mbedtls_mpi: 759 bits
+mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #1
+mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
+Debug print mbedtls_mpi: 764 bits #2
+mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
+
Debug print certificate #1 (RSA)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_RSA_C:MBEDTLS_SHA1_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_debug_print_crt:"data_files/server1.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: 01\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:06\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:06\nMyFile(0999)\: signed using \: RSA with SHA1\nMyFile(0999)\: RSA key size \: 2048 bits\nMyFile(0999)\: basic constraints \: CA=false\nMyFile(0999)\: value of 'crt->rsa.N' (2048 bits) is\:\nMyFile(0999)\: a9 02 1f 3d 40 6a d5 55 53 8b fd 36 ee 82 65 2e\nMyFile(0999)\: 15 61 5e 89 bf b8 e8 45 90 db ee 88 16 52 d3 f1\nMyFile(0999)\: 43 50 47 96 12 59 64 87 6b fd 2b e0 46 f9 73 be\nMyFile(0999)\: dd cf 92 e1 91 5b ed 66 a0 6f 89 29 79 45 80 d0\nMyFile(0999)\: 83 6a d5 41 43 77 5f 39 7c 09 04 47 82 b0 57 39\nMyFile(0999)\: 70 ed a3 ec 15 19 1e a8 33 08 47 c1 05 42 a9 fd\nMyFile(0999)\: 4c c3 b4 df dd 06 1f 4d 10 51 40 67 73 13 0f 40\nMyFile(0999)\: f8 6d 81 25 5f 0a b1 53 c6 30 7e 15 39 ac f9 5a\nMyFile(0999)\: ee 7f 92 9e a6 05 5b e7 13 97 85 b5 23 92 d9 d4\nMyFile(0999)\: 24 06 d5 09 25 89 75 07 dd a6 1a 8f 3f 09 19 be\nMyFile(0999)\: ad 65 2c 64 eb 95 9b dc fe 41 5e 17 a6 da 6c 5b\nMyFile(0999)\: 69 cc 02 ba 14 2c 16 24 9c 4a dc cd d0 f7 52 67\nMyFile(0999)\: 73 f1 2d a0 23 fd 7e f4 31 ca 2d 70 ca 89 0b 04\nMyFile(0999)\: db 2e a6 4f 70 6e 9e ce bd 58 89 e2 53 59 9e 6e\nMyFile(0999)\: 5a 92 65 e2 88 3f 0c 94 19 a3 dd e5 e8 9d 95 13\nMyFile(0999)\: ed 29 db ab 70 12 dc 5a ca 6b 17 ab 52 82 54 b1\nMyFile(0999)\: value of 'crt->rsa.E' (17 bits) is\:\nMyFile(0999)\: 01 00 01\n"
@@ -44,21 +65,3 @@
Debug print certificate #2 (EC)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_BASE64_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SHA256_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_debug_print_crt:"data_files/test-ca2.crt":"MyFile":999:"PREFIX_":"MyFile(0999)\: PREFIX_ #1\:\nMyFile(0999)\: cert. version \: 3\nMyFile(0999)\: serial number \: C1\:43\:E2\:7E\:62\:43\:CC\:E8\nMyFile(0999)\: issuer name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: subject name \: C=NL, O=PolarSSL, CN=Polarssl Test EC CA\nMyFile(0999)\: issued on \: 2019-02-10 14\:44\:00\nMyFile(0999)\: expires on \: 2029-02-10 14\:44\:00\nMyFile(0999)\: signed using \: ECDSA with SHA256\nMyFile(0999)\: EC key size \: 384 bits\nMyFile(0999)\: basic constraints \: CA=true\nMyFile(0999)\: value of 'crt->eckey.Q(X)' (384 bits) is\:\nMyFile(0999)\: c3 da 2b 34 41 37 58 2f 87 56 fe fc 89 ba 29 43\nMyFile(0999)\: 4b 4e e0 6e c3 0e 57 53 33 39 58 d4 52 b4 91 95\nMyFile(0999)\: 39 0b 23 df 5f 17 24 62 48 fc 1a 95 29 ce 2c 2d\nMyFile(0999)\: value of 'crt->eckey.Q(Y)' (384 bits) is\:\nMyFile(0999)\: 87 c2 88 52 80 af d6 6a ab 21 dd b8 d3 1c 6e 58\nMyFile(0999)\: b8 ca e8 b2 69 8e f3 41 ad 29 c3 b4 5f 75 a7 47\nMyFile(0999)\: 6f d5 19 29 55 69 9a 53 3b 20 b4 66 16 60 33 1e\n"
-
-Debug print mbedtls_mpi #1
-mbedtls_debug_print_mpi:16:"01020304050607":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (49 bits) is\:\nMyFile(0999)\: 01 02 03 04 05 06 07\n"
-
-Debug print mbedtls_mpi #2
-mbedtls_debug_print_mpi:16:"00000000000007":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (3 bits) is\:\nMyFile(0999)\: 07\n"
-
-Debug print mbedtls_mpi #3
-mbedtls_debug_print_mpi:16:"00000000000000":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (0 bits) is\:\nMyFile(0999)\: 00\n"
-
-Debug print mbedtls_mpi #4
-mbedtls_debug_print_mpi:16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #5
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (764 bits) is\:\nMyFile(0999)\: 09 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a\nMyFile(0999)\: 14 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90\nMyFile(0999)\: ff e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c\nMyFile(0999)\: 09 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89\nMyFile(0999)\: af 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b\nMyFile(0999)\: 52 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
-
-Debug print mbedtls_mpi #6
-mbedtls_debug_print_mpi:16:"0000000000000000000000000000000000000000000000000000000041379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":"MyFile":999:"VALUE":"MyFile(0999)\: value of 'VALUE' (759 bits) is\:\nMyFile(0999)\: 41 37 9d 00 fe d1 49 1f e1 5d f2 84 df de 4a 14\nMyFile(0999)\: 2f 68 aa 8d 41 20 23 19 5c ee 66 88 3e 62 90 ff\nMyFile(0999)\: e7 03 f4 ea 59 63 bf 21 27 13 ce e4 6b 10 7c 09\nMyFile(0999)\: 18 2b 5e dc d9 55 ad ac 41 8b f4 91 8e 28 89 af\nMyFile(0999)\: 48 e1 09 9d 51 38 30 ce c8 5c 26 ac 1e 15 8b 52\nMyFile(0999)\: 62 0e 33 ba 86 92 f8 93 ef bb 2f 95 8b 44 24\n"
diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function
index ad50e53..197a7ef 100644
--- a/tests/suites/test_suite_debug.function
+++ b/tests/suites/test_suite_debug.function
@@ -179,7 +179,7 @@
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &val, radix, value ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &val, radix, value ) == 0 );
mbedtls_ssl_conf_dbg( &conf, string_debug, &buffer);
diff --git a/tests/suites/test_suite_dhm.data b/tests/suites/test_suite_dhm.data
index e5fb428..f18db2e 100644
--- a/tests/suites/test_suite_dhm.data
+++ b/tests/suites/test_suite_dhm.data
@@ -70,18 +70,36 @@
Diffie-Hellman full exchange: 286-bit
dhm_do_dhm:10:"93450983094850938450983409623982317398171298719873918739182739712938719287391879381271":36:10:"9345098309485093845098340962223981329819812792137312973297123912791271":0
-Diffie-Hellman trivial subgroup #1
-dhm_do_dhm:10:"23":1:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
-Diffie-Hellman trivial subgroup #2
-dhm_do_dhm:10:"23":1:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
-
Diffie-Hellman small modulus
dhm_do_dhm:10:"3":1:10:"5":MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED+MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Diffie-Hellman zero modulus
dhm_do_dhm:10:"0":1:10:"5":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+Diffie-Hellman with G=0
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"0":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=-1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"-1":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P-2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409621":0
+
+Diffie-Hellman with G=P
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409623":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+1
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409624":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
+
+Diffie-Hellman with G=P+2
+dhm_do_dhm:10:"93450983094850938450983409623":13:10:"93450983094850938450983409625":0
+
Diffie-Hellman: x_size < 0
dhm_do_dhm:10:"93450983094850938450983409623":-1:10:"9345098304850938450983409622":MBEDTLS_ERR_DHM_BAD_INPUT_DATA
diff --git a/tests/suites/test_suite_dhm.function b/tests/suites/test_suite_dhm.function
index 62e634a..bc43016 100644
--- a/tests/suites/test_suite_dhm.function
+++ b/tests/suites/test_suite_dhm.function
@@ -116,8 +116,8 @@
/*
* Set params
*/
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx_srv.G, radix_G, input_G ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx_srv.G, radix_G, input_G ) == 0 );
pub_cli_len = mbedtls_mpi_size( &ctx_srv.P );
TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_P, &ctx_srv.P ) );
TEST_ASSERT( check_get_value( &ctx_srv, MBEDTLS_DHM_PARAM_G, &ctx_srv.G ) );
@@ -150,7 +150,10 @@
&sec_srv_len,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
- TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ),
+ &sec_cli_len,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( sec_srv_len == sec_cli_len );
TEST_ASSERT( sec_srv_len != 0 );
@@ -206,7 +209,10 @@
&sec_srv_len,
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
- TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ), &sec_cli_len, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_dhm_calc_secret( &ctx_cli, sec_cli, sizeof( sec_cli ),
+ &sec_cli_len,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( sec_srv_len == sec_cli_len );
TEST_ASSERT( sec_srv_len != 0 );
@@ -233,7 +239,7 @@
TEST_ASSERT( mbedtls_mpi_shift_l( &P, ( P_bytes * 8 ) - 1 ) == 0 );
TEST_ASSERT( mbedtls_mpi_set_bit( &P, 0, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &G, radix_G, input_G ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &G, radix_G, input_G ) == 0 );
TEST_ASSERT( mbedtls_dhm_set_group( &ctx, &P, &G ) == 0 );
TEST_ASSERT( mbedtls_dhm_make_public( &ctx, (int) mbedtls_mpi_size( &P ),
@@ -257,8 +263,8 @@
mbedtls_dhm_init( &ctx );
mbedtls_mpi_init( &P ); mbedtls_mpi_init( &G );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, 16, p ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &G, 16, g ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, 16, p ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &G, 16, g ) == 0 );
TEST_ASSERT( mbedtls_dhm_parse_dhmfile( &ctx, filename ) == 0 );
diff --git a/tests/suites/test_suite_ecdh.function b/tests/suites/test_suite_ecdh.function
index 6e8459d..6893bcf 100644
--- a/tests/suites/test_suite_ecdh.function
+++ b/tests/suites/test_suite_ecdh.function
@@ -85,7 +85,8 @@
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB,
- NULL, NULL ) == 0 );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &zB ) == 0 );
@@ -106,11 +107,13 @@
mbedtls_ecp_point qA, qB;
mbedtls_mpi dA, dB, zA, zB, check;
mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
+ mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &qA ); mbedtls_ecp_point_init( &qB );
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &dB );
mbedtls_mpi_init( &zA ); mbedtls_mpi_init( &zB ); mbedtls_mpi_init( &check );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
@@ -154,24 +157,28 @@
mbedtls_test_rnd_buffer_rand,
&rnd_info_A ) == 0 );
TEST_ASSERT( ! mbedtls_ecp_is_zero( &qA ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xA_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.X, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yA_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qA.Y, &check ) == 0 );
TEST_ASSERT( mbedtls_ecdh_gen_public( &grp, &dB, &qB,
mbedtls_test_rnd_buffer_rand,
&rnd_info_B ) == 0 );
TEST_ASSERT( ! mbedtls_ecp_is_zero( &qB ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, xB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, xB_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.X, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, yB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, yB_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &qB.Y, &check ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &check, 16, z_str ) == 0 );
- TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &check, 16, z_str ) == 0 );
+ TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zA, &qB, &dA,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zA, &check ) == 0 );
- TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecdh_compute_shared( &grp, &zB, &qA, &dB,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &zB, &check ) == 0 );
exit:
@@ -215,7 +222,8 @@
&mbedtls_test_rnd_pseudo_rand,
&rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecdh_calc_secret( &cli, &res_len, res_buf, 1000,
- NULL, NULL ) == 0 );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info ) == 0 );
TEST_ASSERT( len == res_len );
TEST_ASSERT( memcmp( buf, res_buf, len ) == 0 );
@@ -235,12 +243,14 @@
const unsigned char *vbuf;
size_t len;
mbedtls_test_rnd_buf_info rnd_info_A, rnd_info_B;
+ mbedtls_test_rnd_pseudo_info rnd_info;
int cnt_restart;
mbedtls_ecp_group grp;
mbedtls_ecp_group_init( &grp );
mbedtls_ecdh_init( &srv );
mbedtls_ecdh_init( &cli );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
rnd_info_A.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info_A.fallback_p_rng = NULL;
@@ -315,7 +325,8 @@
cnt_restart = 0;
do {
ret = mbedtls_ecdh_calc_secret( &srv, &len, buf, sizeof( buf ),
- NULL, NULL );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
@@ -332,7 +343,8 @@
cnt_restart = 0;
do {
ret = mbedtls_ecdh_calc_secret( &cli, &len, buf, sizeof( buf ),
- NULL, NULL );
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart );
TEST_ASSERT( ret == 0 );
diff --git a/tests/suites/test_suite_ecdsa.function b/tests/suites/test_suite_ecdsa.function
index 354f178..8803762 100644
--- a/tests/suites/test_suite_ecdsa.function
+++ b/tests/suites/test_suite_ecdsa.function
@@ -92,9 +92,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &Q, 16, xQ_str, yQ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 );
rnd_info.fallback_f_rng = mbedtls_test_rnd_std_rand;
rnd_info.fallback_p_rng = NULL;
rnd_info.buf = rnd_buf->x;
@@ -157,9 +157,9 @@
memset( hash, 0, sizeof( hash ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, d_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &r_check, 16, r_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &s_check, 16, s_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &r_check, 16, r_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &s_check, 16, s_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
@@ -388,7 +388,7 @@
memset( sig, 0, sizeof( sig ) );
TEST_ASSERT( mbedtls_ecp_group_load( &ctx.grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.d, 16, d_str ) == 0 );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index f2b6376..2afc355 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -82,9 +82,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, grp_id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &P ) == ret );
@@ -124,22 +124,24 @@
mbedtls_mpi dA, xA, yA, dB, xZ, yZ;
int cnt_restarts;
int ret;
+ mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_ecp_restart_init( &ctx );
mbedtls_ecp_group_init( &grp );
mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
mbedtls_mpi_init( &dA ); mbedtls_mpi_init( &xA ); mbedtls_mpi_init( &yA );
mbedtls_mpi_init( &dB ); mbedtls_mpi_init( &xZ ); mbedtls_mpi_init( &yZ );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 );
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
@@ -147,7 +149,8 @@
cnt_restarts = 0;
do {
ECP_PT_RESET( &R );
- ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G, NULL, NULL, &ctx );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dA, &grp.G,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
TEST_ASSERT( ret == 0 );
@@ -162,7 +165,8 @@
cnt_restarts = 0;
do {
ECP_PT_RESET( &R );
- ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx );
} while( ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restarts );
TEST_ASSERT( ret == 0 );
@@ -176,7 +180,8 @@
* This test only makes sense when we actually restart */
if( min_restarts > 0 )
{
- ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P, NULL, NULL, &ctx );
+ ret = mbedtls_ecp_mul_restartable( &grp, &R, &dB, &P,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info, &ctx );
TEST_ASSERT( ret == MBEDTLS_ERR_ECP_IN_PROGRESS );
}
@@ -217,13 +222,13 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &u1, 16, u1_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &u2, 16, u2_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xR, 16, xR_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yR, 16, yR_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &u1, 16, u1_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &u2, 16, u2_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xR, 16, xR_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yR, 16, yR_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q.X, 16, xQ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q.Y, 16, yQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q.X, 16, xQ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q.Y, 16, yQ_str ) == 0 );
TEST_ASSERT( mbedtls_mpi_lset( &Q.Z, 1 ) == 0 );
mbedtls_ecp_set_max_ops( (unsigned) max_ops );
@@ -280,26 +285,28 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yA, 16, yA_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yB, 16, yB_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xZ, 16, xZ_str ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &yZ, 16, yZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yA, 16, yA_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yB, 16, yB_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xZ, 16, xZ_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &yZ, 16, yZ_str ) == 0 );
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
&mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xA ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yA ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &R,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xZ ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yZ ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.Y, &yB ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
@@ -335,11 +342,11 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &grp.G ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dA, 16, dA_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &dB, 16, dB_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xA, 16, xA_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xB, 16, xB_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &xS, 16, xS_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dA, 16, dA_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dB, 16, dB_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xA, 16, xA_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xB, 16, xB_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &xS, 16, xS_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &grp.G,
&mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
@@ -351,11 +358,13 @@
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dB, &grp.G,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xB ) == 0 );
- TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R, NULL, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_ecp_mul( &grp, &R, &dA, &R,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_pubkey( &grp, &R ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R.X, &xS ) == 0 );
@@ -499,7 +508,7 @@
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &R );
mbedtls_ecp_group_init( &grp );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, 16, N_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, 16, N_str ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
TEST_ASSERT( grp.modp != NULL );
@@ -538,9 +547,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &P.Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P.Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_write_binary( &grp, &P, format,
&olen, buf, blen ) == ret );
@@ -570,9 +579,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_binary( &grp, &P, buf->x, buf->len ) == ret );
@@ -614,9 +623,9 @@
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Z, 16, z ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, x ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Z, 16, z ) == 0 );
TEST_ASSERT( mbedtls_ecp_tls_read_point( &grp, &P, &vbuf, buf->len ) == ret );
@@ -751,7 +760,7 @@
mbedtls_mpi_init( &d );
TEST_ASSERT( mbedtls_ecp_group_load( &grp, id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &d, 16, key_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &d, 16, key_hex ) == 0 );
TEST_ASSERT( mbedtls_ecp_check_privkey( &grp, &d ) == ret );
@@ -767,9 +776,11 @@
int ret )
{
mbedtls_ecp_keypair pub, prv;
+ mbedtls_test_rnd_pseudo_info rnd_info;
mbedtls_ecp_keypair_init( &pub );
mbedtls_ecp_keypair_init( &prv );
+ memset( &rnd_info, 0x00, sizeof( mbedtls_test_rnd_pseudo_info ) );
if( id_pub != MBEDTLS_ECP_DP_NONE )
TEST_ASSERT( mbedtls_ecp_group_load( &pub.grp, id_pub ) == 0 );
@@ -778,9 +789,10 @@
if( id != MBEDTLS_ECP_DP_NONE )
TEST_ASSERT( mbedtls_ecp_group_load( &prv.grp, id ) == 0 );
TEST_ASSERT( mbedtls_ecp_point_read_string( &prv.Q, 16, Qx, Qy ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.d, 16, d ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.d, 16, d ) == 0 );
- TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv ) == ret );
+ TEST_ASSERT( mbedtls_ecp_check_pub_priv( &pub, &prv,
+ &mbedtls_test_rnd_pseudo_rand, &rnd_info ) == ret );
exit:
mbedtls_ecp_keypair_free( &pub );
diff --git a/tests/suites/test_suite_gcm.aes128_de.data b/tests/suites/test_suite_gcm.aes128_de.data
index c865b0c..3df31e5 100644
--- a/tests/suites/test_suite_gcm.aes128_de.data
+++ b/tests/suites/test_suite_gcm.aes128_de.data
@@ -670,6 +670,58 @@
depends_on:MBEDTLS_AES_C
gcm_decrypt_and_verify:MBEDTLS_CIPHER_ID_AES:"659b9e729d12f68b73fdc2f7260ab114":"fd0732a38224c3f16f58de3a7f333da2ecdb6eec92b469544a891966dd4f8fb64a711a793f1ef6a90e49765eacaccdd8cc438c2b57c51902d27a82ee4f24925a864a9513a74e734ddbf77204a99a3c0060fcfbaccae48fe509bc95c3d6e1b1592889c489801265715e6e4355a45357ce467c1caa2f1c3071bd3a9168a7d223e3":"459df18e2dfbd66d6ad04978432a6d97":"ee0b0b52a729c45b899cc924f46eb1908e55aaaeeaa0c4cdaacf57948a7993a6debd7b6cd7aa426dc3b3b6f56522ba3d5700a820b1697b8170bad9ca7caf1050f13d54fb1ddeb111086cb650e1c5f4a14b6a927205a83bf49f357576fd0f884a83b068154352076a6e36a5369436d2c8351f3e6bfec65b4816e3eb3f144ed7f9":32:"8e5a6a79":"FAIL":"":0
+AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":0
+
+AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":1
+
+AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 128 bytes, ciphertext updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"63c3f81500746eaf383fe3975d84f849":"0799d4152fd73c1604b4610cf7171fe1":"cb8248e5f904cc9ccccf6f273fe621eee1b4d7ed98480f9e806a48b84e2d6a733772ecf8fb7fe91805715cddab2b462b89f6e6c7cf873f65031f13c357d5f57b00b7c391c39e78ad1ed94be236ca0ae316bce11bc33c5d701fdfc58abbe918b9c42f7b3d6e89d46f9784b388a6e6daf47730b9fa665d755a17e89932fa669c44":"c53d01e53ee4a6ea106ea4a66538265e":2
+
+AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":0
+
+AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":1
+
+AES-GCM NIST CAVS 14.0 - empty ciphertext, AD length: 90 bytes, ciphertext updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_cipher:MBEDTLS_CIPHER_ID_AES:"42c6e06f7f07c793864f6033f9022a41":"bd1258f14570dc663f81c31916bcb45490a7df15c95d827fd9e36aaf12f8fc51b8c0bc823faf1cccf9e6d6d3b132e874993325a1a2b1b61f9dacbb4a458de8d25dbf0ba4282d64a06686ddd0f099300b98e91362ffbeb44ebd22ad3c92ee06b230e234f85363642f57d0154aee09ff08d0e560b5728a5db8a18b26438177c45f":"ef675d5e33198af58e72d7f379dd35bd7234aa7a52ae28531ee2e77d6bf30f05c507b8cc72361f11e70017b30c0e374dd283d29c324c67d43d92868485b0ac2cc4e0dfef362df74c927f935d630611fa26c5be9bea49291d3875":"6640b62190bb4a11d4c7b37039bba6fb":2
+
+AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":0
+
+AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":1
+
+AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 128 bytes, AD updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"c58583f6479d9bc9f1bffddefee66e59":"cee448b48d3506ff3ecc227a87987846":"564a9f700cbc1f895e4f4fa6426f73b4956896a15e6127e7560d74e3fd0b980d2ee45b7a6a3884fa613d91d13921e3f90967d7132bdafcd146dd8ff7147ed1964c2bdb3e12f4133d3dbbc3bf030ff37b1d2147c493ce885068d9ba5bebae24903aaac004aa0ab73fe789e4150e75ddc2bde2700db02e6398d53e88ac652964ac":"361fc2896d7ee986ecef7cbe665bc60c":"9cce7db3fc087d8cb384f6b1a81f03b3fafa2e3281e9f0fcf08a8283929f32439bb0d302516f0ab65b79181fc223a42345bad6e46ff8bcb55add90207f74481227f71a6230a3e13739ef2d015f5003638234b01e58537b7cfab5a8edac19721f41d46948987d1bb1b1d9485a672647bb3b5cb246a1d753a0d107bff036ac7d95":2
+
+AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":0
+
+AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":1
+
+AES-GCM NIST CAVS 14.0 - empty AD, ciphertext length: 51 bytes, AD updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_empty_ad:MBEDTLS_CIPHER_ID_AES:"24168b48b45759c8d4f9b061f0cbc16a":"b8e5ede75254cc4542191c7e7b0319ad81651451b639caf81c81c98301a4a0af70e291a4e35b448917be1e400fc64a22edf32913162558c2591ee3e80f397d73dfbc68b82da49bda9bcbb6aaf26919e21c1773cf51f6c5b71784f47978cc0d593b4be0259ab22b0b48de733a884c50a8c148c495973a8f5f84f2e93755666bf5":"be19c7e3d3e63f73d833c967d8d62f388ab9617a2adebe5abd99b5ec64599c46bc28bc62770e08995b0bbf27089e3e17b80424":"4aec633d4daed9ce76d697c11f66f34e":"cb7f10bda7da8a2569ed1f3b667127a1e0fb197283aa16ab8cddd43186bd126b118e671cab3e325877fe0e79f1863f89122c8f":2
+
+AES-GCM NIST - empty AD, empty ciphertext
+depends_on:MBEDTLS_AES_C
+gcm_decrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"cf063a34d4a9a76c2c86787d3f96db71":"113b9785971864c83b01c787":"72ac8493e3a5228b5d130a69d2510e42"
+
AES-GCM Bad IV (AES-128,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_DECRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
diff --git a/tests/suites/test_suite_gcm.aes128_en.data b/tests/suites/test_suite_gcm.aes128_en.data
index b1dae75..d60c458 100644
--- a/tests/suites/test_suite_gcm.aes128_en.data
+++ b/tests/suites/test_suite_gcm.aes128_en.data
@@ -670,6 +670,58 @@
depends_on:MBEDTLS_AES_C
gcm_encrypt_and_tag:MBEDTLS_CIPHER_ID_AES:"fe481476fce76efcfc78ed144b0756f1":"246e1f2babab8da98b17cc928bd49504d7d87ea2cc174f9ffb7dbafe5969ff824a0bcb52f35441d22f3edcd10fab0ec04c0bde5abd3624ca25cbb4541b5d62a3deb52c00b75d68aaf0504d51f95b8dcbebdd8433f4966c584ac7f8c19407ca927a79fa4ead2688c4a7baafb4c31ef83c05e8848ec2b4f657aab84c109c91c277":"1a2c18c6bf13b3b2785610c71ccd98ca":"b0ab3cb5256575774b8242b89badfbe0dfdfd04f5dd75a8e5f218b28d3f6bc085a013defa5f5b15dfb46132db58ed7a9ddb812d28ee2f962796ad988561a381c02d1cf37dca5fd33e081d61cc7b3ab0b477947524a4ca4cb48c36f48b302c440be6f5777518a60585a8a16cea510dbfc5580b0daac49a2b1242ff55e91a8eae8":"5587620bbb77f70afdf3cdb7ae390edd0473286d86d3f862ad70902d90ff1d315947c959f016257a8fe1f52cc22a54f21de8cb60b74808ac7b22ea7a15945371e18b77c9571aad631aa080c60c1e472019fa85625fc80ed32a51d05e397a8987c8fece197a566689d24d05361b6f3a75616c89db6123bf5902960b21a18bc03a":32:"bd4265a8":0
+AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":0
+
+AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":1
+
+AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 128 bytes, ciphertext updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"e28c435211743a7872e4a0bd7602336a":"2ddbee94fcbfacea080ded468f67180c":"63190ef542656cc2b69a9b0daf8dbd2d38cd75f17b92d6d891c17b0337ad4fe4539d9154722fa430782a1d79620e974661918166e39c453c5a98759a13d2766138c7750e6cbdc7b6d7cbe44f3f4de7bb562d9bce6e6e2e815444842b89ba8b73454218c483e574ca886a84e8c9aa6f56dd1541a7e35a4a5b8f6a05ad5bb013e9":"2ce6d74cda466354a736636bf18acfc0":2
+
+AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":0
+
+AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":1
+
+AES-GCM NIST CAVS 14.0 - empty plaintext, AD length: 90 bytes, ciphertext updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_cipher:MBEDTLS_CIPHER_ID_AES:"20b5b6b854e187b058a84d57bc1538b6":"94c1935afc061cbf254b936f":"ca418e71dbf810038174eaa3719b3fcb80531c7110ad9192d105eeaafa15b819ac005668752b344ed1b22faf77048baf03dbddb3b47d6b00e95c4f005e0cc9b7627ccafd3f21b3312aa8d91d3fa0893fe5bff7d44ca46f23afe0":"b37286ebaf4a54e0ffc2a1deafc9f6db":2
+
+AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":0
+
+AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":1
+
+AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 128 bytes, AD updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"ce0f8cfe9d64c4f4c045d11b97c2d918":"ad4c3627a494fc628316dc03faf81db8":"dfff250d380f363880963b42d6913c1ba11e8edf7c4ab8b76d79ccbaac628f548ee542f48728a9a2620a0d69339c8291e8d398440d740e310908cdee7c273cc91275ce7271ba12f69237998b07b789b3993aaac8dc4ec1914432a30f5172f79ea0539bd1f70b36d437e5170bc63039a5280816c05e1e41760b58e35696cebd55":"0de73d9702d9357c9e8619b7944e40732ac2f4dd3f1b42d8d7f36acb1f1497990d0ec3d626082cdb1384ec72a4c1d98955ba2a3aae6d81b24e9ce533eb5ede7210ae4a06d43f750138b8914d754d43bce416fee799cc4dd03949acedc34def7d6bde6ba41a4cf03d209689a3ad181f1b6dcf76ca25c87eb1c7459cc9f95ddc57":"5f6a3620e59fe8977286f502d0da7517":2
+
+AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 0
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":0
+
+AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 1
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":1
+
+AES-GCM NIST CAVS 14.0 - empty AD, plaintext length: 51 bytes, AD updates: 2
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_tag_empty_ad:MBEDTLS_CIPHER_ID_AES:"594157ec4693202b030f33798b07176d":"49b12054082660803a1df3df":"3feef98a976a1bd634f364ac428bb59cd51fb159ec1789946918dbd50ea6c9d594a3a31a5269b0da6936c29d063a5fa2cc8a1c":"c1b7a46a335f23d65b8db4008a49796906e225474f4fe7d39e55bf2efd97fd82d4167de082ae30fa01e465a601235d8d68bc69":"ba92d3661ce8b04687e8788d55417dc2":2
+
+AES-GCM NIST - empty AD, empty plaintext
+depends_on:MBEDTLS_AES_C
+gcm_encrypt_and_verify_no_ad_no_cipher:MBEDTLS_CIPHER_ID_AES:"11754cd72aec309bf52f7687212e8957":"3c819d9a9bed087615030b65":"250327c674aaf477aef2675748cf6971"
+
AES-GCM Bad IV (AES-128,128,0,0,32) #0
depends_on:MBEDTLS_AES_C
gcm_bad_parameters:MBEDTLS_CIPHER_ID_AES:MBEDTLS_GCM_ENCRYPT:"d0194b6ee68f0ed8adc4b22ed15dbf14":"":"":"":32:MBEDTLS_ERR_GCM_BAD_INPUT
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index a6b0a4c..49859dd 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -11,20 +11,24 @@
const data_t *input,
const data_t *expected_output,
const data_t *tag,
- size_t n1 )
+ size_t n1,
+ size_t n1_add)
{
int ok = 0;
uint8_t *output = NULL;
size_t n2 = input->len - n1;
+ size_t n2_add = add->len - n1_add;
size_t olen;
/* Sanity checks on the test data */
TEST_ASSERT( n1 <= input->len );
+ TEST_ASSERT( n1_add <= add->len );
TEST_EQUAL( input->len, expected_output->len );
TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
iv->x, iv->len ) );
- TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) );
+ TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, n1_add ) );
+ TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x + n1_add, n2_add ) );
/* Allocate a tight buffer for each update call. This way, if the function
* tries to write beyond the advertised required buffer size, this will
@@ -57,6 +61,94 @@
return( ok );
}
+static void check_cipher_with_empty_ad( mbedtls_gcm_context *ctx,
+ int mode,
+ const data_t *iv,
+ const data_t *input,
+ const data_t *expected_output,
+ const data_t *tag,
+ size_t ad_update_count)
+{
+ size_t n;
+ uint8_t *output = NULL;
+ size_t olen;
+
+ /* Sanity checks on the test data */
+ TEST_EQUAL( input->len, expected_output->len );
+
+ TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
+ iv->x, iv->len ) );
+
+ for( n = 0; n < ad_update_count; n++ )
+ {
+ TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, NULL, 0 ) );
+ }
+
+ /* Allocate a tight buffer for each update call. This way, if the function
+ * tries to write beyond the advertised required buffer size, this will
+ * count as an overflow for memory sanitizers and static checkers. */
+ ASSERT_ALLOC( output, input->len );
+ olen = 0xdeadbeef;
+ TEST_EQUAL( 0, mbedtls_gcm_update( ctx, input->x, input->len, output, input->len, &olen ) );
+ TEST_EQUAL( input->len, olen );
+ ASSERT_COMPARE( output, olen, expected_output->x, input->len );
+ mbedtls_free( output );
+ output = NULL;
+
+ ASSERT_ALLOC( output, tag->len );
+ TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) );
+ ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
+
+exit:
+ mbedtls_free( output );
+}
+
+static void check_empty_cipher_with_ad( mbedtls_gcm_context *ctx,
+ int mode,
+ const data_t *iv,
+ const data_t *add,
+ const data_t *tag,
+ size_t cipher_update_count)
+{
+ size_t olen;
+ size_t n;
+ uint8_t* output_tag = NULL;
+
+ TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode, iv->x, iv->len ) );
+ TEST_EQUAL( 0, mbedtls_gcm_update_ad( ctx, add->x, add->len ) );
+
+ for( n = 0; n < cipher_update_count; n++ )
+ {
+ olen = 0xdeadbeef;
+ TEST_EQUAL( 0, mbedtls_gcm_update( ctx, NULL, 0, NULL, 0, &olen ) );
+ TEST_EQUAL( 0, olen );
+ }
+
+ ASSERT_ALLOC( output_tag, tag->len );
+ TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output_tag, tag->len ) );
+ ASSERT_COMPARE( output_tag, tag->len, tag->x, tag->len );
+
+exit:
+ mbedtls_free( output_tag );
+}
+
+static void check_no_cipher_no_ad( mbedtls_gcm_context *ctx,
+ int mode,
+ const data_t *iv,
+ const data_t *tag )
+{
+ uint8_t *output = NULL;
+
+ TEST_EQUAL( 0, mbedtls_gcm_starts( ctx, mode,
+ iv->x, iv->len ) );
+ ASSERT_ALLOC( output, tag->len );
+ TEST_EQUAL( 0, mbedtls_gcm_finish( ctx, NULL, 0, output, tag->len ) );
+ ASSERT_COMPARE( output, tag->len, tag->x, tag->len );
+
+exit:
+ mbedtls_free( output );
+}
+
/* END_HEADER */
/* BEGIN_DEPENDENCIES
@@ -101,6 +193,7 @@
mbedtls_gcm_context ctx;
size_t tag_len = tag_len_bits / 8;
size_t n1;
+ size_t n1_add;
mbedtls_gcm_init( &ctx );
@@ -118,12 +211,15 @@
for( n1 = 0; n1 <= src_str->len; n1 += 1 )
{
- mbedtls_test_set_step( n1 );
- if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT,
- iv_str, add_str, src_str,
- dst, tag,
- n1 ) )
- goto exit;
+ for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 )
+ {
+ mbedtls_test_set_step( n1 * 10000 + n1_add );
+ if( !check_multipart( &ctx, MBEDTLS_GCM_ENCRYPT,
+ iv_str, add_str, src_str,
+ dst, tag,
+ n1, n1_add ) )
+ goto exit;
+ }
}
}
@@ -144,6 +240,7 @@
int ret;
size_t tag_len = tag_len_bits / 8;
size_t n1;
+ size_t n1_add;
mbedtls_gcm_init( &ctx );
@@ -166,12 +263,15 @@
for( n1 = 0; n1 <= src_str->len; n1 += 1 )
{
- mbedtls_test_set_step( n1 );
- if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT,
- iv_str, add_str, src_str,
- pt_result, tag_str,
- n1 ) )
- goto exit;
+ for( n1_add = 0; n1_add <= add_str->len; n1_add += 1 )
+ {
+ mbedtls_test_set_step( n1 * 10000 + n1_add );
+ if( !check_multipart( &ctx, MBEDTLS_GCM_DECRYPT,
+ iv_str, add_str, src_str,
+ pt_result, tag_str,
+ n1, n1_add ) )
+ goto exit;
+ }
}
}
}
@@ -181,6 +281,130 @@
}
/* END_CASE */
+/* BEGIN_CASE */
+void gcm_decrypt_and_verify_empty_cipher( int cipher_id,
+ data_t * key_str,
+ data_t * iv_str,
+ data_t * add_str,
+ data_t * tag_str,
+ int cipher_update_calls )
+{
+ mbedtls_gcm_context ctx;
+
+ mbedtls_gcm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_DECRYPT,
+ iv_str, add_str, tag_str,
+ cipher_update_calls );
+
+ mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_decrypt_and_verify_empty_ad( int cipher_id,
+ data_t * key_str,
+ data_t * iv_str,
+ data_t * src_str,
+ data_t * tag_str,
+ data_t * pt_result,
+ int ad_update_calls )
+{
+ mbedtls_gcm_context ctx;
+
+ mbedtls_gcm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_DECRYPT,
+ iv_str, src_str, pt_result, tag_str,
+ ad_update_calls );
+
+ mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_decrypt_and_verify_no_ad_no_cipher( int cipher_id,
+ data_t * key_str,
+ data_t * iv_str,
+ data_t * tag_str )
+{
+ mbedtls_gcm_context ctx;
+
+ mbedtls_gcm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_DECRYPT,
+ iv_str, tag_str );
+
+ mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_encrypt_and_tag_empty_cipher( int cipher_id,
+ data_t * key_str,
+ data_t * iv_str,
+ data_t * add_str,
+ data_t * tag_str,
+ int cipher_update_calls )
+{
+ mbedtls_gcm_context ctx;
+
+ mbedtls_gcm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ check_empty_cipher_with_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
+ iv_str, add_str, tag_str,
+ cipher_update_calls );
+
+exit:
+ mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_encrypt_and_tag_empty_ad( int cipher_id,
+ data_t * key_str,
+ data_t * iv_str,
+ data_t * src_str,
+ data_t * dst,
+ data_t * tag_str,
+ int ad_update_calls )
+{
+ mbedtls_gcm_context ctx;
+
+ mbedtls_gcm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ check_cipher_with_empty_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
+ iv_str, src_str, dst, tag_str,
+ ad_update_calls );
+
+exit:
+ mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void gcm_encrypt_and_verify_no_ad_no_cipher( int cipher_id,
+ data_t * key_str,
+ data_t * iv_str,
+ data_t * tag_str )
+{
+ mbedtls_gcm_context ctx;
+
+ mbedtls_gcm_init( &ctx );
+
+ TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str->x, key_str->len * 8 ) == 0 );
+ check_no_cipher_no_ad( &ctx, MBEDTLS_GCM_ENCRYPT,
+ iv_str, tag_str );
+
+ mbedtls_gcm_free( &ctx );
+}
+/* END_CASE */
+
/* BEGIN_CASE depends_on:NOT_DEFINED */
void gcm_invalid_param( )
{
diff --git a/tests/suites/test_suite_hkdf.data b/tests/suites/test_suite_hkdf.data
index 1583736..d2f7ab3 100644
--- a/tests/suites/test_suite_hkdf.data
+++ b/tests/suites/test_suite_hkdf.data
@@ -15,84 +15,84 @@
HKDF RFC5869 Test Vector #1
depends_on:MBEDTLS_SHA256_C
-test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2
depends_on:MBEDTLS_SHA256_C
-test_hkdf:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
+test_hkdf:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3
depends_on:MBEDTLS_SHA256_C
-test_hkdf:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
+test_hkdf:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
+test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
+test_hkdf:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
+test_hkdf:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7
depends_on:MBEDTLS_SHA1_C
-test_hkdf:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
+test_hkdf:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
HKDF RFC5869 Test Vector #1 Extract
depends_on:MBEDTLS_SHA256_C
-test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
+test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5"
HKDF RFC5869 Test Vector #2 Extract
depends_on:MBEDTLS_SHA256_C
-test_hkdf_extract:6:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
+test_hkdf_extract:MBEDTLS_MD_SHA256:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244"
HKDF RFC5869 Test Vector #3 Extract
depends_on:MBEDTLS_SHA256_C
-test_hkdf_extract:6:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
+test_hkdf_extract:MBEDTLS_MD_SHA256:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04"
HKDF RFC5869 Test Vector #4 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243"
HKDF RFC5869 Test Vector #5 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f":"606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf":"8adae09a2a307059478d309b26c4115a224cfaf6"
HKDF RFC5869 Test Vector #6 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01"
HKDF RFC5869 Test Vector #7 Extract
depends_on:MBEDTLS_SHA1_C
-test_hkdf_extract:4:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
+test_hkdf_extract:MBEDTLS_MD_SHA1:"0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c":"":"2adccada18779e7c2077ad2eb19d3f3e731385dd"
HKDF RFC5869 Test Vector #1 Expand
depends_on:MBEDTLS_SHA256_C
-test_hkdf_expand:6:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
+test_hkdf_expand:MBEDTLS_MD_SHA256:"f0f1f2f3f4f5f6f7f8f9":"077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5":"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865"
HKDF RFC5869 Test Vector #2 Expand
depends_on:MBEDTLS_SHA256_C
-test_hkdf_expand:6:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
+test_hkdf_expand:MBEDTLS_MD_SHA256:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244":"b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87"
HKDF RFC5869 Test Vector #3 Expand
depends_on:MBEDTLS_SHA256_C
-test_hkdf_expand:6:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
+test_hkdf_expand:MBEDTLS_MD_SHA256:"":"19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04":"8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8"
HKDF RFC5869 Test Vector #4 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"f0f1f2f3f4f5f6f7f8f9":"9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243":"085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896"
HKDF RFC5869 Test Vector #5 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff":"8adae09a2a307059478d309b26c4115a224cfaf6":"0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4"
HKDF RFC5869 Test Vector #6 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"":"da8c8a73c7fa77288ec6f5e7c297786aa0d32d01":"0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918"
HKDF RFC5869 Test Vector #7 Expand
depends_on:MBEDTLS_SHA1_C
-test_hkdf_expand:4:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
+test_hkdf_expand:MBEDTLS_MD_SHA1:"":"2adccada18779e7c2077ad2eb19d3f3e731385dd":"2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48"
diff --git a/tests/suites/test_suite_md.data b/tests/suites/test_suite_md.data
index dbe6aa8..a741068 100644
--- a/tests/suites/test_suite_md.data
+++ b/tests/suites/test_suite_md.data
@@ -5,14 +5,6 @@
MD NULL/uninitialised arguments
md_null_args:
-Information on MD2
-depends_on:MBEDTLS_MD2_C
-md_info:MBEDTLS_MD_MD2:"MD2":16
-
-Information on MD4
-depends_on:MBEDTLS_MD4_C
-md_info:MBEDTLS_MD_MD4:"MD4":16
-
Information on MD5
depends_on:MBEDTLS_MD5_C
md_info:MBEDTLS_MD_MD5:"MD5":16
@@ -41,62 +33,6 @@
depends_on:MBEDTLS_SHA512_C
md_info:MBEDTLS_MD_SHA512:"SHA512":64
-generic mbedtls_md2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"":"8350e5a3e24c153df2275c9f80692773"
-
-generic mbedtls_md2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-generic mbedtls_md2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-generic mbedtls_md2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-generic mbedtls_md2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-generic mbedtls_md2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-generic mbedtls_md2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-md_text:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-generic mbedtls_md4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic mbedtls_md4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-generic mbedtls_md4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-generic mbedtls_md4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b"
-
-generic mbedtls_md4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-generic mbedtls_md4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-generic mbedtls_md4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-md_text:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
generic mbedtls_md5 Test vector RFC1321 #1
depends_on:MBEDTLS_MD5_C
md_text:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -157,30 +93,6 @@
depends_on:MBEDTLS_RIPEMD160_C
md_text:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-generic HMAC-MD2 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
-
-generic HMAC-MD2 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
-
-generic HMAC-MD2 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
-
-generic HMAC-MD4 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
-
-generic HMAC-MD4 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
-
-generic HMAC-MD4 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
-
generic HMAC-MD5 Hash File OpenSSL test #1
depends_on:MBEDTLS_MD5_C
mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
@@ -193,14 +105,6 @@
depends_on:MBEDTLS_MD5_C
mbedtls_md_hmac:"MD5":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"e97f623936f98a7f741c4bd0612fecc2"
-HMAC-MD2 Bouncy Castle test #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_hmac:"MD2":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"dc1923ef5f161d35bef839ca8c807808"
-
-HMAC-MD4 Bouncy Castle test #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_hmac:"MD4":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5570ce964ba8c11756cdc3970278ff5a"
-
HMAC-MD5 Bouncy Castle test #1
depends_on:MBEDTLS_MD5_C
mbedtls_md_hmac:"MD5":16:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"4869205468657265":"5ccec34ea9656392457fa1ac27f08fbc"
@@ -261,62 +165,6 @@
depends_on:MBEDTLS_RIPEMD160_C
mbedtls_md_hmac:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
-generic multi step mbedtls_md2 Test vector RFC1319 #1
-depends_on:MBEDTLS_MD_C:MBEDTLS_MD2_C
-md_text_multi:"MD2":"":"8350e5a3e24c153df2275c9f80692773"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #2
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #3
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #4
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #5
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #6
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-generic multi step mbedtls_md2 Test vector RFC1319 #7
-depends_on:MBEDTLS_MD2_C
-md_text_multi:"MD2":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #1
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #2
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #3
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #4
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"message digest":"d9130a8164549fe818874806e1c7014b"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #5
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #6
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-generic multi step mbedtls_md4 Test vector RFC1320 #7
-depends_on:MBEDTLS_MD4_C
-md_text_multi:"MD4":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
generic multi step mbedtls_md5 Test vector RFC1321 #1
depends_on:MBEDTLS_MD5_C
md_text_multi:"MD5":"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -377,30 +225,6 @@
depends_on:MBEDTLS_RIPEMD160_C
md_text_multi:"RIPEMD160":"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-generic multi step HMAC-MD2 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d5732582f494f5ddf35efd166c85af9c"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"54ab68503f7d1b5c7741340dff2722a9"
-
-generic multi step HMAC-MD2 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD2_C
-md_hmac_multi:"MD2":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"d850e5f554558cf0fe79a0612e1d0365"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #1
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"eabd0fbefb82fb0063a25a6d7b8bdc0f"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #2
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161":"270fcf11f27c27448457d7049a7edb084a3e554e0b2acf5806982213f0ad516402e4c869c4ff2171e18e3489baa3125d2c3056ebb616296f9b6aa97ef68eeabcdc0b6dde47775004096a241efcf0a90d19b34e898cc7340cdc940f8bdd46e23e352f34bca131d4d67a7c2ddb8d0d68b67f06152a128168e1c341c37e0a66c5018999b7059bcc300beed2c19dd1152d2fe062853293b8f3c8b5":"cec3c5e421a7b783aa89cacf78daf6dc"
-
-generic multi step HMAC-MD4 Hash File OpenSSL test #3
-depends_on:MBEDTLS_MD4_C
-md_hmac_multi:"MD4":16:"61616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"ad5f0a04116109b397b57f9cc9b6df4b"
-
generic multi step HMAC-MD5 Hash File OpenSSL test #1
depends_on:MBEDTLS_MD5_C
md_hmac_multi:"MD5":16:"61616161616161616161616161616161":"b91ce5ac77d33c234e61002ed6":"42552882f00bd4633ea81135a184b284"
@@ -469,38 +293,6 @@
depends_on:MBEDTLS_RIPEMD160_C
md_hmac_multi:"RIPEMD160":20:"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa":"54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a65204b657920616e64204c6172676572205468616e204f6e6520426c6f636b2d53697a652044617461":"69ea60798d71616cce5fd0871e23754cd75d5a0a"
-generic MD2 Hash file #1
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_1":"b593c098712d2e21628c8986695451a8"
-
-generic MD2 Hash file #2
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_2":"3c027b7409909a4c4b26bbab69ad9f4f"
-
-generic MD2 Hash file #3
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_3":"6bb43eb285e81f414083a94cdbe2989d"
-
-generic MD2 Hash file #4
-depends_on:MBEDTLS_MD2_C
-mbedtls_md_file:"MD2":"data_files/hash_file_4":"8350e5a3e24c153df2275c9f80692773"
-
-generic MD4 Hash file #1
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_1":"8d19772c176bd27153b9486715e2c0b9"
-
-generic MD4 Hash file #2
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_2":"f2ac53b8542882a5a0007c6f84b4d9fd"
-
-generic MD4 Hash file #3
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_3":"195c15158e2d07881d9a654095ce4a42"
-
-generic MD4 Hash file #4
-depends_on:MBEDTLS_MD4_C
-mbedtls_md_file:"MD4":"data_files/hash_file_4":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
generic MD5 Hash file #1
depends_on:MBEDTLS_MD5_C
mbedtls_md_file:"MD5":"data_files/hash_file_1":"52bcdc983c9ed64fc148a759b3c7a415"
diff --git a/tests/suites/test_suite_mdx.data b/tests/suites/test_suite_mdx.data
index 3d063a4..ff3f73f 100644
--- a/tests/suites/test_suite_mdx.data
+++ b/tests/suites/test_suite_mdx.data
@@ -1,46 +1,4 @@
-# Test MD2, MD4, MD5 and RIPEMD160
-mbedtls_md2 Test vector RFC1319 #1
-md2_text:"":"8350e5a3e24c153df2275c9f80692773"
-
-mbedtls_md2 Test vector RFC1319 #2
-md2_text:"a":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-mbedtls_md2 Test vector RFC1319 #3
-md2_text:"abc":"da853b0d3f88d99b30283a69e6ded6bb"
-
-mbedtls_md2 Test vector RFC1319 #4
-md2_text:"message digest":"ab4f496bfb2a530b219ff33031fe06b0"
-
-mbedtls_md2 Test vector RFC1319 #5
-md2_text:"abcdefghijklmnopqrstuvwxyz":"4e8ddff3650292ab5a4108c3aa47940b"
-
-mbedtls_md2 Test vector RFC1319 #6
-md2_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"da33def2a42df13975352846c30338cd"
-
-mbedtls_md2 Test vector RFC1319 #7
-md2_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-mbedtls_md4 Test vector RFC1320 #1
-md4_text:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-mbedtls_md4 Test vector RFC1320 #2
-md4_text:"a":"bde52cb31de33e46245e05fbdbd6fb24"
-
-mbedtls_md4 Test vector RFC1320 #3
-md4_text:"abc":"a448017aaf21d8525fc10ae87aa6729d"
-
-mbedtls_md4 Test vector RFC1320 #4
-md4_text:"message digest":"d9130a8164549fe818874806e1c7014b"
-
-mbedtls_md4 Test vector RFC1320 #5
-md4_text:"abcdefghijklmnopqrstuvwxyz":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-mbedtls_md4 Test vector RFC1320 #6
-md4_text:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789":"043f8582f241db351ce627e153e7f0e4"
-
-mbedtls_md4 Test vector RFC1320 #7
-md4_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
+# Test MD5 and RIPEMD160
mbedtls_md5 Test vector RFC1321 #1
md5_text:"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -86,12 +44,6 @@
mbedtls_ripemd160 Test vector from paper #8
ripemd160_text:"12345678901234567890123456789012345678901234567890123456789012345678901234567890":"9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-MD2 Selftest
-md2_selftest:
-
-MD4 Selftest
-md4_selftest:
-
MD5 Selftest
md5_selftest:
diff --git a/tests/suites/test_suite_mdx.function b/tests/suites/test_suite_mdx.function
index aa35c58..73f9123 100644
--- a/tests/suites/test_suite_mdx.function
+++ b/tests/suites/test_suite_mdx.function
@@ -1,50 +1,8 @@
/* BEGIN_HEADER */
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/ripemd160.h"
/* END_HEADER */
-/* BEGIN_CASE depends_on:MBEDTLS_MD2_C */
-void md2_text( char * text_src_string, data_t * hash )
-{
- int ret;
- unsigned char src_str[100];
- unsigned char output[16];
-
- memset( src_str, 0x00, sizeof src_str );
- memset( output, 0x00, sizeof output );
-
- strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
- ret = mbedtls_md2_ret( src_str, strlen( (char *) src_str ), output );
- TEST_ASSERT( ret == 0 ) ;
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
- sizeof output, hash->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD4_C */
-void md4_text( char * text_src_string, data_t * hash )
-{
- int ret;
- unsigned char src_str[100];
- unsigned char output[16];
-
- memset( src_str, 0x00, sizeof src_str );
- memset( output, 0x00, sizeof output );
-
- strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
-
- ret = mbedtls_md4_ret( src_str, strlen( (char *) src_str ), output );
- TEST_ASSERT( ret == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
- sizeof output, hash->len ) == 0 );
-}
-/* END_CASE */
-
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C */
void md5_text( char * text_src_string, data_t * hash )
{
@@ -57,7 +15,7 @@
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
- ret = mbedtls_md5_ret( src_str, strlen( (char *) src_str ), output );
+ ret = mbedtls_md5( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
@@ -77,7 +35,7 @@
strncpy( (char *) src_str, text_src_string, sizeof(src_str) - 1 );
- ret = mbedtls_ripemd160_ret( src_str, strlen( (char *) src_str ), output );
+ ret = mbedtls_ripemd160( src_str, strlen( (char *) src_str ), output );
TEST_ASSERT( ret == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x,
@@ -85,20 +43,6 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_MD2_C:MBEDTLS_SELF_TEST */
-void md2_selftest( )
-{
- TEST_ASSERT( mbedtls_md2_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_MD4_C:MBEDTLS_SELF_TEST */
-void md4_selftest( )
-{
- TEST_ASSERT( mbedtls_md4_self_test( 1 ) == 0 );
-}
-/* END_CASE */
-
/* BEGIN_CASE depends_on:MBEDTLS_MD5_C:MBEDTLS_SELF_TEST */
void md5_selftest( )
{
diff --git a/tests/suites/test_suite_mpi.data b/tests/suites/test_suite_mpi.data
index 553b8eb..02a11c8 100644
--- a/tests/suites/test_suite_mpi.data
+++ b/tests/suites/test_suite_mpi.data
@@ -62,13 +62,13 @@
mpi_read_write_string:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0:0
Test mpi_read_write_string #8 (Empty MPI hex -> hex)
-mpi_read_write_string:16:"":16:"00":4:0:0
+mpi_read_write_string:16:"":16:"":4:0:0
Test mpi_read_write_string #9 (Empty MPI hex -> dec)
mpi_read_write_string:16:"":10:"0":4:0:0
Test mpi_read_write_string #8 (Empty MPI dec -> hex)
-mpi_read_write_string:10:"":16:"00":4:0:0
+mpi_read_write_string:10:"":16:"":4:0:0
Test mpi_read_write_string #9 (Empty MPI dec -> dec)
mpi_read_write_string:10:"":10:"0":4:0:0
@@ -115,6 +115,12 @@
Base test mbedtls_mpi_write_file #1
mbedtls_mpi_write_file:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":16:"data_files/mpi_write"
+Test mbedtls_mpi_lsb: 0 (null)
+mbedtls_mpi_lsb:16:"":0
+
+Test mbedtls_mpi_lsb: 0 (1 limb)
+mbedtls_mpi_lsb:16:"0":0
+
Base test mbedtls_mpi_lsb #1
mbedtls_mpi_lsb:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":2
@@ -145,7 +151,10 @@
Base test mbedtls_mpi_bitlen #6
mbedtls_mpi_bitlen:10:"10":4
-Base test mbedtls_mpi_bitlen #7
+Base test mbedtls_mpi_bitlen: 0 (null)
+mbedtls_mpi_bitlen:10:"":0
+
+Base test mbedtls_mpi_bitlen: 0 (1 limb)
mbedtls_mpi_bitlen:10:"0":0
Base test mbedtls_mpi_cmp_int #1
@@ -193,6 +202,90 @@
Base test mbedtls_mpi_cmp_mpi (Mixed values) #6
mbedtls_mpi_cmp_mpi:10:"-2":10:"31231231289798":-1
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (null)
+mbedtls_mpi_cmp_mpi:10:"":10:"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) = 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"":10:"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (null)
+mbedtls_mpi_cmp_mpi:10:"0":10:"":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) = 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"0":10:"0":0
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive
+mbedtls_mpi_cmp_mpi:10:"":10:"123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive
+mbedtls_mpi_cmp_mpi:10:"0":10:"123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative
+mbedtls_mpi_cmp_mpi:10:"":10:"-123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative
+mbedtls_mpi_cmp_mpi:10:"0":10:"-123":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (null)
+mbedtls_mpi_cmp_mpi:10:"123":10:"":1
+
+Test mbedtls_mpi_cmp_mpi: positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"123":10:"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (null)
+mbedtls_mpi_cmp_mpi:10:"-123":10:"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:10:"-123":10:"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"":16:"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < positive with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"0":16:"0000000000000000123":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"":16:"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > negative with leading zero limb
+mbedtls_mpi_cmp_mpi:16:"0":16:"-0000000000000000123":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (null)
+mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"":1
+
+Test mbedtls_mpi_cmp_mpi: positive with leading zero limb > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"0000000000000000123":16:"0":1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (null)
+mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"":-1
+
+Test mbedtls_mpi_cmp_mpi: negative with leading zero limb < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"-0000000000000000123":16:"0":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) < large positive
+mbedtls_mpi_cmp_mpi:16:"":16:"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) < large positive
+mbedtls_mpi_cmp_mpi:16:"0":16:"1230000000000000000":-1
+
+Test mbedtls_mpi_cmp_mpi: 0 (null) > large negative
+mbedtls_mpi_cmp_mpi:16:"":16:"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: 0 (1 limb) > large negative
+mbedtls_mpi_cmp_mpi:16:"0":16:"-1230000000000000000":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (null)
+mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"":1
+
+Test mbedtls_mpi_cmp_mpi: large positive > 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"1230000000000000000":16:"0":1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (null)
+mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"":-1
+
+Test mbedtls_mpi_cmp_mpi: large negative < 0 (1 limb)
+mbedtls_mpi_cmp_mpi:16:"-1230000000000000000":16:"0":-1
+
Base test mbedtls_mpi_lt_mpi_ct #1
mbedtls_mpi_lt_mpi_ct:1:"2B5":1:"2B5":0:0
@@ -226,6 +319,9 @@
Base test mbedtls_mpi_lt_mpi_ct (Y is longer in storage)
mbedtls_mpi_lt_mpi_ct:3:"2B5":4:"2B5":0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Base test mbedtls_mpi_lt_mpi_ct (length=0)
+mbedtls_mpi_lt_mpi_ct:0:"":0:"":0:0
+
Base test mbedtls_mpi_lt_mpi_ct (corner case - 64 bit) #1
mbedtls_mpi_lt_mpi_ct:2:"7FFFFFFFFFFFFFFF":2:"FF":0:0
@@ -298,7 +394,16 @@
Base test mbedtls_mpi_cmp_abs (Negative values) #3
mbedtls_mpi_cmp_abs:10:"-2":10:"-1":1
-Base test mbedtls_mpi_cmp_abs (Zero and Zero) #4
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (null)
+mbedtls_mpi_cmp_abs:10:"":10:"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (null) = 0 (1 limb)
+mbedtls_mpi_cmp_abs:10:"":10:"0":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (null)
+mbedtls_mpi_cmp_abs:10:"0":10:"":0
+
+Test mbedtls_mpi_cmp_abs: 0 (1 limb) = 0 (1 limb)
mbedtls_mpi_cmp_abs:10:"0":10:"0":0
Base test mbedtls_mpi_cmp_abs (Mix values) #1
@@ -310,84 +415,261 @@
Base test mbedtls_mpi_cmp_abs (Mix values) #3
mbedtls_mpi_cmp_abs:10:"-2":10:"1":1
-Copy zero (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:0:1500
+Copy large negative to large negative
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
-Copy zero (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:0:-1500
+Copy large negative to large positive
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
-Copy positive (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:1500:0
+Copy large negative to small negative
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"-beef"
-Copy negative (1 limb) to zero (1 limb)
-mbedtls_mpi_copy_sint:-1500:0
+Copy large negative to small positive
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"beef"
-Copy positive (1 limb) to negative (1 limb)
-mbedtls_mpi_copy_sint:1500:-42
+Copy large negative to zero (1 limb)
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":"0"
-Copy negative (1 limb) to positive (1 limb)
-mbedtls_mpi_copy_sint:-42:1500
+Copy large negative to zero (null)
+mbedtls_mpi_copy:"-ca5cadedb01dfaceacc01ade":""
+
+Copy large positive to large negative
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Copy large positive to large positive
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Copy large positive to small negative
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Copy large positive to small positive
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"beef"
+
+Copy large positive to zero (1 limb)
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":"0"
+
+Copy large positive to zero (null)
+mbedtls_mpi_copy:"ca5cadedb01dfaceacc01ade":""
+
+Copy small negative to large negative
+mbedtls_mpi_copy:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small negative to large positive
+mbedtls_mpi_copy:"-bead":"face1e55ca11ab1ecab005e5"
+
+Copy small negative to small negative
+mbedtls_mpi_copy:"-bead":"-beef"
+
+Copy small negative to small positive
+mbedtls_mpi_copy:"-bead":"beef"
+
+Copy small negative to zero (1 limb)
+mbedtls_mpi_copy:"-bead":"0"
+
+Copy small negative to zero (null)
+mbedtls_mpi_copy:"-bead":""
+
+Copy small positive to large negative
+mbedtls_mpi_copy:"bead":"-face1e55ca11ab1ecab005e5"
+
+Copy small positive to large positive
+mbedtls_mpi_copy:"bead":"face1e55ca11ab1ecab005e5"
+
+Copy small positive to small negative
+mbedtls_mpi_copy:"bead":"-beef"
+
+Copy small positive to small positive
+mbedtls_mpi_copy:"bead":"beef"
+
+Copy small positive to zero (1 limb)
+mbedtls_mpi_copy:"bead":"0"
+
+Copy small positive to zero (null)
+mbedtls_mpi_copy:"bead":""
+
+Copy zero (1 limb) to large negative
+mbedtls_mpi_copy:"0":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to large positive
+mbedtls_mpi_copy:"0":"face1e55ca11ab1ecab005e5"
+
+Copy zero (1 limb) to small negative
+mbedtls_mpi_copy:"0":"-beef"
+
+Copy zero (1 limb) to small positive
+mbedtls_mpi_copy:"0":"beef"
+
+Copy zero (1 limb) to zero (1 limb)
+mbedtls_mpi_copy:"0":"0"
+
+Copy zero (1 limb) to zero (null)
+mbedtls_mpi_copy:"0":""
+
+Copy zero (null) to large negative
+mbedtls_mpi_copy:"":"-face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to large positive
+mbedtls_mpi_copy:"":"face1e55ca11ab1ecab005e5"
+
+Copy zero (null) to small negative
+mbedtls_mpi_copy:"":"-beef"
+
+Copy zero (null) to small positive
+mbedtls_mpi_copy:"":"beef"
+
+Copy zero (null) to zero (1 limb)
+mbedtls_mpi_copy:"":"0"
Copy zero (null) to zero (null)
-mbedtls_mpi_copy_binary:"":""
+mbedtls_mpi_copy:"":""
-Copy zero (null) to positive (1 limb)
-mbedtls_mpi_copy_binary:"":"1234"
+Copy self: large negative
+mpi_copy_self:"-ca5cadedb01dfaceacc01ade"
-Copy positive (1 limb) to zero (null)
-mbedtls_mpi_copy_binary:"1234":""
+Copy self: large positive
+mpi_copy_self:"ca5cadedb01dfaceacc01ade"
-Copy positive to larger
-mbedtls_mpi_copy_binary:"bead":"ca5cadedb01dfaceacc01ade"
+Copy self: small negative
+mpi_copy_self:"-bead"
-Copy positive to smaller
-mbedtls_mpi_copy_binary:"ca5cadedb01dfaceacc01ade":"bead"
-
-Copy self: positive (1 limb)
-mpi_copy_self:14
+Copy self: small positive
+mpi_copy_self:"bead"
Copy self: zero (1 limb)
-mpi_copy_self:0
+mpi_copy_self:"0"
-Swap zero (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:0:1500
+Copy self: zero (null)
+mpi_copy_self:""
-Swap zero (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:0:-1500
+Swap large negative with large negative
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
-Swap positive (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:1500:0
+Swap large negative with large positive
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
-Swap negative (1 limb) with zero (1 limb)
-mbedtls_mpi_swap_sint:-1500:0
+Swap large negative with small negative
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"-beef"
-Swap positive (1 limb) with negative (1 limb)
-mbedtls_mpi_swap_sint:1500:-42
+Swap large negative with small positive
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"beef"
-Swap negative (1 limb) with positive (1 limb)
-mbedtls_mpi_swap_sint:-42:1500
+Swap large negative with zero (1 limb)
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":"0"
+
+Swap large negative with zero (null)
+mbedtls_mpi_swap:"-ca5cadedb01dfaceacc01ade":""
+
+Swap large positive with large negative
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-face1e55ca11ab1ecab005e5"
+
+Swap large positive with large positive
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"face1e55ca11ab1ecab005e5"
+
+Swap large positive with small negative
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"-beef"
+
+Swap large positive with small positive
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"beef"
+
+Swap large positive with zero (1 limb)
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":"0"
+
+Swap large positive with zero (null)
+mbedtls_mpi_swap:"ca5cadedb01dfaceacc01ade":""
+
+Swap small negative with large negative
+mbedtls_mpi_swap:"-bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small negative with large positive
+mbedtls_mpi_swap:"-bead":"face1e55ca11ab1ecab005e5"
+
+Swap small negative with small negative
+mbedtls_mpi_swap:"-bead":"-beef"
+
+Swap small negative with small positive
+mbedtls_mpi_swap:"-bead":"beef"
+
+Swap small negative with zero (1 limb)
+mbedtls_mpi_swap:"-bead":"0"
+
+Swap small negative with zero (null)
+mbedtls_mpi_swap:"-bead":""
+
+Swap small positive with large negative
+mbedtls_mpi_swap:"bead":"-face1e55ca11ab1ecab005e5"
+
+Swap small positive with large positive
+mbedtls_mpi_swap:"bead":"face1e55ca11ab1ecab005e5"
+
+Swap small positive with small negative
+mbedtls_mpi_swap:"bead":"-beef"
+
+Swap small positive with small positive
+mbedtls_mpi_swap:"bead":"beef"
+
+Swap small positive with zero (1 limb)
+mbedtls_mpi_swap:"bead":"0"
+
+Swap small positive with zero (null)
+mbedtls_mpi_swap:"bead":""
+
+Swap zero (1 limb) with large negative
+mbedtls_mpi_swap:"0":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with large positive
+mbedtls_mpi_swap:"0":"face1e55ca11ab1ecab005e5"
+
+Swap zero (1 limb) with small negative
+mbedtls_mpi_swap:"0":"-beef"
+
+Swap zero (1 limb) with small positive
+mbedtls_mpi_swap:"0":"beef"
+
+Swap zero (1 limb) with zero (1 limb)
+mbedtls_mpi_swap:"0":"0"
+
+Swap zero (1 limb) with zero (null)
+mbedtls_mpi_swap:"0":""
+
+Swap zero (null) with large negative
+mbedtls_mpi_swap:"":"-face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with large positive
+mbedtls_mpi_swap:"":"face1e55ca11ab1ecab005e5"
+
+Swap zero (null) with small negative
+mbedtls_mpi_swap:"":"-beef"
+
+Swap zero (null) with small positive
+mbedtls_mpi_swap:"":"beef"
+
+Swap zero (null) with zero (1 limb)
+mbedtls_mpi_swap:"":"0"
Swap zero (null) with zero (null)
-mbedtls_mpi_swap_binary:"":""
+mbedtls_mpi_swap:"":""
-Swap zero (null) with positive (1 limb)
-mbedtls_mpi_swap_binary:"":"1234"
+Swap self: large negative
+mpi_swap_self:"-ca5cadedb01dfaceacc01ade"
-Swap positive (1 limb) with zero (null)
-mbedtls_mpi_swap_binary:"1234":""
+Swap self: large positive
+mpi_swap_self:"ca5cadedb01dfaceacc01ade"
-Swap positive with larger
-mbedtls_mpi_swap_binary:"bead":"ca5cadedb01dfaceacc01ade"
+Swap self: small negative
+mpi_swap_self:"-bead"
-Swap positive with smaller
-mbedtls_mpi_swap_binary:"ca5cadedb01dfaceacc01ade":"bead"
+Swap self: small positive
+mpi_swap_self:"bead"
-Swap self: 1 limb
-mpi_swap_self:"face"
+Swap self: zero (1 limb)
+mpi_swap_self:"0"
-Swap self: null
+Swap self: zero (null)
mpi_swap_self:""
+Shrink 0 limbs in a buffer of size 0 to 0
+mbedtls_mpi_shrink:0:0:0:0
+
Shrink 2 limbs in a buffer of size 2 to 4
mbedtls_mpi_shrink:2:2:4:4
@@ -412,42 +694,6 @@
Shrink 0 limbs in a buffer of size 4 to 0 yielding 1
mbedtls_mpi_shrink:4:0:0:1
-Test mbedtls_mpi_safe_cond_assign #1
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #2
-mbedtls_mpi_safe_cond_assign:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #3
-mbedtls_mpi_safe_cond_assign:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_assign #4
-mbedtls_mpi_safe_cond_assign:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #5
-mbedtls_mpi_safe_cond_assign:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_assign #6
-mbedtls_mpi_safe_cond_assign:-1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #1
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #2
-mbedtls_mpi_safe_cond_swap:+1:"FF000000000000000001":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #3
-mbedtls_mpi_safe_cond_swap:+1:"01":+1:"FF000000000000000002"
-
-Test mbedtls_mpi_safe_cond_swap #4
-mbedtls_mpi_safe_cond_swap:+1:"01":-1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #5
-mbedtls_mpi_safe_cond_swap:-1:"01":+1:"02"
-
-Test mbedtls_mpi_safe_cond_swap #6
-mbedtls_mpi_safe_cond_swap:-1:"01":-1:"02"
-
Base test mbedtls_mpi_add_abs #1
mbedtls_mpi_add_abs:10:"12345678":10:"642531":10:"12988209"
@@ -460,6 +706,15 @@
Base test mbedtls_mpi_add_abs #4
mbedtls_mpi_add_abs:10:"-12345678":10:"-642531":10:"12988209"
+Test mbedtls_mpi_add_abs: 0 (null) + 0 (null)
+mbedtls_mpi_add_abs:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_add_abs: 0 (null) + 1
+mbedtls_mpi_add_abs:16:"":16:"01":16:"01"
+
+Test mbedtls_mpi_add_abs: 1 + 0 (null)
+mbedtls_mpi_add_abs:16:"01":16:"":16:"01"
+
Test mbedtls_mpi_add_abs #1
mbedtls_mpi_add_abs:10:"-643808006803554439230129854961492699151386107534013432918073439524138264842370630061369715394739134090922937332590384720397133335969549256322620979036686633213903952966175107096769180017646161851573147596390153":10:"56125680981752282333498088313568935051383833838594899821664631784577337171193624243181360054669678410455329112434552942717084003541384594864129940145043086760031292483340068923506115878221189886491132772739661669044958531131327771":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924"
@@ -481,6 +736,21 @@
Base test mbedtls_mpi_add_mpi #4
mbedtls_mpi_add_mpi:10:"-12345678":10:"-642531":10:"-12988209"
+Test mbedtls_mpi_add_mpi: 0 (null) + 0 (null)
+mbedtls_mpi_add_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + 1
+mbedtls_mpi_add_mpi:16:"":16:"01":16:"01"
+
+Test mbedtls_mpi_add_mpi: 1 + 0 (null)
+mbedtls_mpi_add_mpi:16:"01":16:"":16:"01"
+
+Test mbedtls_mpi_add_mpi: 0 (null) + -1
+mbedtls_mpi_add_mpi:16:"":16:"-01":16:"-01"
+
+Test mbedtls_mpi_add_mpi: -1 + 0 (null)
+mbedtls_mpi_add_mpi:16:"-01":16:"":16:"-01"
+
Test mbedtls_mpi_add_mpi #1
mbedtls_mpi_add_mpi:10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"735829167410606161590850601304167976688497607296479119740072111384235241328747126510065763883532084601487937110881909725679916932621242907172467691556475037071866553361927361439411910627880345885122142692610250903804554267860479115964668998643528806263534149325837971432443181537363155848647445226342"
@@ -502,6 +772,12 @@
Test mbedtls_mpi_add_int #2
mbedtls_mpi_add_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
+Test mbedtls_mpi_add_int: 0 (null) + 0
+mbedtls_mpi_add_int:16:"":0:16:"0"
+
+Test mbedtls_mpi_add_int: 0 (null) + 1
+mbedtls_mpi_add_int:16:"":1:16:"1"
+
Base test mbedtls_mpi_sub_abs #1 (|B| > |A|)
mbedtls_mpi_sub_abs:10:"5":10:"7":10:"0":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
@@ -538,6 +814,24 @@
Base test mbedtls_mpi_sub_abs #4
mbedtls_mpi_sub_abs:10:"7":10:"-5":10:"2":0
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (null)
+mbedtls_mpi_sub_abs:16:"":16:"":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 0 (1 limb)
+mbedtls_mpi_sub_abs:16:"":16:"00":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (null)
+mbedtls_mpi_sub_abs:16:"00":16:"":16:"":0
+
+Test mbedtls_mpi_sub_abs: 0 (1 limb) - 0 (1 limb)
+mbedtls_mpi_sub_abs:16:"00":16:"00":16:"":0
+
+Test mbedtls_mpi_sub_abs: 1 - 0 (null)
+mbedtls_mpi_sub_abs:16:"01":16:"":16:"01":0
+
+Test mbedtls_mpi_sub_abs: 0 (null) - 1
+mbedtls_mpi_sub_abs:16:"":16:"01":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Test mbedtls_mpi_sub_abs #1
mbedtls_mpi_sub_abs:16:"FFFFFFFFFF":16:"01":16:"FFFFFFFFFE":0
@@ -562,6 +856,27 @@
Base test mbedtls_mpi_sub_mpi #4 (Test with negative subtraction)
mbedtls_mpi_sub_mpi:10:"5":10:"-7":10:"12"
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (null)
+mbedtls_mpi_sub_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 0 (1 limb)
+mbedtls_mpi_sub_mpi:16:"":16:"00":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - 1
+mbedtls_mpi_sub_mpi:16:"":16:"1":16:"-1"
+
+Test mbedtls_mpi_sub_mpi: 0 (null) - -1
+mbedtls_mpi_sub_mpi:16:"":16:"-1":16:"1"
+
+Test mbedtls_mpi_sub_mpi: 0 (1 limb) - 0 (null)
+mbedtls_mpi_sub_mpi:16:"00":16:"":16:"0"
+
+Test mbedtls_mpi_sub_mpi: 1 - 0 (null)
+mbedtls_mpi_sub_mpi:16:"1":16:"":16:"1"
+
+Test mbedtls_mpi_sub_mpi: -1 - 0 (null)
+mbedtls_mpi_sub_mpi:16:"-1":16:"":16:"-1"
+
Test mbedtls_mpi_sub_mpi #1
mbedtls_mpi_sub_mpi:10:"531872289054204184185084734375133399408303613982130856645299464930952178606045848877129147820387996428175564228204785846141207532462936339834139412401975338705794646595487324365194792822189473092273993580587964571659678084484152603881094176995594813302284232006001752128168901293560051833646881436219":10:"203956878356401977405765866929034577280193993314348263094772646453283062722701277632936616063144088173312372882677123879538709400158306567338328279154499698366071906766440037074217117805690872792848149112022286332144876183376326512083574821647933992961249917319836219304274280243803104015000563790123":10:"327915410697802206779318867446098822128109620667782593550526818477669115883344571244192531757243908254863191345527661966602498132304629772495811133247475640339722739829047287290977675016498600299425844468565678239514801901107826091797519355347660820341034314686165532823894621049756947818646317646096"
@@ -574,12 +889,30 @@
Test mbedtls_mpi_sub_int #2
mbedtls_mpi_sub_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227002905097"
+Test mbedtls_mpi_sub_int: 0 (null) - 0
+mbedtls_mpi_sub_int:16:"":0:16:"0"
+
+Test mbedtls_mpi_sub_int: 0 (null) - 1
+mbedtls_mpi_sub_int:16:"":1:16:"-1"
+
+Test mbedtls_mpi_sub_int: 0 (null) - -1
+mbedtls_mpi_sub_int:16:"":-1:16:"1"
+
Test mbedtls_mpi_shift_l #1
mbedtls_mpi_shift_l:10:"64":1:10:"128"
Test mbedtls_mpi_shift_l #2
mbedtls_mpi_shift_l:10:"658385546911733550164516088405238961461880256029834598831972039469421755117818013653494814438931957316403111689187691446941406788869098983929874080332195117465344344350008880118042764943201875870917468833709791733282363323948005998269792207":37:10:"90487820548639020691922304619723076305400961610119884872723190678642804168382367856686134531865643066983017249846286450251272364365605022750900439437595355052945035915579216557330505438734955340526145476988250171181404966718289259743378883640981192704"
+Test mbedtls_mpi_shift_l: 0 (null) <<= 0
+mbedtls_mpi_shift_l:16:"":0:16:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 1
+mbedtls_mpi_shift_l:16:"":1:16:"0"
+
+Test mbedtls_mpi_shift_l: 0 (null) <<= 64
+mbedtls_mpi_shift_l:16:"":64:16:"0"
+
Test mbedtls_mpi_shift_r #1
mbedtls_mpi_shift_r:10:"128":1:10:"64"
@@ -598,6 +931,15 @@
Test mbedtls_mpi_shift_r #7
mbedtls_mpi_shift_r:16:"FFFFFFFFFFFFFFFF":128:16:"00"
+Test mbedtls_mpi_shift_r: 0 (null) >>= 0
+mbedtls_mpi_shift_r:16:"":0:16:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 1
+mbedtls_mpi_shift_r:16:"":1:16:"0"
+
+Test mbedtls_mpi_shift_r: 0 (null) >>= 64
+mbedtls_mpi_shift_r:16:"":64:16:"0"
+
Base test mbedtls_mpi_mul_mpi #1
mbedtls_mpi_mul_mpi:10:"5":10:"7":10:"35"
@@ -610,8 +952,131 @@
Base test mbedtls_mpi_mul_mpi #4
mbedtls_mpi_mul_mpi:10:"-5":10:"-7":10:"35"
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (null)
+mbedtls_mpi_mul_mpi:16:"":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 0 (1 limb)
+mbedtls_mpi_mul_mpi:16:"":16:"00":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * 1
+mbedtls_mpi_mul_mpi:16:"":16:"01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (null) * -1
+mbedtls_mpi_mul_mpi:16:"":16:"-01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * -1
+mbedtls_mpi_mul_mpi:16:"00":16:"-01":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 0 (1 limb) * 0 (null)
+mbedtls_mpi_mul_mpi:16:"00":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: 1 * 0 (null)
+mbedtls_mpi_mul_mpi:16:"01":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (null)
+mbedtls_mpi_mul_mpi:16:"-01":16:"":16:"0"
+
+Test mbedtls_mpi_mul_mpi: -1 * 0 (1 limb)
+mbedtls_mpi_mul_mpi:16:"-01":16:"00":16:"0"
+
Test mbedtls_mpi_mul_mpi #1
-mbedtls_mpi_mul_mpi:10:"28911710017320205966167820725313234361535259163045867986277478145081076845846493521348693253530011243988160148063424837895971948244167867236923919506962312185829914482993478947657472351461336729641485069323635424692930278888923450060546465883490944265147851036817433970984747733020522259537":10:"16471581891701794764704009719057349996270239948993452268812975037240586099924712715366967486587417803753916334331355573776945238871512026832810626226164346328807407669366029926221415383560814338828449642265377822759768011406757061063524768140567867350208554439342320410551341675119078050953":10:"476221599179424887669515829231223263939342135681791605842540429321038144633323941248706405375723482912535192363845116154236465184147599697841273424891410002781967962186252583311115708128167171262206919514587899883547279647025952837516324649656913580411611297312678955801899536937577476819667861053063432906071315727948826276092545739432005962781562403795455162483159362585281248265005441715080197800335757871588045959754547836825977169125866324128449699877076762316768127816074587766799018626179199776188490087103869164122906791440101822594139648973454716256383294690817576188761"
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, B < 0
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, B < 0
+mbedtls_mpi_mul_mpi:16:"000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #1, leading 0 limb in A and B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-000000000000000002f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-000000000000000001b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb59"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb590000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #2, trailing 0 limb in A and B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf24510000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c890000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in A, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf245100000000000000000000000000000000":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c89":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, B < 0
+mbedtls_mpi_mul_mpi:16:"02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"-0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
+
+Test mbedtls_mpi_mul_mpi #3, trailing 0 limbs in B, A < 0, B < 0
+mbedtls_mpi_mul_mpi:16:"-02f77b94b179d4a51360f04fa56e2c0784ce3b8a742280b016904896a5605fbe9e0f0683f82c439d979ab14e11b34e05ae96232b18fb2e0d1319f4942732d7eadf92ae90cb8c68ec8ece154d334f553564b6f6db185b33b8d3635598c3d128acde8bbb7b13697e48d1a542e5f9168d2d83a8dd05ae1eaf2451":16:"-01b0b14c432710cde936e3fc100515e95dca61e10b8a68d9632bfa0546a9731a1ce6bebc6cb5fe6f5fd7e57b25f737f6a0ce5402e216b8b81c06f0c5ccce447d7f5631d14bff9dfa16f7cc72c56c84b636d00a5f35199d17ee9bf3f8746f44374ffd4ae22cf84089f04a9f7f356d6dc9f8cf8ef208a9b88c8900000000000000000000000000000000":16:"0503ae899d35ae5b7706b067aed7cb2952da37a5d4ad58f05f69abe14e8aaae88eab2baed858177cb4595c0edc92e5ac13c2bba2bfa23276dd023e9e52f547d4c9edb138d86aad329d7afb01e15eab7281e181cb249fc91bf09d621d86561301edda156f80e3bbff853a312852fe9e3d0541cb86801390aff1dc3c05bcb592c266f625b70e419b4c7e7e85399bb06c0e50b099b4292f9eaff4d869681faa1f745b5fcb3349ed93c572739a31dcf76b43370cf9f86cc54e982dfac9467bde915c697e60554e0d698be6bb2dd1f8bc64659f6baee7641b51f4b5ed7010c04600fcd382db84a93fe3d4d86e86a459c6cebb5900000000000000000000000000000000"
Test mbedtls_mpi_mul_int #1
mbedtls_mpi_mul_int:10:"2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"=="
@@ -625,15 +1090,45 @@
Test mbedtls_mpi_mul_int #4 (Unsigned, thus failure)
mbedtls_mpi_mul_int:10:"-2039568783564019774057658669290345772801939933143482630947726464532830627227012776329":-9871232:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":"!="
+Test mbedtls_mpi_mul_int: 0 (null) * 0
+mbedtls_mpi_mul_int:16:"":0:16:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 1
+mbedtls_mpi_mul_int:16:"":1:16:"":"=="
+
+Test mbedtls_mpi_mul_int: 0 (null) * 0x1234
+mbedtls_mpi_mul_int:16:"":0x1234:16:"":"=="
+
Base test mbedtls_mpi_div_mpi #1
mbedtls_mpi_div_mpi:10:"1000":10:"13":10:"76":10:"12":0
-Base test mbedtls_mpi_div_mpi #2 (Divide by zero)
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (1 limb))
mbedtls_mpi_div_mpi:10:"1000":10:"0":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+Base test mbedtls_mpi_div_mpi #2 (Divide by zero (null))
+mbedtls_mpi_div_mpi:10:"1000":10:"":10:"1":10:"1":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
Base test mbedtls_mpi_div_mpi #3
mbedtls_mpi_div_mpi:10:"1000":10:"-13":10:"-76":10:"12":0
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (null)
+mbedtls_mpi_div_mpi:16:"":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 0 (1 limb)
+mbedtls_mpi_div_mpi:16:"":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (null)
+mbedtls_mpi_div_mpi:16:"0":16:"":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (1 limb) / 0 (1 limb)
+mbedtls_mpi_div_mpi:16:"0":16:"0":16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_mpi: 0 (null) / 1
+mbedtls_mpi_div_mpi:16:"":16:"1":16:"":16:"":0
+
+Test mbedtls_mpi_div_mpi: 0 (null) / -1
+mbedtls_mpi_div_mpi:16:"":16:"-1":16:"":16:"":0
+
Test mbedtls_mpi_div_mpi #1
mbedtls_mpi_div_mpi:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":10:"34":10:"592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
@@ -661,10 +1156,22 @@
Test mbedtls_mpi_div_int #2
mbedtls_mpi_div_int:10:"20133056642518226042310730101376278483547239130123806338055387803943342738063359782107667328":-34:10:"-592148724779947824773845002981655249516095268533053127589864347174804198178334111238460803":10:"26":0
+Test mbedtls_mpi_div_int: 0 (null) / 0
+mbedtls_mpi_div_int:16:"":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (1 limb) / 0
+mbedtls_mpi_div_int:16:"00":0:16:"":16:"":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Test mbedtls_mpi_div_int: 0 (null) / 1
+mbedtls_mpi_div_int:16:"":1:16:"":16:"":0
+
Base test mbedtls_mpi_mod_mpi #1
mbedtls_mpi_mod_mpi:10:"1000":10:"13":10:"12":0
-Base test mbedtls_mpi_mod_mpi #2 (Divide by zero)
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (null))
+mbedtls_mpi_mod_mpi:10:"1000":10:"":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
+
+Base test mbedtls_mpi_mod_mpi #2 (Divide by zero (1 limb))
mbedtls_mpi_mod_mpi:10:"1000":10:"0":10:"0":MBEDTLS_ERR_MPI_DIVISION_BY_ZERO
Base test mbedtls_mpi_mod_mpi #3
@@ -676,6 +1183,12 @@
Base test mbedtls_mpi_mod_mpi #5 (Negative modulo)
mbedtls_mpi_mod_mpi:10:"-1000":10:"-13":10:"-12":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+Test mbedtls_mpi_mod_mpi: 0 (null) % 1
+mbedtls_mpi_mod_mpi:16:"":16:"1":16:"":0
+
+Test mbedtls_mpi_mod_mpi: 0 (null) % -1
+mbedtls_mpi_mod_mpi:16:"":16:"-1":16:"":MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_mod_int #1
mbedtls_mpi_mod_int:10:"1000":13:12:0
@@ -700,23 +1213,74 @@
Base test mbedtls_mpi_mod_int #8 (By 2)
mbedtls_mpi_mod_int:10:"1000":2:0:0
+Test mbedtls_mpi_mod_int: 0 (null) % 1
+mbedtls_mpi_mod_int:16:"":1:0:0
+
+Test mbedtls_mpi_mod_int: 0 (null) % -1
+mbedtls_mpi_mod_int:16:"":-1:0:MBEDTLS_ERR_MPI_NEGATIVE_VALUE
+
Base test mbedtls_mpi_exp_mod #1
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"":10:"24":0
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"29":10:"24":0
Base test mbedtls_mpi_exp_mod #2 (Even N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"30":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Base test mbedtls_mpi_exp_mod #2 (N = 0 (null))
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #3 (Negative N)
-mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"13":10:"-29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #4 (Negative base)
-mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"":10:"5":0
+mbedtls_mpi_exp_mod:10:"-23":10:"13":10:"29":10:"5":0
Base test mbedtls_mpi_exp_mod #5 (Negative exponent)
-mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
Base test mbedtls_mpi_exp_mod #6 (Negative base + exponent)
-mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+mbedtls_mpi_exp_mod:10:"-23":10:"-13":10:"29":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 1 mod 9
+mbedtls_mpi_exp_mod:16:"":16:"01":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (null) ^ 2 mod 9
+mbedtls_mpi_exp_mod:16:"":16:"02":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 1 mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"01":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 0 (1 limb) ^ 2 mod 9
+mbedtls_mpi_exp_mod:16:"00":16:"02":16:"09":16:"":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"01":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"04":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (null) mod 9
+mbedtls_mpi_exp_mod:16:"0a":16:"":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 1 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"01":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 4 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"04":16:"00":16:"09":16:"1":0
+
+Test mbedtls_mpi_exp_mod: 10 ^ 0 (1 limb) mod 9
+mbedtls_mpi_exp_mod:16:"0a":16:"00":16:"09":16:"1":0
Test mbedtls_mpi_exp_mod: MAX_SIZE exponent
mbedtls_mpi_exp_mod_size:2:MBEDTLS_MPI_MAX_SIZE:10:10:"":0
@@ -738,14 +1302,14 @@
Test mbedtls_mpi_exp_mod #1
depends_on:MPI_MAX_BITS_LARGER_THAN_792
-mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
+mbedtls_mpi_exp_mod:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"583137007797276923956891216216022144052044091311388601652961409557516421612874571554415606746479105795833145583959622117418531166391184939066520869800857530421873250114773204354963864729386957427276448683092491947566992077136553066273207777134303397724679138833126700957":10:"114597449276684355144920670007147953232659436380163461553186940113929777196018164149703566472936578890991049344459204199888254907113495794730452699842273939581048142004834330369483813876618772578869083248061616444392091693787039636316845512292127097865026290173004860736":0
Test mbedtls_mpi_exp_mod (Negative base) [#1]
-mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"":10:"1":0
+mbedtls_mpi_exp_mod:10:"-10000000000":10:"10000000000":10:"99999":10:"1":0
Test mbedtls_mpi_exp_mod (Negative base) [#2]
depends_on:MPI_MAX_BITS_LARGER_THAN_792
-mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
+mbedtls_mpi_exp_mod:16:"-9f13012cd92aa72fb86ac8879d2fde4f7fd661aaae43a00971f081cc60ca277059d5c37e89652e2af2585d281d66ef6a9d38a117e9608e9e7574cd142dc55278838a2161dd56db9470d4c1da2d5df15a908ee2eb886aaa890f23be16de59386663a12f1afbb325431a3e835e3fd89b98b96a6f77382f458ef9a37e1f84a03045c8676ab55291a94c2228ea15448ee96b626b998":16:"40a54d1b9e86789f06d9607fb158672d64867665c73ee9abb545fc7a785634b354c7bae5b962ce8040cf45f2c1f3d3659b2ee5ede17534c8fc2ec85c815e8df1fe7048d12c90ee31b88a68a081f17f0d8ce5f4030521e9400083bcea73a429031d4ca7949c2000d597088e0c39a6014d8bf962b73bb2e8083bd0390a4e00b9b3":16:"eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3":16:"21acc7199e1b90f9b4844ffe12c19f00ec548c5d32b21c647d48b6015d8eb9ec9db05b4f3d44db4227a2b5659c1a7cceb9d5fa8fa60376047953ce7397d90aaeb7465e14e820734f84aa52ad0fc66701bcbb991d57715806a11531268e1e83dd48288c72b424a6287e9ce4e5cc4db0dd67614aecc23b0124a5776d36e5c89483":0
Base test GCD #1
mbedtls_mpi_gcd:10:"693":10:"609":10:"21"
@@ -756,24 +1320,105 @@
Base test GCD #3
mbedtls_mpi_gcd:10:"768454923":10:"542167814":10:"1"
-Test GCD #1
+Test GCD: 0 (null), 0 (null)
+mbedtls_mpi_gcd:16:"":16:"":16:"0"
+
+Test GCD: 0 (null), 0 (1 limb)
+mbedtls_mpi_gcd:16:"":16:"00":16:"0"
+
+Test GCD: 0 (null), 3
+mbedtls_mpi_gcd:16:"":16:"03":16:"3"
+
+Test GCD: 0 (null), 6
+mbedtls_mpi_gcd:16:"":16:"06":16:"6"
+
+Test GCD: 0 (1 limb), 0 (null)
+mbedtls_mpi_gcd:16:"00":16:"":16:"0"
+
+Test GCD: 0 (1 limb), 3
+mbedtls_mpi_gcd:16:"00":16:"03":16:"3"
+
+Test GCD: 0 (1 limb), 6
+mbedtls_mpi_gcd:16:"00":16:"06":16:"6"
+
+Test GCD: 3, 0 (null)
+mbedtls_mpi_gcd:16:"03":16:"":16:"3"
+
+Test GCD: 3, 0 (1 limb)
+mbedtls_mpi_gcd:16:"03":16:"00":16:"3"
+
+Test GCD: 6, 0 (null)
+mbedtls_mpi_gcd:16:"06":16:"":16:"6"
+
+Test GCD: 6, 0 (1 limb)
+mbedtls_mpi_gcd:16:"06":16:"00":16:"6"
+
+Test GCD: gcd=1, 0 < A < B
mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+Test GCD: gcd=1, 0 < B < A
+mbedtls_mpi_gcd:10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"1"
+
+Test GCD: gcd=1, A > 0, B < 0
+mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=1, A < 0 < B, |A| < |B|
+mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=1, B < A < 0
+mbedtls_mpi_gcd:10:"-433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"-5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
+
+Test GCD: gcd=2, 0 < A < B
+mbedtls_mpi_gcd:10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"2"
+
+Test GCD: gcd=2, 0 < B < A
+mbedtls_mpi_gcd:10:"11563076655955657794301818333556815318500916759291646124084984923153517053514981820147256017227955101092765549551141776260059527143057399149435166457879071920468928461765147231860769958200758205831314967733510743119623437535521189838913942708368227442":10:"866038481820754956434747145919120219639297294032193121047538021762345738166676571147513149114791725930190032967735626087327963892955396933002903664815184654712662526249110275464787876484571564289857507839177265358101598397874265844290169694":10:"2"
+
+Test GCD: gcd=3, 0 < A < B
+mbedtls_mpi_gcd:10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"3"
+
+Test GCD: gcd=3, 0 < B < A
+mbedtls_mpi_gcd:10:"17344614983933486691452727500335222977751375138937469186127477384730275580272472730220884025841932651639148324326712664390089290714586098724152749686818607880703392692647720847791154937301137308746972451600266114679435156303281784758370914062552341163":10:"1299057722731132434652120718878680329458945941048289681571307032643518607250014856721269723672187588895285049451603439130991945839433095399504355497222776982068993789373665413197181814726857346434786261758765898037152397596811398766435254541":10:"3"
+
+Test GCD: gcd=4, 0 < A < B
+mbedtls_mpi_gcd:10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"4"
+
+Test GCD: gcd=4, 0 < B < A
+mbedtls_mpi_gcd:10:"23126153311911315588603636667113630637001833518583292248169969846307034107029963640294512034455910202185531099102283552520119054286114798298870332915758143840937856923530294463721539916401516411662629935467021486239246875071042379677827885416736454884":10:"1732076963641509912869494291838240439278594588064386242095076043524691476333353142295026298229583451860380065935471252174655927785910793866005807329630369309425325052498220550929575752969143128579715015678354530716203196795748531688580339388":10:"4"
+
+Test GCD: gcd=6, 0 < A < B
+mbedtls_mpi_gcd:10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"6"
+
+Test GCD: gcd=6, 0 < B < A
+mbedtls_mpi_gcd:10:"34689229967866973382905455000670445955502750277874938372254954769460551160544945460441768051683865303278296648653425328780178581429172197448305499373637215761406785385295441695582309874602274617493944903200532229358870312606563569516741828125104682326":10:"2598115445462264869304241437757360658917891882096579363142614065287037214500029713442539447344375177790570098903206878261983891678866190799008710994445553964137987578747330826394363629453714692869572523517531796074304795193622797532870509082":10:"6"
+
+Test GCD: 0 < A = B
+mbedtls_mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847"
+
Base test mbedtls_mpi_inv_mod #1
mbedtls_mpi_inv_mod:10:"3":10:"11":10:"4":0
-Base test mbedtls_mpi_inv_mod #2
+Test mbedtls_mpi_inv_mod: mod 0 (null)
+mbedtls_mpi_inv_mod:10:"3":10:"":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+
+Test mbedtls_mpi_inv_mod: mod 0 (1 limb)
mbedtls_mpi_inv_mod:10:"3":10:"0":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_inv_mod #3
+Test mbedtls_mpi_inv_mod: mod negative
mbedtls_mpi_inv_mod:10:"3":10:"-11":10:"4":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-Base test mbedtls_mpi_inv_mod #4
+Test mbedtls_mpi_inv_mod: 2^-1 mod 4
mbedtls_mpi_inv_mod:10:"2":10:"4":10:"0":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
-Base test mbedtls_mpi_inv_mod #5
+Test mbedtls_mpi_inv_mod: mod 1
mbedtls_mpi_inv_mod:10:"3":10:"1":10:"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+Test mbedtls_mpi_inv_mod: 0 (null) ^-1
+mbedtls_mpi_inv_mod:16:"":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
+Test mbedtls_mpi_inv_mod: 0 (1 limb) ^-1
+mbedtls_mpi_inv_mod:16:"00":16:"11":16:"":MBEDTLS_ERR_MPI_NOT_ACCEPTABLE
+
Test mbedtls_mpi_inv_mod #1
mbedtls_mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0
@@ -958,6 +1603,9 @@
Test bit getting (Larger and non-existing limb)
mbedtls_mpi_get_bit:10:"49979687":500:0
+Test bit getting in 0 (null)
+mbedtls_mpi_get_bit:10:"":500:0
+
Test bit getting (Value bit 24)
mbedtls_mpi_get_bit:10:"49979687":24:0
@@ -976,6 +1624,12 @@
Test bit set (Add above existing limbs with a 1)
mbedtls_mpi_set_bit:10:"49979687":80:1:10:"1208925819614629224685863":0
+Test bit set (Add to 0 (null) with a 0)
+mbedtls_mpi_set_bit:16:"":65:0:16:"":0
+
+Test bit set (Add to 0 (null) with a 1)
+mbedtls_mpi_set_bit:16:"":65:1:16:"020000000000000000":0
+
Test bit set (Bit index larger than 31 with a 0)
mbedtls_mpi_set_bit:16:"FFFFFFFFFFFFFFFF":32:0:16:"FFFFFFFEFFFFFFFF":0
diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index eb918b3..1372668 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -6,6 +6,18 @@
#define MPI_MAX_BITS_LARGER_THAN_792
#endif
+/* Check the validity of the sign bit in an MPI object. Reject representations
+ * that are not supported by the rest of the library and indicate a bug when
+ * constructing the value. */
+static int sign_is_valid( const mbedtls_mpi *X )
+{
+ if( X->s != 1 && X->s != -1 )
+ return( 0 ); // invalid sign bit, e.g. 0
+ if( mbedtls_mpi_bitlen( X ) == 0 && X->s != 1 )
+ return( 0 ); // negative zero
+ return( 1 );
+}
+
typedef struct mbedtls_test_mpi_random
{
data_t *data;
@@ -150,6 +162,7 @@
TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == result_read );
if( result_read == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, output_size, &len ) == result_write );
if( result_write == 0 )
{
@@ -174,6 +187,7 @@
TEST_ASSERT( mbedtls_mpi_read_binary( &X, buf->x, buf->len ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -193,6 +207,7 @@
TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, str, sizeof( str ), &len ) == 0 );
TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 );
@@ -214,7 +229,7 @@
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
buflen = mbedtls_mpi_size( &X );
if( buflen > (size_t) output_size )
@@ -246,7 +261,7 @@
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
buflen = mbedtls_mpi_size( &X );
if( buflen > (size_t) output_size )
@@ -287,6 +302,7 @@
if( result == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
buflen = mbedtls_mpi_size( &X );
TEST_ASSERT( mbedtls_mpi_write_binary( &X, buf, buflen ) == 0 );
@@ -310,7 +326,7 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
file_out = fopen( output_file, "w" );
TEST_ASSERT( file_out != NULL );
@@ -336,7 +352,7 @@
{
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_get_bit( &X, pos ) == val );
exit:
@@ -351,12 +367,13 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, output_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, output_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_set_bit( &X, pos, val ) == result );
if( result == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
}
@@ -371,7 +388,7 @@
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_lsb( &X ) == (size_t) nr_bits );
exit:
@@ -385,7 +402,7 @@
mbedtls_mpi X;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_bitlen( &X ) == (size_t) nr_bits );
exit:
@@ -400,10 +417,11 @@
mbedtls_mpi A, X, Y, Z;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_gcd( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -432,8 +450,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == input_A );
exit:
@@ -451,8 +469,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_grow( &X, size_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_grow( &Y, size_Y ) == 0 );
@@ -473,8 +491,8 @@
mbedtls_mpi X, Y;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_abs( &X, &Y ) == input_A );
exit:
@@ -483,55 +501,125 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_copy_sint( int input_X, int input_Y )
+void mbedtls_mpi_copy( char *src_hex, char *dst_hex )
{
- mbedtls_mpi X, Y;
+ mbedtls_mpi src, dst, ref;
+ mbedtls_mpi_init( &src );
+ mbedtls_mpi_init( &dst );
+ mbedtls_mpi_init( &ref );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &src, 16, src_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ref, 16, dst_hex ) == 0 );
+
+ /* mbedtls_mpi_copy() */
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_copy( &dst, &src ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_assign(), assignment done */
+ mbedtls_mpi_free( &dst );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 1 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &src ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_assign(), assignment not done */
+ mbedtls_mpi_free( &dst );
+ TEST_ASSERT( mbedtls_test_read_mpi( &dst, 16, dst_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &dst, &src, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &dst ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &dst, &ref ) == 0 );
+
+exit:
+ mbedtls_mpi_free( &src );
+ mbedtls_mpi_free( &dst );
+ mbedtls_mpi_free( &ref );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mpi_copy_self( char *input_X )
+{
+ mbedtls_mpi X, A;
+ mbedtls_mpi_init( &A );
+ mbedtls_mpi_init( &X );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
+
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, 16, input_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
+
+exit:
+ mbedtls_mpi_free( &A );
+ mbedtls_mpi_free( &X );
+}
+/* END_CASE */
+
+/* BEGIN_CASE */
+void mbedtls_mpi_swap( char *X_hex, char *Y_hex )
+{
+ mbedtls_mpi X, Y, X0, Y0;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
+ mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y0, 16, Y_hex ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
+ /* mbedtls_mpi_swap() */
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ mbedtls_mpi_swap( &X, &Y );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_swap(), swap done */
+ mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &Y );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
+
+ /* mbedtls_mpi_safe_cond_swap(), swap not done */
+ mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &Y );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, 16, Y_hex ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
+ TEST_ASSERT( sign_is_valid( &Y ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &Y0 ) == 0 );
exit:
mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
+ mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
}
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_copy_binary( data_t *input_X, data_t *input_Y )
+void mpi_swap_self( char *X_hex )
{
- mbedtls_mpi X, Y, X0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &X0 );
+ mbedtls_mpi X, X0;
+ mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, 16, X_hex ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X0, 16, X_hex ) == 0 );
+
+ mbedtls_mpi_swap( &X, &X );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &Y, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_copy_self( int input_X )
-{
- mbedtls_mpi X;
- mbedtls_mpi_init( &X );
-
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &X, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X );
+ mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
}
/* END_CASE */
@@ -542,10 +630,14 @@
mbedtls_mpi_init( &X );
TEST_ASSERT( mbedtls_mpi_grow( &X, before ) == 0 );
- TEST_ASSERT( used <= before );
- memset( X.p, 0x2a, used * sizeof( mbedtls_mpi_uint ) );
+ if( used > 0 )
+ {
+ size_t used_bit_count = used * 8 * sizeof( mbedtls_mpi_uint );
+ TEST_ASSERT( mbedtls_mpi_set_bit( &X, used_bit_count - 1, 1 ) == 0 );
+ }
+ TEST_EQUAL( X.n, (size_t) before );
TEST_ASSERT( mbedtls_mpi_shrink( &X, min ) == 0 );
- TEST_ASSERT( X.n == (size_t) after );
+ TEST_EQUAL( X.n, (size_t) after );
exit:
mbedtls_mpi_free( &X );
@@ -553,139 +645,28 @@
/* END_CASE */
/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_assign( int x_sign, char * x_str, int y_sign,
- char * y_str )
-{
- mbedtls_mpi X, Y, XX;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &XX );
-
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
- X.s = x_sign;
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
- Y.s = y_sign;
- TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_assign( &X, &Y, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y ); mbedtls_mpi_free( &XX );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_safe_cond_swap( int x_sign, char * x_str, int y_sign,
- char * y_str )
-{
- mbedtls_mpi X, Y, XX, YY;
-
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- mbedtls_mpi_init( &XX ); mbedtls_mpi_init( &YY );
-
- TEST_ASSERT( mbedtls_mpi_read_string( &X, 16, x_str ) == 0 );
- X.s = x_sign;
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, 16, y_str ) == 0 );
- Y.s = y_sign;
-
- TEST_ASSERT( mbedtls_mpi_copy( &XX, &X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_copy( &YY, &Y ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &XX ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &YY ) == 0 );
-
- TEST_ASSERT( mbedtls_mpi_safe_cond_swap( &X, &Y, 1 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &XX ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &YY ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
- mbedtls_mpi_free( &XX ); mbedtls_mpi_free( &YY );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_sint( int input_X, int input_Y )
-{
- mbedtls_mpi X, Y;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
-
- TEST_ASSERT( mbedtls_mpi_lset( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_lset( &Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_Y ) == 0 );
-
- mbedtls_mpi_swap( &X, &Y );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &X, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_int( &Y, input_X ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mbedtls_mpi_swap_binary( data_t *input_X, data_t *input_Y )
-{
- mbedtls_mpi X, Y, X0, Y0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y );
- mbedtls_mpi_init( &X0 ); mbedtls_mpi_init( &Y0 );
-
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y, input_Y->x, input_Y->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &Y0, input_Y->x, input_Y->len ) == 0 );
-
- mbedtls_mpi_swap( &X, &Y );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &Y0 ) == 0 );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &X0 ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &Y );
- mbedtls_mpi_free( &X0 ); mbedtls_mpi_free( &Y0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void mpi_swap_self( data_t *input_X )
-{
- mbedtls_mpi X, X0;
- mbedtls_mpi_init( &X ); mbedtls_mpi_init( &X0 );
-
- TEST_ASSERT( mbedtls_mpi_read_binary( &X, input_X->x, input_X->len ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_binary( &X0, input_X->x, input_X->len ) == 0 );
-
- mbedtls_mpi_swap( &X, &X );
- TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &X0 ) == 0 );
-
-exit:
- mbedtls_mpi_free( &X ); mbedtls_mpi_free( &X0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void mbedtls_mpi_add_mpi( int radix_X, char * input_X, int radix_Y,
char * input_Y, int radix_A, char * input_A )
{
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_add_mpi( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -700,18 +681,21 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &X ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &X, 0 ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_mpi( &X, &X, &X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -727,19 +711,22 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_abs( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_add_abs( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_add_abs( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -754,9 +741,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_add_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -771,19 +759,22 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_sub_mpi( &X, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_sub_mpi( &Y, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Y ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
exit:
@@ -800,23 +791,26 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_sub_abs( &Z, &X, &Y );
TEST_ASSERT( res == sub_result );
+ TEST_ASSERT( sign_is_valid( &Z ) );
if( res == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
/* result == first operand */
TEST_ASSERT( mbedtls_mpi_sub_abs( &X, &X, &Y ) == sub_result );
+ TEST_ASSERT( sign_is_valid( &X ) );
if( sub_result == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
/* result == second operand */
TEST_ASSERT( mbedtls_mpi_sub_abs( &Y, &X, &Y ) == sub_result );
+ TEST_ASSERT( sign_is_valid( &Y ) );
if( sub_result == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Y, &A ) == 0 );
@@ -832,9 +826,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_sub_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -849,10 +844,11 @@
mbedtls_mpi X, Y, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_mul_mpi( &Z, &X, &Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
exit:
@@ -868,9 +864,10 @@
mbedtls_mpi X, Z, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_mul_int( &Z, &X, input_Y ) == 0 );
+ TEST_ASSERT( sign_is_valid( &Z ) );
if( strcmp( result_comparison, "==" ) == 0 )
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
else if( strcmp( result_comparison, "!=" ) == 0 )
@@ -893,14 +890,16 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R );
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &B );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 );
res = mbedtls_mpi_div_mpi( &Q, &R, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Q ) );
+ TEST_ASSERT( sign_is_valid( &R ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
}
@@ -921,13 +920,15 @@
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Q ); mbedtls_mpi_init( &R ); mbedtls_mpi_init( &A );
mbedtls_mpi_init( &B );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &B, radix_B, input_B ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &B, radix_B, input_B ) == 0 );
res = mbedtls_mpi_div_int( &Q, &R, &X, input_Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Q ) );
+ TEST_ASSERT( sign_is_valid( &R ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Q, &A ) == 0 );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &R, &B ) == 0 );
}
@@ -947,13 +948,14 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_mod_mpi( &X, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
}
@@ -971,7 +973,7 @@
mbedtls_mpi_uint r;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
res = mbedtls_mpi_mod_int( &r, &X, input_Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
@@ -987,26 +989,41 @@
/* BEGIN_CASE */
void mbedtls_mpi_exp_mod( int radix_A, char * input_A, int radix_E,
char * input_E, int radix_N, char * input_N,
- int radix_RR, char * input_RR, int radix_X,
- char * input_X, int div_result )
+ int radix_X, char * input_X, int exp_result )
{
mbedtls_mpi A, E, N, RR, Z, X;
int res;
mbedtls_mpi_init( &A ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &N );
mbedtls_mpi_init( &RR ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
- if( strlen( input_RR ) )
- TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
-
- res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
- TEST_ASSERT( res == div_result );
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, NULL );
+ TEST_ASSERT( res == exp_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Z ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
+ }
+
+ /* Now test again with the speed-up parameter supplied as an output. */
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
+ TEST_ASSERT( res == exp_result );
+ if( res == 0 )
+ {
+ TEST_ASSERT( sign_is_valid( &Z ) );
+ TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
+ }
+
+ /* Now test again with the speed-up parameter supplied in calculated form. */
+ res = mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR );
+ TEST_ASSERT( res == exp_result );
+ if( res == 0 )
+ {
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &X ) == 0 );
}
@@ -1040,7 +1057,7 @@
TEST_ASSERT( mbedtls_mpi_set_bit( &N, 0, 1 ) == 0 );
if( strlen( input_RR ) )
- TEST_ASSERT( mbedtls_mpi_read_string( &RR, radix_RR, input_RR ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &RR, radix_RR, input_RR ) == 0 );
TEST_ASSERT( mbedtls_mpi_exp_mod( &Z, &A, &E, &N, &RR ) == exp_result );
@@ -1059,13 +1076,14 @@
int res;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &Y ); mbedtls_mpi_init( &Z ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Y, radix_Y, input_Y ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Y, radix_Y, input_Y ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
res = mbedtls_mpi_inv_mod( &Z, &X, &Y );
TEST_ASSERT( res == div_result );
if( res == 0 )
{
+ TEST_ASSERT( sign_is_valid( &Z ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &Z, &A ) == 0 );
}
@@ -1081,7 +1099,7 @@
int res;
mbedtls_mpi_init( &X );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
res = mbedtls_mpi_is_prime_ext( &X, 40, mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == div_result );
@@ -1141,6 +1159,7 @@
TEST_ASSERT( actual_bits >= (size_t) bits );
TEST_ASSERT( actual_bits <= (size_t) bits + 1 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_is_prime_ext( &X, 40,
mbedtls_test_rnd_std_rand,
@@ -1167,9 +1186,10 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_shift_l( &X, shift_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -1184,9 +1204,10 @@
mbedtls_mpi X, A;
mbedtls_mpi_init( &X ); mbedtls_mpi_init( &A );
- TEST_ASSERT( mbedtls_mpi_read_string( &X, radix_X, input_X ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &A, radix_A, input_A ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &X, radix_X, input_X ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &A, radix_A, input_A ) == 0 );
TEST_ASSERT( mbedtls_mpi_shift_r( &X, shift_X ) == 0 );
+ TEST_ASSERT( sign_is_valid( &X ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &X, &A ) == 0 );
exit:
@@ -1228,6 +1249,7 @@
TEST_ASSERT( mbedtls_mpi_size( &X ) + leading_zeros ==
(size_t) wanted_bytes );
TEST_ASSERT( (int) bytes_left == rng_bytes - wanted_bytes );
+ TEST_ASSERT( sign_is_valid( &X ) );
}
exit:
@@ -1285,6 +1307,7 @@
TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
mbedtls_test_rnd_std_rand, NULL ) );
+ TEST_ASSERT( sign_is_valid( &result ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
if( full_stats )
@@ -1366,6 +1389,7 @@
bound_bytes->x, bound_bytes->len ) );
TEST_EQUAL( 0, mbedtls_mpi_random( &result, min, &upper_bound,
mbedtls_test_rnd_std_rand, NULL ) );
+ TEST_ASSERT( sign_is_valid( &result ) );
TEST_ASSERT( mbedtls_mpi_cmp_mpi( &result, &upper_bound ) < 0 );
TEST_ASSERT( mbedtls_mpi_cmp_int( &result, min ) >= 0 );
diff --git a/tests/suites/test_suite_nist_kw.data b/tests/suites/test_suite_nist_kw.data
index d0178b6..ec82824 100644
--- a/tests/suites/test_suite_nist_kw.data
+++ b/tests/suites/test_suite_nist_kw.data
@@ -20,9 +20,9 @@
depends_on:MBEDTLS_AES_C
mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_AES:224:1:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
-NIST KW init #5 BLOWFISH-128: bad cipher
-depends_on:MBEDTLS_BLOWFISH_C
-mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_BLOWFISH:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
+NIST KW init #5 3DES: bad cipher
+depends_on:MBEDTLS_DES_C
+mbedtls_nist_kw_setkey:MBEDTLS_CIPHER_ID_3DES:128:0:MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
NIST KW lengths #1 KW plaintext OK (2 to 2^54 - 1 semiblocks)
nist_kw_plaintext_lengths:16:24:MBEDTLS_KW_MODE_KW:0
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index c7c5f50..6e93bc6 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -177,7 +177,8 @@
/* unsupported functions: check_pair, debug */
TEST_ASSERT( mbedtls_pk_setup( &pk2,
mbedtls_pk_info_from_type( MBEDTLS_PK_ECKEY ) ) == 0 );
- TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2 )
+ TEST_ASSERT( mbedtls_pk_check_pair( &pk, &pk2,
+ mbedtls_test_rnd_std_rand, NULL )
== MBEDTLS_ERR_PK_TYPE_MISMATCH );
TEST_ASSERT( mbedtls_pk_debug( &pk, &dbg )
== MBEDTLS_ERR_PK_TYPE_MISMATCH );
@@ -278,7 +279,8 @@
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#if defined(MBEDTLS_PK_PARSE_C)
- TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1 ) ==
+ TEST_ASSERT( mbedtls_pk_parse_key( &pk, NULL, 0, NULL, 1,
+ mbedtls_test_rnd_std_rand, NULL ) ==
MBEDTLS_ERR_PK_KEY_INVALID_FORMAT );
TEST_ASSERT( mbedtls_pk_parse_public_key( &pk, NULL, 0 ) ==
@@ -295,8 +297,8 @@
/* For the write tests to be effective, we need a valid key pair. */
mbedtls_pk_init( &pk );
TEST_ASSERT( mbedtls_pk_parse_key( &pk,
- key_data->x, key_data->len,
- NULL, 0 ) == 0 );
+ key_data->x, key_data->len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_write_key_der( &pk, NULL, 0 ) ==
MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
@@ -348,9 +350,13 @@
mbedtls_pk_init( &alt );
TEST_ASSERT( mbedtls_pk_parse_public_keyfile( &pub, pub_file ) == 0 );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &prv, prv_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL )
+ == 0 );
- TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv ) == ret );
+ TEST_ASSERT( mbedtls_pk_check_pair( &pub, &prv,
+ mbedtls_test_rnd_std_rand, NULL )
+ == ret );
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
if( mbedtls_pk_get_type( &prv ) == MBEDTLS_PK_RSA )
@@ -358,7 +364,9 @@
TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &alt, mbedtls_pk_rsa( prv ),
mbedtls_rsa_decrypt_func, mbedtls_rsa_sign_func,
mbedtls_rsa_key_len_func ) == 0 );
- TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt ) == ret );
+ TEST_ASSERT( mbedtls_pk_check_pair( &pub, &alt,
+ mbedtls_test_rnd_std_rand, NULL )
+ == ret );
}
#endif
@@ -395,8 +403,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
if( mbedtls_md_info_from_type( digest ) != NULL )
@@ -438,8 +446,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
if( digest != MBEDTLS_MD_NONE )
@@ -527,7 +535,7 @@
TEST_ASSERT( mbedtls_pk_setup( &prv, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( prv )->grp, grp_id ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &mbedtls_pk_ec( prv )->d, 16, d_str ) == 0 );
TEST_ASSERT( mbedtls_pk_setup( &pub, mbedtls_pk_info_from_type( pk_type ) ) == 0 );
TEST_ASSERT( mbedtls_ecp_group_load( &mbedtls_pk_ec( pub )->grp, grp_id ) == 0 );
@@ -714,8 +722,8 @@
rsa = mbedtls_pk_rsa( pk );
rsa->len = mod / 8;
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &rsa->E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &rsa->E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_pk_encrypt( &pk, message->x, message->len,
output, &olen, sizeof( output ),
@@ -753,12 +761,12 @@
rsa = mbedtls_pk_rsa( pk );
/* load public key */
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
/* load private key */
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( rsa, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( rsa ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( rsa ) == 0 );
diff --git a/tests/suites/test_suite_pkcs1_v15.function b/tests/suites/test_suite_pkcs1_v15.function
index 3d29f10..6f859d5 100644
--- a/tests/suites/test_suite_pkcs1_v15.function
+++ b/tests/suites/test_suite_pkcs1_v15.function
@@ -30,8 +30,8 @@
MBEDTLS_RSA_PKCS_V15, hash ) == 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -80,10 +80,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -289,10 +289,10 @@
memset( hash_result, 0x00, sizeof( hash_result ) );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
@@ -338,8 +338,8 @@
MBEDTLS_RSA_PKCS_V15, hash ) == 0 );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( ( mod + 7 ) / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
diff --git a/tests/suites/test_suite_pkparse.data b/tests/suites/test_suite_pkparse.data
index 1f73aac..1172b30 100644
--- a/tests/suites/test_suite_pkparse.data
+++ b/tests/suites/test_suite_pkparse.data
@@ -170,54 +170,6 @@
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_2des.der":"PolarSSLTest":0
-Parse RSA Key #32 (PKCS#8 encrypted SHA1-RC4-128)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"PolarSSLTest":0
-
-Parse RSA Key #32.1 (PKCS#8 encrypted SHA1-RC4-128, wrong PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
-
-Parse RSA Key #32.2 (PKCS#8 encrypted SHA1-RC4-128, no PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
-
-Parse RSA Key #33 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"PolarSSLTest":0
-
-Parse RSA Key #33.1 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit, wrong PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
-
-Parse RSA Key #33.2 (PKCS#8 encrypted SHA1-RC4-128, 2048-bit, no PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
-
-Parse RSA Key #34 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"PolarSSLTest":0
-
-Parse RSA Key #34.1 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit, wrong PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"PolarSSLTe":MBEDTLS_ERR_PK_PASSWORD_MISMATCH
-
-Parse RSA Key #34.2 (PKCS#8 encrypted SHA1-RC4-128, 4096-bit, no PW)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS12_C
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.pem":"":MBEDTLS_ERR_PK_PASSWORD_REQUIRED
-
-Parse RSA Key #35 (PKCS#8 encrypted SHA1-RC4-128 DER)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_1024_rc4_128.der":"PolarSSLTest":0
-
-Parse RSA Key #36 (PKCS#8 encrypted SHA1-RC4-128 DER, 2048-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_2048_rc4_128.der":"PolarSSLTest":0
-
-Parse RSA Key #37 (PKCS#8 encrypted SHA1-RC4-128 DER, 4096-bit)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PKCS12_C:MBEDTLS_CIPHER_MODE_CBC
-pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbe_sha1_4096_rc4_128.der":"PolarSSLTest":0
-
Parse RSA Key #38 (PKCS#8 encrypted v2 PBKDF2 3DES)
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_PKCS5_C:MBEDTLS_CIPHER_MODE_CBC
pk_parse_keyfile_rsa:"data_files/rsa_pkcs8_pbes2_pbkdf2_1024_3des.pem":"PolarSSLTest":0
@@ -1032,14 +984,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0
-Parse EC Key #6 (PKCS8 encrypted DER)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0
-
-Parse EC Key #7 (PKCS8 encrypted PEM)
-depends_on:MBEDTLS_ARC4_C:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
-pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.pem":"polar":0
-
Parse EC Key #8 (SEC1 PEM, secp224r1)
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP224R1_ENABLED
pk_parse_keyfile_ec:"data_files/ec_224_prv.pem":"NULL":0
diff --git a/tests/suites/test_suite_pkparse.function b/tests/suites/test_suite_pkparse.function
index 4650d33..4c7f3d2 100644
--- a/tests/suites/test_suite_pkparse.function
+++ b/tests/suites/test_suite_pkparse.function
@@ -21,7 +21,8 @@
if( strcmp( pwd, "NULL" ) == 0 )
pwd = NULL;
- res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd );
+ res = mbedtls_pk_parse_keyfile( &ctx, key_file, pwd,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == result );
@@ -96,7 +97,8 @@
mbedtls_pk_init( &ctx );
- res = mbedtls_pk_parse_keyfile( &ctx, key_file, password );
+ res = mbedtls_pk_parse_keyfile( &ctx, key_file, password,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( res == result );
@@ -120,7 +122,8 @@
mbedtls_pk_init( &pk );
- TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0 ) == result );
+ TEST_ASSERT( mbedtls_pk_parse_key( &pk, buf->x, buf->len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL ) == result );
exit:
mbedtls_pk_free( &pk );
diff --git a/tests/suites/test_suite_pkwrite.function b/tests/suites/test_suite_pkwrite.function
index 2bad4ed..d1e029a 100644
--- a/tests/suites/test_suite_pkwrite.function
+++ b/tests/suites/test_suite_pkwrite.function
@@ -63,7 +63,8 @@
memset( check_buf, 0, sizeof( check_buf ) );
mbedtls_pk_init( &key );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
ret = mbedtls_pk_write_key_pem( &key, buf, sizeof( buf ));
TEST_ASSERT( ret == 0 );
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 3af4473..1a8bbd6 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1000,14 +1000,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_setup:PSA_ALG_SHA_512:PSA_SUCCESS
-PSA hash setup: good, MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_setup:PSA_ALG_MD2:PSA_SUCCESS
-
-PSA hash setup: good, MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_setup:PSA_ALG_MD4:PSA_SUCCESS
-
PSA hash setup: good, MD5
depends_on:PSA_WANT_ALG_MD5
hash_setup:PSA_ALG_MD5:PSA_SUCCESS
@@ -1109,14 +1101,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_compute_compare:PSA_ALG_SHA_512:"de4c90":"33ce98281045a5c4c9df0363d8196f1d7dfcd5ee46ac89776fd8a4344c12f123a66788af5bd41ceff1941aa5637654b4064c88c14e00465ab79a2fc6c97e1014"
-PSA hash compute: good, MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_compute_compare:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash compute: good, MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_compute_compare:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
PSA hash compute: good, MD5
depends_on:PSA_WANT_ALG_MD5
hash_compute_compare:PSA_ALG_MD5:"616263":"900150983cd24fb0d6963f7d28e17f72"
@@ -1147,8 +1131,8 @@
mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: bad algorithm (unsupported HMAC hash algorithm)
-depends_on:!PSA_WANT_ALG_MD2
-mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD2):PSA_ERROR_NOT_SUPPORTED
+depends_on:!PSA_WANT_ALG_MD5
+mac_setup:PSA_KEY_TYPE_HMAC:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_MD5):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: bad algorithm (not a MAC algorithm)
depends_on:PSA_WANT_ALG_CBC_NO_PADDING:PSA_WANT_KEY_TYPE_AES
@@ -1410,10 +1394,10 @@
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
cipher_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
-PSA cipher setup: incompatible key ARC4 for CTR
+PSA cipher setup: incompatible key ChaCha20 for CTR
depends_on:MBEDTLS_ARC4_C:MBEDTLS_CIPHER_MODE_CTR
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here
-cipher_setup:PSA_KEY_TYPE_ARC4:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
+cipher_setup:PSA_KEY_TYPE_CHACHA20:"000102030405060708090a0b0c0d0e0f10111213141516171819202122232425":PSA_ALG_CTR:PSA_ERROR_NOT_SUPPORTED
PSA cipher: bad order function calls
cipher_bad_order:
@@ -2777,6 +2761,22 @@
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+PSA key derivation: HKDF-SHA-256, good case, omitted salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, info first
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, info after salt
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: HKDF-SHA-256, good case, omitted salt, info first
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
PSA key derivation: HKDF-SHA-256, good case, key output
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
@@ -2811,6 +2811,10 @@
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+PSA key derivation: HKDF-SHA-256, missing secret, key output
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_ERROR_NOT_PERMITTED
+
PSA key derivation: HKDF-SHA-256, RAW_DATA key as salt
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_RAW_DATA:"412073616c74":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
@@ -2833,14 +2837,94 @@
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_DERIVE:"4120696e666f":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+PSA key derivation: HKDF-SHA-256, salt after secret
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, missing secret
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, missing info
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate salt step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, direct)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (direct, key)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (key, direct)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_NONE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate secret step (key, key)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0a0a0a0a":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate info step (non-consecutive)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, duplicate info step (consecutive)
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, reject label step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: HKDF-SHA-256, reject seed step
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
+derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_INVALID_ARGUMENT:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
PSA key derivation: TLS 1.2 PRF SHA-256, good case
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_DERIVE:PSA_SUCCESS
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, good case
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: TLS 1.2 PRF SHA-256, missing label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, missing label and secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, missing label and secret
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: TLS 1.2 PRF SHA-256, no inputs
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
+derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, no inputs
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
PSA key derivation: TLS 1.2 PRF SHA-256, key first
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+PSA key derivation: ECDH with TLS 1.2 PRF SHA-256, key first
+depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF:PSA_WANT_ALG_ECDH:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
PSA key derivation: TLS 1.2 PRF SHA-256, label first
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
derive_input:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_LABEL:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_SEED:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
@@ -2893,20 +2977,36 @@
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+PSA key derivation: ECDH on P256 with HKDF-SHA256, omitted salt
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):0:UNUSED:"":UNUSED:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, info first
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_TYPE_NONE:PSA_SUCCESS
+
PSA key derivation: ECDH on P256 with HKDF-SHA256, key output
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_TYPE_RAW_DATA:PSA_SUCCESS
-PSA key derivation: HKDF invalid state (double generate + read past capacity)
+PSA key derivation: ECDH on P256 with HKDF-SHA256, salt after secret
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_DERIVATION_INPUT_INFO:PSA_KEY_TYPE_NONE:"":PSA_ERROR_BAD_STATE:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation: ECDH on P256 with HKDF-SHA256, missing info
+depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:MBEDTLS_PK_PARSE_C:PSA_WANT_ECC_SECP_R1_256
+derive_input:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_KEY_DERIVATION_INPUT_SALT:PSA_KEY_TYPE_NONE:"":PSA_SUCCESS:PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"c88f01f510d9ac3f70a292daa2316de544e9aab8afe84049c62a9c57862d1433":PSA_SUCCESS:0:UNUSED:"":UNUSED:PSA_KEY_TYPE_NONE:PSA_ERROR_BAD_STATE
+
+PSA key derivation over capacity: HKDF
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
-test_derive_invalid_key_derivation_state:PSA_ALG_HKDF(PSA_ALG_SHA_256)
+derive_over_capacity:PSA_ALG_HKDF(PSA_ALG_SHA_256)
-PSA key derivation: TLS 1.2 PRF invalid state (double generate + read past capacity)
+PSA key derivation over capacity: TLS 1.2 PRF
depends_on:PSA_WANT_ALG_SHA_256:PSA_WANT_ALG_TLS12_PRF
-test_derive_invalid_key_derivation_state:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
+derive_over_capacity:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256)
-PSA key derivation: invalid state (call read/get_capacity after init and abort)
-test_derive_invalid_key_derivation_tests:
+PSA key derivation: actions without setup
+derive_actions_without_setup:
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5b5531f..33e7c95 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -16,6 +16,9 @@
#include "test/psa_crypto_helpers.h"
#include "test/psa_exercise_key.h"
+/* If this comes up, it's a bug in the test code or in the test data. */
+#define UNUSED 0xdeadbeef
+
/** An invalid export length that will never be set by psa_export_key(). */
static const size_t INVALID_EXPORT_LENGTH = ~0U;
@@ -1984,7 +1987,21 @@
mbedtls_test_set_step( output_size );
ASSERT_ALLOC( actual_mac, output_size );
- /* Calculate the MAC. */
+ /* Calculate the MAC, one-shot case. */
+ TEST_EQUAL( psa_mac_compute( key, alg,
+ input->x, input->len,
+ actual_mac, output_size, &mac_length ),
+ expected_status );
+ if( expected_status == PSA_SUCCESS )
+ {
+ ASSERT_COMPARE( expected_mac->x, expected_mac->len,
+ actual_mac, mac_length );
+ }
+
+ if( output_size > 0 )
+ memset( actual_mac, 0, output_size );
+
+ /* Calculate the MAC, multi-part case. */
PSA_ASSERT( psa_mac_sign_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2036,7 +2053,11 @@
PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len,
&key ) );
- /* Test the correct MAC. */
+ /* Verify correct MAC, one-shot case. */
+ PSA_ASSERT( psa_mac_verify( key, alg, input->x, input->len,
+ expected_mac->x, expected_mac->len ) );
+
+ /* Verify correct MAC, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2044,7 +2065,14 @@
expected_mac->x,
expected_mac->len ) );
- /* Test a MAC that's too short. */
+ /* Test a MAC that's too short, one-shot case. */
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ expected_mac->x,
+ expected_mac->len - 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* Test a MAC that's too short, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2053,9 +2081,15 @@
expected_mac->len - 1 ),
PSA_ERROR_INVALID_SIGNATURE );
- /* Test a MAC that's too long. */
+ /* Test a MAC that's too long, one-shot case. */
ASSERT_ALLOC( perturbed_mac, expected_mac->len + 1 );
memcpy( perturbed_mac, expected_mac->x, expected_mac->len );
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ perturbed_mac, expected_mac->len + 1 ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
+ /* Test a MAC that's too long, multi-part case. */
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -2069,6 +2103,12 @@
{
mbedtls_test_set_step( i );
perturbed_mac[i] ^= 1;
+
+ TEST_EQUAL( psa_mac_verify( key, alg,
+ input->x, input->len,
+ perturbed_mac, expected_mac->len ),
+ PSA_ERROR_INVALID_SIGNATURE );
+
PSA_ASSERT( psa_mac_verify_setup( &operation, key, alg ) );
PSA_ASSERT( psa_mac_update( &operation,
input->x, input->len ) );
@@ -4027,7 +4067,12 @@
for( i = 0; i < ARRAY_LENGTH( steps ); i++ )
{
- if( key_types[i] != PSA_KEY_TYPE_NONE )
+ mbedtls_test_set_step( i );
+ if( steps[i] == 0 )
+ {
+ /* Skip this step */
+ }
+ else if( key_types[i] != PSA_KEY_TYPE_NONE )
{
psa_set_key_type( &attributes, key_types[i] );
PSA_ASSERT( psa_import_key( &attributes,
@@ -4086,7 +4131,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_derive_invalid_key_derivation_state( int alg_arg )
+void derive_over_capacity( int alg_arg )
{
psa_algorithm_t alg = alg_arg;
mbedtls_svc_key_id_t key = MBEDTLS_SVC_KEY_ID_INIT;
@@ -4137,7 +4182,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_derive_invalid_key_derivation_tests( )
+void derive_actions_without_setup( )
{
uint8_t output_buffer[16];
size_t buffer_size = 16;
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index e86309b..3a9eff9 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -1118,7 +1118,31 @@
ASSERT_ALLOC( actual_mac, mac_buffer_size );
mbedtls_test_driver_mac_hooks.forced_status = forced_status;
- /* Calculate the MAC. */
+ /*
+ * Calculate the MAC, one-shot case.
+ */
+ status = psa_mac_compute( key, alg,
+ input->x, input->len,
+ actual_mac, mac_buffer_size,
+ &mac_length );
+
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ if( mac_buffer_size > 0 )
+ memset( actual_mac, 0, mac_buffer_size );
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Calculate the MAC, multipart case.
+ */
status = psa_mac_sign_setup( &operation, key, alg );
TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
@@ -1214,7 +1238,27 @@
mbedtls_test_driver_mac_hooks.forced_status = forced_status;
- /* Test the correct MAC. */
+ /*
+ * Verify the MAC, one-shot case.
+ */
+ status = psa_mac_verify( key, alg,
+ input->x, input->len,
+ expected_mac->x, expected_mac->len );
+ TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
+ if( forced_status == PSA_SUCCESS ||
+ forced_status == PSA_ERROR_NOT_SUPPORTED )
+ {
+ PSA_ASSERT( status );
+ }
+ else
+ TEST_EQUAL( forced_status, status );
+
+ mbedtls_test_driver_mac_hooks = mbedtls_test_driver_mac_hooks_init();
+ mbedtls_test_driver_mac_hooks.forced_status = forced_status;
+
+ /*
+ * Verify the MAC, multi-part case.
+ */
status = psa_mac_verify_setup( &operation, key, alg );
TEST_EQUAL( mbedtls_test_driver_mac_hooks.hits, 1 );
diff --git a/tests/suites/test_suite_psa_crypto_hash.data b/tests/suites/test_suite_psa_crypto_hash.data
index 67158d0..9f51339 100644
--- a/tests/suites/test_suite_psa_crypto_hash.data
+++ b/tests/suites/test_suite_psa_crypto_hash.data
@@ -158,62 +158,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_finish:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-PSA hash finish: MD2 Test vector RFC1319 #1
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
-
-PSA hash finish: MD2 Test vector RFC1319 #2
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-PSA hash finish: MD2 Test vector RFC1319 #3
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash finish: MD2 Test vector RFC1319 #4
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
-
-PSA hash finish: MD2 Test vector RFC1319 #5
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
-
-PSA hash finish: MD2 Test vector RFC1319 #6
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
-
-PSA hash finish: MD2 Test vector RFC1319 #7
-depends_on:PSA_WANT_ALG_MD2
-hash_finish:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-PSA hash finish: MD4 Test vector RFC1320 #1
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-PSA hash finish: MD4 Test vector RFC1320 #2
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
-
-PSA hash finish: MD4 Test vector RFC1320 #3
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash finish: MD4 Test vector RFC1320 #4
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
-
-PSA hash finish: MD4 Test vector RFC1320 #5
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-PSA hash finish: MD4 Test vector RFC1320 #6
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
-
-PSA hash finish: MD4 Test vector RFC1320 #7
-depends_on:PSA_WANT_ALG_MD4
-hash_finish:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
PSA hash finish: MD5 Test vector RFC1321 #1
depends_on:PSA_WANT_ALG_MD5
hash_finish:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
@@ -294,14 +238,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_verify:PSA_ALG_SHA_512:"bd":"296e2267d74c278daaaa940d17b0cfb74a5083f8e069726d8c841cbe596e0431cb7741a5b50f71666cfd54bacb7b00aea891499cf4ef6a03c8a83fe37c3f7baf"
-PSA hash verify: MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_verify:PSA_ALG_MD2:"bd":"8c9c17665d25b35fc413c41805c679cf"
-
-PSA hash verify: MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_verify:PSA_ALG_MD4:"bd":"18c33f97297efe5f8a732258289fda25"
-
PSA hash verify: MD5
depends_on:PSA_WANT_ALG_MD5
hash_verify:PSA_ALG_MD5:"bd":"abae57cb562ecf295b4a37a76efe61fb"
@@ -470,62 +406,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_multi_part:PSA_ALG_SHA_512:"990d1ae71a62d7bda9bfdaa1762a68d296eee72a4cd946f287a898fbabc002ea941fd8d4d991030b4d27a637cce501a834bb95eab1b7889a3e784c7968e67cbf552006b206b68f76d9191327524fcc251aeb56af483d10b4e0c6c5e599ee8c0fe4faeca8293844a8547c6a9a90d093f2526873a19ad4a5e776794c68c742fb834793d2dfcb7fea46c63af4b70fd11cb6e41834e72ee40edb067b292a794990c288d5007e73f349fb383af6a756b8301ad6e5e0aa8cd614399bb3a452376b1575afa6bdaeaafc286cb064bb91edef97c632b6c1113d107fa93a0905098a105043c2f05397f702514439a08a9e5ddc196100721d45c8fc17d2ed659376f8a00bd5cb9a0860e26d8a29d8d6aaf52de97e9346033d6db501a35dbbaf97c20b830cd2d18c2532f3a59cc497ee64c0e57d8d060e5069b28d86edf1adcf59144b221ce3ddaef134b3124fbc7dd000240eff0f5f5f41e83cd7f5bb37c9ae21953fe302b0f6e8b68fa91c6ab99265c64b2fd9cd4942be04321bb5d6d71932376c6f2f88e02422ba6a5e2cb765df93fd5dd0728c6abdaf03bce22e0678a544e2c3636f741b6f4447ee58a8fc656b43ef817932176adbfc2e04b2c812c273cd6cbfa4098f0be036a34221fa02643f5ee2e0b38135f2a18ecd2f16ebc45f8eb31b8ab967a1567ee016904188910861ca1fa205c7adaa194b286893ffe2f4fbe0384c2aef72a4522aeafd3ebc71f9db71eeeef86c48394a1c86d5b36c352cc33a0a2c800bc99e62fd65b3a2fd69e0b53996ec13d8ce483ce9319efd9a85acefabdb5342226febb83fd1daf4b24265f50c61c6de74077ef89b6fecf9f29a1f871af1e9f89b2d345cda7499bd45c42fa5d195a1e1a6ba84851889e730da3b2b916e96152ae0c92154b49719841db7e7cc707ba8a5d7b101eb4ac7b629bb327817910fff61580b59aab78182d1a2e33473d05b00b170b29e331870826cfe45af206aa7d0246bbd8566ca7cfb2d3c10bfa1db7dd48dd786036469ce7282093d78b5e1a5b0fc81a54c8ed4ceac1e5305305e78284ac276f5d7862727aff246e17addde50c670028d572cbfc0be2e4f8b2eb28fa68ad7b4c6c2a239c460441bfb5ea049f23b08563b4e47729a59e5986a61a6093dbd54f8c36ebe87edae01f251cb060ad1364ce677d7e8d5a4a4ca966a7241cc360bc2acb280e5f9e9c1b032ad6a180a35e0c5180b9d16d026c865b252098cc1d99ba7375ca31c7702c0d943d5e3dd2f6861fa55bd46d94b67ed3e52eccd8dd06d968e01897d6de97ed3058d91dd":"8e4bc6f8b8c60fe4d68c61d9b159c8693c3151c46749af58da228442d927f23359bd6ccd6c2ec8fa3f00a86cecbfa728e1ad60b821ed22fcd309ba91a4138bc9"
-PSA hash multi part: MD2 Test vector RFC1319 #1
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"":"8350e5a3e24c153df2275c9f80692773"
-
-PSA hash multi part: MD2 Test vector RFC1319 #2
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"61":"32ec01ec4a6dac72c0ab96fb34c0b5d1"
-
-PSA hash multi part: MD2 Test vector RFC1319 #3
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"616263":"da853b0d3f88d99b30283a69e6ded6bb"
-
-PSA hash multi part: MD2 Test vector RFC1319 #4
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"6d65737361676520646967657374":"ab4f496bfb2a530b219ff33031fe06b0"
-
-PSA hash multi part: MD2 Test vector RFC1319 #5
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"4e8ddff3650292ab5a4108c3aa47940b"
-
-PSA hash multi part: MD2 Test vector RFC1319 #6
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"da33def2a42df13975352846c30338cd"
-
-PSA hash multi part: MD2 Test vector RFC1319 #7
-depends_on:PSA_WANT_ALG_MD2
-hash_multi_part:PSA_ALG_MD2:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"d5976f79d83d3a0dc9806c3c66f3efd8"
-
-PSA hash multi part: MD4 Test vector RFC1320 #1
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"":"31d6cfe0d16ae931b73c59d7e0c089c0"
-
-PSA hash multi part: MD4 Test vector RFC1320 #2
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"61":"bde52cb31de33e46245e05fbdbd6fb24"
-
-PSA hash multi part: MD4 Test vector RFC1320 #3
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"616263":"a448017aaf21d8525fc10ae87aa6729d"
-
-PSA hash multi part: MD4 Test vector RFC1320 #4
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"6d65737361676520646967657374":"d9130a8164549fe818874806e1c7014b"
-
-PSA hash multi part: MD4 Test vector RFC1320 #5
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"6162636465666768696a6b6c6d6e6f707172737475767778797a":"d79e1c308aa5bbcdeea8ed63df412da9"
-
-PSA hash multi part: MD4 Test vector RFC1320 #6
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839":"043f8582f241db351ce627e153e7f0e4"
-
-PSA hash multi part: MD4 Test vector RFC1320 #7
-depends_on:PSA_WANT_ALG_MD4
-hash_multi_part:PSA_ALG_MD4:"3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930":"e33b4ddc9c38f2199c3e7b164fcc0536"
-
PSA hash multi part: MD5 Test vector RFC1321 #1
depends_on:PSA_WANT_ALG_MD5
hash_multi_part:PSA_ALG_MD5:"":"d41d8cd98f00b204e9800998ecf8427e"
diff --git a/tests/suites/test_suite_psa_crypto_init.function b/tests/suites/test_suite_psa_crypto_init.function
index d612548..9f72b47 100644
--- a/tests/suites/test_suite_psa_crypto_init.function
+++ b/tests/suites/test_suite_psa_crypto_init.function
@@ -85,12 +85,6 @@
MBEDTLS_ENTROPY_MIN_PLATFORM,
MBEDTLS_ENTROPY_SOURCE_STRONG );
#endif
-#if defined(MBEDTLS_TIMING_C)
- if( custom_entropy_sources_mask & ENTROPY_SOURCE_TIMING )
- mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL,
- MBEDTLS_ENTROPY_MIN_HARDCLOCK,
- MBEDTLS_ENTROPY_SOURCE_WEAK );
-#endif
#if defined(MBEDTLS_ENTROPY_HARDWARE_ALT)
if( custom_entropy_sources_mask & ENTROPY_SOURCE_HARDWARE )
mbedtls_entropy_add_source( ctx, mbedtls_hardware_poll, NULL,
diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data
index 22056b0..a3668fc 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.data
+++ b/tests/suites/test_suite_psa_crypto_metadata.data
@@ -1,11 +1,3 @@
-Hash: MD2
-depends_on:PSA_WANT_ALG_MD2
-hash_algorithm:PSA_ALG_MD2:16
-
-Hash: MD4
-depends_on:PSA_WANT_ALG_MD4
-hash_algorithm:PSA_ALG_MD4:16
-
Hash: MD5
depends_on:PSA_WANT_ALG_MD5
hash_algorithm:PSA_ALG_MD5:16
@@ -34,14 +26,6 @@
depends_on:PSA_WANT_ALG_SHA_512
hash_algorithm:PSA_ALG_SHA_512:64
-MAC: HMAC-MD2
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD2
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD2 ):16:64
-
-MAC: HMAC-MD4
-depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD4
-hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD4 ):16:64
-
MAC: HMAC-MD5
depends_on:PSA_WANT_ALG_HMAC:PSA_WANT_ALG_MD5
hmac_algorithm:PSA_ALG_HMAC( PSA_ALG_MD5 ):16:64
@@ -319,10 +303,6 @@
depends_on:PSA_WANT_KEY_TYPE_CAMELLIA
block_cipher_key_type:PSA_KEY_TYPE_CAMELLIA:16
-Stream cipher key type: ARC4
-depends_on:PSA_WANT_KEY_TYPE_ARC4
-stream_cipher_key_type:PSA_KEY_TYPE_ARC4
-
Stream cipher key type: ChaCha20
depends_on:PSA_WANT_KEY_TYPE_CHACHA20
stream_cipher_key_type:PSA_KEY_TYPE_CHACHA20
@@ -364,3 +344,39 @@
DH group family: RFC 7919
dh_key_family:PSA_DH_FAMILY_RFC7919
+
+Lifetime: VOLATILE
+lifetime:PSA_KEY_LIFETIME_VOLATILE:KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: PERSISTENT
+lifetime:PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: default, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, PSA_KEY_LOCATION_LOCAL_STORAGE):0:PSA_KEY_PERSISTENCE_DEFAULT:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 2, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):0:2:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: 254, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, PSA_KEY_LOCATION_LOCAL_STORAGE):0:254:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: read-only, local storage
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:PSA_KEY_LOCATION_LOCAL_STORAGE
+
+Lifetime: volatile, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0x123456):KEY_LIFETIME_IS_VOLATILE:PSA_KEY_PERSISTENCE_VOLATILE:0x123456
+
+Lifetime: default, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0x123456):0:PSA_KEY_PERSISTENCE_DEFAULT:0x123456
+
+Lifetime: 2, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, 0x123456):0:2:0x123456
+
+Lifetime: 254, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(254, 0x123456):0:254:0x123456
+
+Lifetime: read-only, 0x123456
+lifetime:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, 0x123456):KEY_LIFETIME_IS_READ_ONLY:PSA_KEY_PERSISTENCE_READ_ONLY:0x123456
diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function
index 3ed08a6..4790be6 100644
--- a/tests/suites/test_suite_psa_crypto_metadata.function
+++ b/tests/suites/test_suite_psa_crypto_metadata.function
@@ -55,8 +55,21 @@
#define KEY_TYPE_IS_ECC ( 1u << 6 )
#define KEY_TYPE_IS_DH ( 1u << 7 )
-#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
- TEST_ASSERT( PSA_##flag( alg ) == !! ( ( flags ) & flag ) )
+/* Flags for lifetime classification macros. There is a flag for every
+ * lifetime classification macro PSA_KEY_LIFETIME_IS_xxx. The name of the
+ * flag is the name of the classification macro without the PSA_ prefix. */
+#define KEY_LIFETIME_IS_VOLATILE ( 1u << 0 )
+#define KEY_LIFETIME_IS_READ_ONLY ( 1u << 1 )
+
+#define TEST_CLASSIFICATION_MACRO( flag, alg, flags ) \
+ do \
+ { \
+ if( ( flags ) & ( flag ) ) \
+ TEST_ASSERT( PSA_##flag( alg ) ); \
+ else \
+ TEST_ASSERT( ! PSA_##flag( alg ) ); \
+ } \
+ while( 0 )
/* Check the parity of value.
*
@@ -665,3 +678,20 @@
TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void lifetime( int lifetime_arg, int classification_flags,
+ int persistence_arg, int location_arg )
+{
+ psa_key_lifetime_t lifetime = lifetime_arg;
+ psa_key_persistence_t persistence = persistence_arg;
+ psa_key_location_t location = location_arg;
+ unsigned flags = classification_flags;
+
+ TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_VOLATILE, lifetime, flags );
+ TEST_CLASSIFICATION_MACRO( KEY_LIFETIME_IS_READ_ONLY, lifetime, flags );
+
+ TEST_EQUAL( PSA_KEY_LIFETIME_GET_PERSISTENCE( lifetime ), persistence );
+ TEST_EQUAL( PSA_KEY_LIFETIME_GET_LOCATION( lifetime ), location );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
index dad1205..b250634 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -119,3 +119,12 @@
import/export-persistent symmetric key with restart: 16 bytes
depends_on:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PK_C:MBEDTLS_PK_PARSE_C
import_export_persistent_key:"2b7e151628aed2a6abf7158809cf4f3c":PSA_KEY_TYPE_AES:128:1:0
+
+Destroy invalid id: 0
+destroy_nonexistent:0:PSA_SUCCESS
+
+Destroy non-existent key
+destroy_nonexistent:1:PSA_ERROR_INVALID_HANDLE
+
+Destroy invalid id: 0xffffffff
+destroy_nonexistent:0xffffffff:PSA_ERROR_INVALID_HANDLE
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 9759077..bd9b9c9 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -323,3 +323,18 @@
psa_destroy_persistent_key( key_id );
}
/* END_CASE */
+
+/* BEGIN_CASE */
+void destroy_nonexistent( int id_arg, int expected_status_arg )
+{
+ mbedtls_svc_key_id_t id = mbedtls_svc_key_id_make( 1, id_arg );
+ psa_status_t expected_status = expected_status_arg;
+
+ PSA_INIT( );
+
+ TEST_EQUAL( expected_status, psa_destroy_key( id ) );
+
+exit:
+ PSA_DONE( );
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.data b/tests/suites/test_suite_psa_crypto_slot_management.data
index 0fedd14..68b196d 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.data
+++ b/tests/suites/test_suite_psa_crypto_slot_management.data
@@ -78,6 +78,27 @@
depends_on:PSA_WANT_ALG_ECDH:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
persistent_slot_lifecycle:PSA_KEY_LIFETIME_PERSISTENT:137:1:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_KEY_AGREEMENT(PSA_ALG_ECDH, PSA_ALG_HKDF(PSA_ALG_SHA_256)):PSA_ALG_ECDSA_ANY:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":INVALIDATE_BY_SHUTDOWN
+Persistent slot, check after closing, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):124:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING
+
+Persistent slot, check after closing and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):125:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_CLOSING_WITH_SHUTDOWN
+
+Persistent slot, check after destroying, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):126:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING
+
+Persistent slot, check after destroying and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):127:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_DESTROYING_WITH_SHUTDOWN
+
+Persistent slot, check after purging, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):200:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING
+
+Persistent slot, check after purging and restarting, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):201:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_PURGING_WITH_SHUTDOWN
+
+Persistent slot, check after restart with live handle, persistence=2
+persistent_slot_lifecycle:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(2, PSA_KEY_LOCATION_LOCAL_STORAGE):128:PSA_KEY_ID_USER_MIN:0:0:0:PSA_KEY_TYPE_RAW_DATA:"0123456789abcdef0123456789abcdef":INVALIDATE_BY_SHUTDOWN
+
Attempt to overwrite: close before
create_existent:PSA_KEY_LIFETIME_PERSISTENT:0x1736:1:CLOSE_BEFORE
@@ -107,13 +128,17 @@
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
open_fail:1:PSA_ERROR_DOES_NOT_EXIST
-Create failure: invalid lifetime for a persistent key
+Create failure: read-only key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:0x7fffffff:1:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_READ_ONLY, PSA_KEY_LOCATION_LOCAL_STORAGE):1:PSA_ERROR_INVALID_ARGUMENT
-Create failure: invalid lifetime for a volatile key
+Create failure: invalid location for a persistent key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
-create_fail:0x7fffff00:0:PSA_ERROR_INVALID_ARGUMENT
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 0xbad10cU):1:PSA_ERROR_INVALID_ARGUMENT
+
+Create failure: invalid location for a volatile key
+depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
+create_fail:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_VOLATILE, 0xbad10cU):0:PSA_ERROR_INVALID_ARGUMENT
Create failure: invalid key id (0) for a persistent key
depends_on:MBEDTLS_PSA_CRYPTO_STORAGE_C
diff --git a/tests/suites/test_suite_psa_crypto_storage_format.function b/tests/suites/test_suite_psa_crypto_storage_format.function
index 34d63a7..b90ef6e 100644
--- a/tests/suites/test_suite_psa_crypto_storage_format.function
+++ b/tests/suites/test_suite_psa_crypto_storage_format.function
@@ -8,6 +8,7 @@
#include <psa_crypto_its.h>
#define TEST_FLAG_EXERCISE 0x00000001
+#define TEST_FLAG_READ_ONLY 0x00000002
/** Write a key with the given attributes and key material to storage.
* Test that it has the expected representation.
@@ -115,10 +116,20 @@
psa_get_key_algorithm( expected_attributes ) ) );
}
- /* Destroy the key. Confirm through direct access to the storage. */
- PSA_ASSERT( psa_destroy_key( key_id ) );
- TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST,
- psa_its_get_info( uid, &storage_info ) );
+
+ if( flags & TEST_FLAG_READ_ONLY )
+ {
+ /* Read-only keys cannot be removed through the API.
+ * The key will be removed through ITS in the cleanup code below. */
+ TEST_EQUAL( PSA_ERROR_NOT_PERMITTED, psa_destroy_key( key_id ) );
+ }
+ else
+ {
+ /* Destroy the key. Confirm through direct access to the storage. */
+ PSA_ASSERT( psa_destroy_key( key_id ) );
+ TEST_EQUAL( PSA_ERROR_DOES_NOT_EXIST,
+ psa_its_get_info( uid, &storage_info ) );
+ }
ok = 1;
@@ -219,7 +230,6 @@
exit:
psa_reset_key_attributes( &attributes );
- psa_destroy_key( key_id );
PSA_DONE( );
}
/* END_CASE */
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index cc5a047..49301aa 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -220,22 +220,6 @@
depends_on:MBEDTLS_SHA384_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_SHA384:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"40dcc96822e5612eb33f1dca247a35109ba3845c7a3d556a60e656624bf1c103d94686ca7379e9e329ccd1b19b52bfd48b608df9f59a96a82d3feb0101096dbcb80e46da543b4c982ac6bb1717f24f9fe3f76b7154492b47525be1ddcaf4631d33481531be8f3e685837b40bdf4a02827d79f6a32374147174680f51c8e0d8eed9d5c445a563a7bce9ef4236e7cfdc12b2223ef457c3e8ccc6dd65cc23e977a1f03f5ef584feb9af00efc71a701f9d413b0290af17692cb821a1e863d5778e174b1130659f30583f434f09cb1212471a41dd65c102de64a194b6ae3e43cd75928049db78042c58e980aff3ea2774e42845bcf217410a118cf5deeaa64224dbc8":0
-RSA PKCS1 Sign #5 (MD2, 2048 bits RSA)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
-
-RSA PKCS1 Sign #5 Verify
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD2:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"6cbb0e4019d64dd5cd2d48fa43446e5cba1a7edbb79d91b199be75c7d3e7ae0820c44d3a120cd2910f73cbb315e15963a60ea7da3452015d9d6beb5ac998fddbd1fa3e5908abc9151f3ffb70365aaee6fb0cd440d3f5591868fc136fae38ac7bcdb3bde3c6a0362dd8b814f7edadd4a51b2edf2227a40d1e34c29f608add7746731425858eb93661c633b7a90942fca3cd594ab4ec170052d44105643518020782e76235def34d014135bad8daed590200482325c3416c3d66417e80d9f9c6322a54683638247b577445ecd0be2765ce96c4ee45213204026dfba24d5ee89e1ea75538ba39f7149a5ac0fc12d7c53cbc12481d4a8e2d410ec633d800ad4b4304":0
-
-RSA PKCS1 Sign #6 (MD4, 2048 bits RSA)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
-
-RSA PKCS1 Sign #6 Verify
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PKCS1_V15
-mbedtls_rsa_pkcs1_verify:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD4:2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"b0e60dc4dfaf0f636a3a4414eae2d7bce7c3ce505a46e38f3f654d8769b31b7891ba18f89672fce204bbac6e3764355e65447c087994731cd44f086710e79e8c3ebc6e2cb61edc5d3e05848ab733d95efe2d0252a691e810c17fa57fd2dd296374c9ba17fea704685677f45d668a386c8ca433fbbb56d3bbfb43a489ed9518b1c9ab13ce497a1cec91467453bfe533145a31a095c2de541255141768ccc6fdff3fc790b5050f1122c93c3044a9346947e1b23e8125bf7edbf38c64a4286dfc1b829e983db3117959a2559a8ef97687ab673e231be213d88edc632637b58cdb2d69c51fbf6bf894cff319216718b1e696f75cd4366f53dc2e28b2a00017984207":0
-
RSA PKCS1 Sign #7 (MD5, 2048 bits RSA)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PKCS1_V15
mbedtls_rsa_pkcs1_sign:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f870":MBEDTLS_RSA_PKCS_V15:MBEDTLS_MD_MD5:2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"3bcf673c3b27f6e2ece4bb97c7a37161e6c6ee7419ef366efc3cfee0f15f415ff6d9d4390937386c6fec1771acba73f24ec6b0469ea8b88083f0b4e1b6069d7bf286e67cf94182a548663137e82a6e09c35de2c27779da0503f1f5bedfebadf2a875f17763a0564df4a6d945a5a3e46bc90fb692af3a55106aafc6b577587456ff8d49cfd5c299d7a2b776dbe4c1ae777b0f64aa3bab27689af32d6cc76157c7dc6900a3469e18a7d9b6bfe4951d1105a08864575e4f4ec05b3e053f9b7a2d5653ae085e50a63380d6bdd6f58ab378d7e0a2be708c559849891317089ab04c82d8bc589ea088b90b11dea5cf85856ff7e609cc1adb1d403beead4c126ff29021":0
@@ -389,12 +373,18 @@
RSA Private (Data larger than N)
mbedtls_rsa_private:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PRIVATE_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+RSA Private (Data = 0 )
+mbedtls_rsa_private:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"e79a373182bfaa722eb035f772ad2a9464bd842de59432c18bbab3a7dfeae318c9b915ee487861ab665a40bd6cda560152578e8579016c929df99fea05b4d64efca1d543850bc8164b40d71ed7f3fa4105df0fb9b9ad2a18ce182c8a4f4f975bea9aa0b9a1438a27a28e97ac8330ef37383414d1bd64607d6979ac050424fd17":16:"c6749cbb0db8c5a177672d4728a8b22392b2fc4d3b8361d5c0d5055a1b4e46d821f757c24eef2a51c561941b93b3ace7340074c058c9bb48e7e7414f42c41da4cccb5c2ba91deb30c586b7fb18af12a52995592ad139d3be429add6547e044becedaf31fa3b39421e24ee034fbf367d11f6b8f88ee483d163b431e1654ad3e89":16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
RSA Public (Correct)
mbedtls_rsa_public:"59779fd2a39e56640c4fc1e67b60aeffcecd78aed7ad2bdfa464e93d04198d48466b8da7445f25bfa19db2844edd5c8f539cf772cc132b483169d390db28a43bc4ee0f038f6568ffc87447746cb72fefac2d6d90ee3143a915ac4688028805905a68eb8f8a96674b093c495eddd8704461eaa2b345efbb2ad6930acd8023f8700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"1f5e927c13ff231090b0f18c8c3526428ed0f4a7561457ee5afe4d22d5d9220c34ef5b9a34d0c07f7248a1f3d57f95d10f7936b3063e40660b3a7ca3e73608b013f85a6e778ac7c60d576e9d9c0c5a79ad84ceea74e4722eb3553bdb0c2d7783dac050520cb27ca73478b509873cb0dcbd1d51dd8fccb96c29ad314f36d67cc57835d92d94defa0399feb095fd41b9f0b2be10f6041079ed4290040449f8a79aba50b0a1f8cf83c9fb8772b0686ec1b29cb1814bb06f9c024857db54d395a8da9a2c6f9f53b94bec612a0cb306a3eaa9fc80992e85d9d232e37a50cabe48c9343f039601ff7d95d60025e582aec475d031888310e8ec3833b394a5cf0599101e":0
RSA Public (Data larger than N)
mbedtls_rsa_public:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"605baf947c0de49e4f6a0dfb94a43ae318d5df8ed20ba4ba5a37a73fb009c5c9e5cce8b70a25b1c7580f389f0d7092485cdfa02208b70d33482edf07a7eafebdc54862ca0e0396a5a7d09991b9753eb1ffb6091971bb5789c6b121abbcd0a3cbaa39969fa7c28146fce96c6d03272e3793e5be8f5abfa9afcbebb986d7b3050604a2af4d3a40fa6c003781a539a60259d1e84f13322da9e538a49c369b83e7286bf7d30b64bbb773506705da5d5d5483a563a1ffacc902fb75c9a751b1e83cdc7a6db0470056883f48b5a5446b43b1d180ea12ba11a6a8d93b3b32a30156b6084b7fb142998a2a0d28014b84098ece7d9d5e4d55cc342ca26f5a0167a679dec8":MBEDTLS_ERR_RSA_PUBLIC_FAILED + MBEDTLS_ERR_MPI_BAD_INPUT_DATA
+RSA Public (Data = 0)
+mbedtls_rsa_public:"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":2048:16:"b38ac65c8141f7f5c96e14470e851936a67bf94cc6821a39ac12c05f7c0b06d9e6ddba2224703b02e25f31452f9c4a8417b62675fdc6df46b94813bc7b9769a892c482b830bfe0ad42e46668ace68903617faf6681f4babf1cc8e4b0420d3c7f61dc45434c6b54e2c3ee0fc07908509d79c9826e673bf8363255adb0add2401039a7bcd1b4ecf0fbe6ec8369d2da486eec59559dd1d54c9b24190965eafbdab203b35255765261cd0909acf93c3b8b8428cbb448de4715d1b813d0c94829c229543d391ce0adab5351f97a3810c1f73d7b1458b97daed4209c50e16d064d2d5bfda8c23893d755222793146d0a78c3d64f35549141486c3b0961a7b4c1a2034f":16:"3":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000":0
+
RSA Generate Key - 128bit key
mbedtls_rsa_gen_key:128:3:0
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 1bffc76..f5f4aac 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -1,8 +1,6 @@
/* BEGIN_HEADER */
#include "mbedtls/rsa.h"
#include "rsa_alt_helpers.h"
-#include "mbedtls/md2.h"
-#include "mbedtls/md4.h"
#include "mbedtls/md5.h"
#include "mbedtls/sha1.h"
#include "mbedtls/sha256.h"
@@ -102,10 +100,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -150,8 +148,8 @@
MBEDTLS_MD_NONE ) == 0 );
memset( hash_result, 0x00, sizeof( hash_result ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
@@ -189,10 +187,10 @@
memset( output, 0x00, sizeof( output ) );
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -234,8 +232,8 @@
MBEDTLS_MD_NONE ) == 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -270,8 +268,8 @@
MBEDTLS_MD_NONE ) == 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -313,8 +311,8 @@
MBEDTLS_MD_NONE ) == 0 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -363,10 +361,10 @@
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
@@ -409,14 +407,16 @@
mbedtls_rsa_init( &ctx2 );
memset( output, 0x00, sizeof( output ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
+
+ /* Check test data consistency */
+ TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_check_pubkey( &ctx ) == 0 );
-
TEST_ASSERT( mbedtls_rsa_public( &ctx, message_str->x, output ) == result );
if( result == 0 )
{
@@ -468,17 +468,19 @@
memset( &rnd_info, 0, sizeof( mbedtls_test_rnd_pseudo_info ) );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, &P, &Q, NULL, &E ) == 0 );
+
+ /* Check test data consistency */
+ TEST_ASSERT( message_str->len == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_get_len( &ctx ) == (size_t) ( mod / 8 ) );
TEST_ASSERT( mbedtls_rsa_complete( &ctx ) == 0 );
TEST_ASSERT( mbedtls_rsa_check_privkey( &ctx ) == 0 );
-
/* repeat three times to test updating of blinding values */
for( i = 0; i < 3; i++ )
{
@@ -544,11 +546,11 @@
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
}
TEST_ASSERT( mbedtls_rsa_import( &ctx, &N, NULL, NULL, NULL, &E ) == 0 );
@@ -576,36 +578,36 @@
ctx.len = mod / 8;
if( strlen( input_P ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.P, radix_P, input_P ) == 0 );
}
if( strlen( input_Q ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.Q, radix_Q, input_Q ) == 0 );
}
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.E, radix_E, input_E ) == 0 );
}
if( strlen( input_D ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.D, radix_D, input_D ) == 0 );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( strlen( input_DP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DP, radix_DP, input_DP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DP, radix_DP, input_DP ) == 0 );
}
if( strlen( input_DQ ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.DQ, radix_DQ, input_DQ ) == 0 );
}
if( strlen( input_QP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &ctx.QP, radix_QP, input_QP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &ctx.QP, radix_QP, input_QP ) == 0 );
}
#else
((void) radix_DP); ((void) input_DP);
@@ -640,45 +642,45 @@
if( strlen( input_Npub ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &pub.N, radix_Npub, input_Npub ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &pub.N, radix_Npub, input_Npub ) == 0 );
}
if( strlen( input_Epub ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &pub.E, radix_Epub, input_Epub ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &pub.E, radix_Epub, input_Epub ) == 0 );
}
if( strlen( input_P ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.P, radix_P, input_P ) == 0 );
}
if( strlen( input_Q ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.Q, radix_Q, input_Q ) == 0 );
}
if( strlen( input_N ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.N, radix_N, input_N ) == 0 );
}
if( strlen( input_E ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.E, radix_E, input_E ) == 0 );
}
if( strlen( input_D ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.D, radix_D, input_D ) == 0 );
}
#if !defined(MBEDTLS_RSA_NO_CRT)
if( strlen( input_DP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.DP, radix_DP, input_DP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.DP, radix_DP, input_DP ) == 0 );
}
if( strlen( input_DQ ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.DQ, radix_DQ, input_DQ ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.DQ, radix_DQ, input_DQ ) == 0 );
}
if( strlen( input_QP ) )
{
- TEST_ASSERT( mbedtls_mpi_read_string( &prv.QP, radix_QP, input_QP ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &prv.QP, radix_QP, input_QP ) == 0 );
}
#else
((void) radix_DP); ((void) input_DP);
@@ -739,11 +741,11 @@
mbedtls_mpi_init( &Pp ); mbedtls_mpi_init( &Qp );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E );
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Qp, radix_P, output_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Pp, radix_Q, output_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Qp, radix_P, output_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Pp, radix_Q, output_Q ) == 0 );
if( corrupt )
TEST_ASSERT( mbedtls_mpi_add_int( &D, &D, 2 ) == 0 );
@@ -780,10 +782,10 @@
mbedtls_mpi_init( &E );
mbedtls_mpi_init( &R ); mbedtls_mpi_init( &Rp );
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
- TEST_ASSERT( mbedtls_mpi_read_string( &Dp, radix_D, output_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Dp, radix_D, output_D ) == 0 );
if( corrupt )
{
@@ -866,19 +868,19 @@
(const unsigned char *) pers, strlen( pers ) ) == 0 );
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
if( !successive )
{
@@ -1010,19 +1012,19 @@
/* Setup RSA context */
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_import( &ctx,
strlen( input_N ) ? &N : NULL,
@@ -1130,19 +1132,19 @@
strlen( pers ) ) == 0 );
if( have_N )
- TEST_ASSERT( mbedtls_mpi_read_string( &N, radix_N, input_N ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &N, radix_N, input_N ) == 0 );
if( have_P )
- TEST_ASSERT( mbedtls_mpi_read_string( &P, radix_P, input_P ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &P, radix_P, input_P ) == 0 );
if( have_Q )
- TEST_ASSERT( mbedtls_mpi_read_string( &Q, radix_Q, input_Q ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &Q, radix_Q, input_Q ) == 0 );
if( have_D )
- TEST_ASSERT( mbedtls_mpi_read_string( &D, radix_D, input_D ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &D, radix_D, input_D ) == 0 );
if( have_E )
- TEST_ASSERT( mbedtls_mpi_read_string( &E, radix_E, input_E ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &E, radix_E, input_E ) == 0 );
TEST_ASSERT( mbedtls_rsa_validate_params( have_N ? &N : NULL,
have_P ? &P : NULL,
diff --git a/tests/suites/test_suite_shax.function b/tests/suites/test_suite_shax.function
index 35fecce..95d45ba 100644
--- a/tests/suites/test_suite_shax.function
+++ b/tests/suites/test_suite_shax.function
@@ -12,7 +12,7 @@
memset(output, 0x00, 41);
- TEST_ASSERT( mbedtls_sha1_ret( src_str->x, src_str->len, output ) == 0 );
+ TEST_ASSERT( mbedtls_sha1( src_str->x, src_str->len, output ) == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 20, hash->len ) == 0 );
}
@@ -28,10 +28,10 @@
int invalid_type = 42;
TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
- mbedtls_sha256_starts_ret( &ctx, invalid_type ) );
+ mbedtls_sha256_starts( &ctx, invalid_type ) );
TEST_EQUAL( MBEDTLS_ERR_SHA256_BAD_INPUT_DATA,
- mbedtls_sha256_ret( buf, buflen,
+ mbedtls_sha256( buf, buflen,
buf, invalid_type ) );
exit:
@@ -47,7 +47,7 @@
memset(output, 0x00, 57);
- TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 1 ) == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 28, hash->len ) == 0 );
}
@@ -61,7 +61,7 @@
memset(output, 0x00, 65);
- TEST_ASSERT( mbedtls_sha256_ret( src_str->x, src_str->len, output, 0 ) == 0 );
+ TEST_ASSERT( mbedtls_sha256( src_str->x, src_str->len, output, 0 ) == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 32, hash->len ) == 0 );
}
@@ -77,10 +77,10 @@
int invalid_type = 42;
TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
- mbedtls_sha512_starts_ret( &ctx, invalid_type ) );
+ mbedtls_sha512_starts( &ctx, invalid_type ) );
TEST_EQUAL( MBEDTLS_ERR_SHA512_BAD_INPUT_DATA,
- mbedtls_sha512_ret( buf, buflen,
+ mbedtls_sha512( buf, buflen,
buf, invalid_type ) );
exit:
@@ -96,7 +96,7 @@
memset(output, 0x00, 97);
- TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 1 ) == 0 );
+ TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 1 ) == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 48, hash->len ) == 0 );
}
@@ -110,7 +110,7 @@
memset(output, 0x00, 129);
- TEST_ASSERT( mbedtls_sha512_ret( src_str->x, src_str->len, output, 0 ) == 0 );
+ TEST_ASSERT( mbedtls_sha512( src_str->x, src_str->len, output, 0 ) == 0 );
TEST_ASSERT( mbedtls_test_hexcmp( output, hash->x, 64, hash->len ) == 0 );
}
diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data
index a497076..e0a95ae 100644
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@@ -3550,326 +3550,6 @@
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.1, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, BLOWFISH-CBC, 1.0, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
Record crypt, AES-128-GCM, 1.2
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
@@ -7278,326 +6958,6 @@
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
ssl_crypt_record_small:MBEDTLS_CIPHER_CAMELLIA_256_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-384, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-256, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, SHA-1, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+4
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:4
-
-Record crypt, little space, BLOWFISH-CBC, 1.2, MD5, short tag, EtM, CID 4+0
-depends_on:MBEDTLS_SSL_DTLS_CONNECTION_ID:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_3:4:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.1, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_2:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-384, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA384_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA384:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-256, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA256_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA256:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, SHA-1, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_SHA1_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_SHA1:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:0:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:0:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
-Record crypt, little space, BLOWFISH-CBC, 1.0, MD5, short tag, EtM
-depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_BLOWFISH_C:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_MD5_C:MBEDTLS_SSL_ENCRYPT_THEN_MAC
-ssl_crypt_record_small:MBEDTLS_CIPHER_BLOWFISH_CBC:MBEDTLS_MD_MD5:1:1:MBEDTLS_SSL_MINOR_VERSION_1:0:0
-
Record crypt, little space, AES-128-GCM, 1.2
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_GCM_C
ssl_crypt_record_small:MBEDTLS_CIPHER_AES_128_GCM:MBEDTLS_MD_MD5:0:0:MBEDTLS_SSL_MINOR_VERSION_3:0:0
@@ -9278,14 +8638,6 @@
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_NONE
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_NONE:"":"":"test tls_prf label":"":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
-SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.0 enabled
-depends_on:MBEDTLS_SSL_PROTO_TLS1
-ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":0
-
-SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.1 enabled
-depends_on:MBEDTLS_SSL_PROTO_TLS1_1
-ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":0
-
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384
depends_on:MBEDTLS_SHA384_C:MBEDTLS_SSL_PROTO_TLS1_2
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":0
@@ -9294,10 +8646,6 @@
depends_on:MBEDTLS_SHA256_C:MBEDTLS_SSL_PROTO_TLS1_2
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA256:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"7f9998393198a02c8d731ccc2ef90b2c":0
-SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_TLS1 TLS 1.X not enabled
-depends_on:!MBEDTLS_SSL_PROTO_TLS1:!MBEDTLS_SSL_PROTO_TLS1_1
-ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_TLS1:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"8defca540d41d4c79d390027295bb4e6":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
-
SSL TLS_PRF MBEDTLS_SSL_TLS_PRF_SHA384 SHA-384 not enabled
depends_on:!MBEDTLS_SHA384_C
ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA384:"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef":"test tls_prf label":"a4206a36eef93f496611c2b7806625c3":MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index c555d74..d5123fa 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -800,7 +800,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char*) mbedtls_test_srv_key_rsa_der,
- mbedtls_test_srv_key_rsa_der_len, NULL, 0 );
+ mbedtls_test_srv_key_rsa_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
else
@@ -812,7 +813,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char*) mbedtls_test_srv_key_ec_der,
- mbedtls_test_srv_key_ec_der_len, NULL, 0 );
+ mbedtls_test_srv_key_ec_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
}
@@ -827,7 +829,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char *) mbedtls_test_cli_key_rsa_der,
- mbedtls_test_cli_key_rsa_der_len, NULL, 0 );
+ mbedtls_test_cli_key_rsa_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
else
@@ -839,7 +842,8 @@
ret = mbedtls_pk_parse_key( &( cert->pkey ),
(const unsigned char *) mbedtls_test_cli_key_ec_der,
- mbedtls_test_cli_key_ec_der_len, NULL, 0 );
+ mbedtls_test_cli_key_ec_der_len, NULL, 0,
+ mbedtls_test_rnd_std_rand, NULL );
TEST_ASSERT( ret == 0 );
}
}
@@ -1504,9 +1508,6 @@
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
session->mfl_code = 1;
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- session->trunc_hmac = 1;
-#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
session->encrypt_then_mac = 1;
#endif
@@ -4078,10 +4079,6 @@
TEST_ASSERT( original.mfl_code == restored.mfl_code );
#endif
-#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
- TEST_ASSERT( original.trunc_hmac == restored.trunc_hmac );
-#endif
-
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac );
#endif
diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data
index 2522da1..de89239 100644
--- a/tests/suites/test_suite_timing.data
+++ b/tests/suites/test_suite_timing.data
@@ -1,15 +1,6 @@
-Timing: hardclock
-timing_hardclock:
-
Timing: get timer
timing_get_timer:
-Timing: set alarm with no delay
-timing_set_alarm:0:
-
-Timing: set alarm with 1s delay
-timing_set_alarm:1:
-
Timing: delay 0ms
timing_delay:0:
diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function
index 74dc823..3483d85 100644
--- a/tests/suites/test_suite_timing.function
+++ b/tests/suites/test_suite_timing.function
@@ -17,15 +17,6 @@
*/
/* BEGIN_CASE */
-void timing_hardclock( )
-{
- (void) mbedtls_timing_hardclock();
- /* This goto is added to avoid warnings from the generated code. */
- goto exit;
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void timing_get_timer( )
{
struct mbedtls_timing_hr_time time;
@@ -37,23 +28,6 @@
/* END_CASE */
/* BEGIN_CASE */
-void timing_set_alarm( int seconds )
-{
- if( seconds == 0 )
- {
- mbedtls_set_alarm( seconds );
- TEST_ASSERT( mbedtls_timing_alarmed == 1 );
- }
- else
- {
- mbedtls_set_alarm( seconds );
- TEST_ASSERT( mbedtls_timing_alarmed == 0 ||
- mbedtls_timing_alarmed == 1 );
- }
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
void timing_delay( int fin_ms )
{
mbedtls_timing_delay_context ctx;
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index dc81afb..e21b450 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -22,14 +22,6 @@
depends_on:MBEDTLS_RSA_C:MBEDTLS_SHA1_C
x509_cert_info:"data_files/test-ca.crt.der":"cert. version \: 3\nserial number \: 03\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on \: 2019-02-10 14\:44\:00\nexpires on \: 2029-02-10 14\:44\:00\nsigned using \: RSA with SHA1\nRSA key size \: 2048 bits\nbasic constraints \: CA=true\n"
-X509 CRT information MD2 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD2_C
-x509_cert_info:"data_files/cert_md2.crt":"cert. version \: 3\nserial number \: 09\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD2\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
-
-X509 CRT information MD4 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD4_C
-x509_cert_info:"data_files/cert_md4.crt":"cert. version \: 3\nserial number \: 05\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
-
X509 CRT information MD5 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD5_C
x509_cert_info:"data_files/cert_md5.crt":"cert. version \: 3\nserial number \: 06\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on \: 2000-01-01 12\:12\:12\nexpires on \: 2030-01-01 12\:12\:12\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\nbasic constraints \: CA=false\n"
@@ -202,14 +194,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_expired.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-20 10\:24\:19\nnext update \: 2011-02-20 11\:24\:19\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with SHA1\n"
-X509 CRL Information MD2 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD2_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_crl_info:"data_files/crl_md2.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2009-07-19 19\:56\:37\nnext update \: 2009-09-17 19\:56\:37\nRevoked certificates\:\nserial number\: 01 revocation date\: 2009-02-09 21\:12\:36\nserial number\: 03 revocation date\: 2009-02-09 21\:12\:36\nsigned using \: RSA with MD2\n"
-
-X509 CRL Information MD4 Digest
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_crl_info:"data_files/crl_md4.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD4\n"
-
X509 CRL Information MD5 Digest
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_crl_info:"data_files/crl_md5.pem":"CRL version \: 1\nissuer name \: C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update \: 2011-02-12 14\:44\:07\nnext update \: 2011-04-13 14\:44\:07\nRevoked certificates\:\nserial number\: 01 revocation date\: 2011-02-12 14\:44\:07\nserial number\: 03 revocation date\: 2011-02-12 14\:44\:07\nsigned using \: RSA with MD5\n"
@@ -286,10 +270,6 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C
mbedtls_x509_crl_parse:"data_files/crl-idpnc.pem":0
-X509 CSR Information RSA with MD4
-depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD4_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
-mbedtls_x509_csr_info:"data_files/server1.req.md4":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD4\nRSA key size \: 2048 bits\n"
-
X509 CSR Information RSA with MD5
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD5_C:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
mbedtls_x509_csr_info:"data_files/server1.req.md5":"CSR version \: 1\nsubject name \: C=NL, O=PolarSSL, CN=PolarSSL Server 1\nsigned using \: RSA with MD5\nRSA key size \: 2048 bits\n"
@@ -527,26 +507,10 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15:MBEDTLS_SHA1_C
x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_expired.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_NOT_TRUSTED:"compat":"NULL"
-X509 CRT verification #12 (Valid Cert MD2 Digest, MD2 forbidden)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL"
-
-X509 CRT verification #12 (Valid Cert MD4 Digest, MD4 forbidden)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL"
-
X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 forbidden)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"compat":"NULL"
-X509 CRT verification #12 (Valid Cert MD2 Digest, MD2 allowed)
-depends_on:MBEDTLS_MD2_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md2.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL"
-
-X509 CRT verification #12 (Valid Cert MD4 Digest, MD4 allowed)
-depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL"
-
X509 CRT verification #13 (Valid Cert MD5 Digest, MD5 allowed)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"all":"NULL"
diff --git a/tests/suites/test_suite_x509write.data b/tests/suites/test_suite_x509write.data
index 9e2ae01..efc2fc9 100644
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@@ -18,10 +18,6 @@
depends_on:MBEDTLS_SHA512_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.sha512":MBEDTLS_MD_SHA512:0:0:0:0
-Certificate Request check Server1 MD4
-depends_on:MBEDTLS_MD4_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
-x509_csr_check:"data_files/server1.key":"data_files/server1.req.md4":MBEDTLS_MD_MD4:0:0:0:0
-
Certificate Request check Server1 MD5
depends_on:MBEDTLS_MD5_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
x509_csr_check:"data_files/server1.key":"data_files/server1.req.md5":MBEDTLS_MD_MD5:0:0:0:0
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 44f846f..261794c 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -94,7 +94,8 @@
memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
mbedtls_pk_init( &key );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, md_type );
@@ -163,7 +164,8 @@
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
mbedtls_pk_init( &key );
- TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 );
+ TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
+ mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 );
mbedtls_x509write_csr_init( &req );
@@ -225,10 +227,10 @@
mbedtls_x509write_crt_init( &crt );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file,
- subject_pwd ) == 0 );
+ subject_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file,
- issuer_pwd ) == 0 );
+ issuer_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 );
#if defined(MBEDTLS_RSA_C)
/* For RSA PK contexts, create a copy as an alternative RSA context. */
@@ -246,7 +248,7 @@
(void) rsa_alt;
#endif
- TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 );
+ TEST_ASSERT( mbedtls_test_read_mpi( &serial, 10, serial_str ) == 0 );
if( ver != -1 )
mbedtls_x509write_crt_set_version( &crt, ver );
diff --git a/tests/suites/test_suite_xtea.data b/tests/suites/test_suite_xtea.data
deleted file mode 100644
index d9d06d7..0000000
--- a/tests/suites/test_suite_xtea.data
+++ /dev/null
@@ -1,76 +0,0 @@
-XTEA Encrypt_ecb #1
-xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"497df3d072612cb5"
-
-XTEA Encrypt_ecb #2
-xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4141414141414141":"e78f2d13744341d8"
-
-XTEA Encrypt_ecb #3
-xtea_encrypt_ecb:"000102030405060708090a0b0c0d0e0f":"5a5b6e278948d77f":"4141414141414141"
-
-XTEA Encrypt_ecb #4
-xtea_encrypt_ecb:"00000000000000000000000000000000":"4142434445464748":"a0390589f8b8efa5"
-
-XTEA Encrypt_ecb #5
-xtea_encrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"ed23375a821a8c2d"
-
-XTEA Encrypt_ecb #6
-xtea_encrypt_ecb:"00000000000000000000000000000000":"70e1225d6e4e7655":"4141414141414141"
-
-XTEA Decrypt_ecb #1
-xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"497df3d072612cb5":"4142434445464748"
-
-XTEA Decrypt_ecb #2
-xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"e78f2d13744341d8":"4141414141414141"
-
-XTEA Decrypt_ecb #3
-xtea_decrypt_ecb:"000102030405060708090a0b0c0d0e0f":"4141414141414141":"5a5b6e278948d77f"
-
-XTEA Decrypt_ecb #4
-xtea_decrypt_ecb:"00000000000000000000000000000000":"a0390589f8b8efa5":"4142434445464748"
-
-XTEA Decrypt_ecb #5
-xtea_decrypt_ecb:"00000000000000000000000000000000":"ed23375a821a8c2d":"4141414141414141"
-
-XTEA Decrypt_ecb #6
-xtea_decrypt_ecb:"00000000000000000000000000000000":"4141414141414141":"70e1225d6e4e7655"
-
-XTEA Encrypt CBC #1
-xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"6b982bec15a7b558"
-
-XTEA Encrypt CBC #2
-xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"2c6aeb799561c8e973b0927f072e3801"
-
-XTEA Encrypt CBC #3
-xtea_encrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"41414141414141415fee100fe2c030025d8a557f2677cb33"
-
-XTEA Encrypt CBC #4
-xtea_encrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"5b0c065a3803900d"
-
-XTEA Encrypt CBC #5
-xtea_encrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"bdae508aa320aa5caa7cd79dbc9c38aa"
-
-XTEA Encrypt CBC #6
-xtea_encrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"61f5082a2c996f632da3ea16ff8e06558b69f069d8637b31"
-
-XTEA Decrypt CBC #1
-xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"6162636465666768":"4142434445464748":"359def46515c71b2"
-
-XTEA Decrypt CBC #2
-xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"4142434445464748":"41414141414141414141414141414141":"1b192d63cc0e90371b1a2f66c809963e"
-
-XTEA Decrypt CBC #3
-xtea_decrypt_cbc:"000102030405060708090a0b0c0d0e0f":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"2e76e5cc03543cdc40ca03358a5764c331a0631c2f0f3714"
-
-XTEA Decrypt CBC #4
-xtea_decrypt_cbc:"00000000000000000000000000000000":"6162636465666768":"4142434445464748":"81476a15138174dc"
-
-XTEA Decrypt CBC #5
-xtea_decrypt_cbc:"00000000000000000000000000000000":"4142434445464748":"41414141414141414141414141414141":"31a361192b08311d31a0631c2f0f3714"
-
-XTEA Decrypt CBC #6
-xtea_decrypt_cbc:"00000000000000000000000000000000":"0000000000000000":"5a5b6e278948d77f70e1225d6e4e7655e78f2d13744341d8":"c1e2dbbf67ee786e29e051bea18c6abc66f1de5c2daefc2a"
-
-XTEA Selftest
-depends_on:MBEDTLS_SELF_TEST
-xtea_selftest:
-
diff --git a/tests/suites/test_suite_xtea.function b/tests/suites/test_suite_xtea.function
deleted file mode 100644
index 1d5b29b..0000000
--- a/tests/suites/test_suite_xtea.function
+++ /dev/null
@@ -1,86 +0,0 @@
-/* BEGIN_HEADER */
-#include "mbedtls/xtea.h"
-/* END_HEADER */
-
-/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_XTEA_C
- * END_DEPENDENCIES
- */
-
-/* BEGIN_CASE */
-void xtea_encrypt_ecb( data_t * key_str, data_t * src_str,
- data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE */
-void xtea_decrypt_ecb( data_t * key_str, data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x, 8, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_encrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_ENCRYPT, src_str->len, iv_str->x,
- src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
- src_str->len, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_CIPHER_MODE_CBC */
-void xtea_decrypt_cbc( data_t * key_str, data_t * iv_str,
- data_t * src_str, data_t * dst )
-{
- unsigned char output[100];
- mbedtls_xtea_context ctx;
-
- memset(output, 0x00, 100);
-
-
- mbedtls_xtea_setup( &ctx, key_str->x );
- TEST_ASSERT( mbedtls_xtea_crypt_cbc( &ctx, MBEDTLS_XTEA_DECRYPT, src_str->len, iv_str->x,
- src_str->x, output ) == 0 );
-
- TEST_ASSERT( mbedtls_test_hexcmp( output, dst->x,
- src_str->len, dst->len ) == 0 );
-}
-/* END_CASE */
-
-/* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */
-void xtea_selftest( )
-{
- TEST_ASSERT( mbedtls_xtea_self_test( 1 ) == 0 );
-}
-/* END_CASE */
